1 // SPDX-License-Identifier: GPL-2.0-only 2 /* (C) 1999-2001 Paul `Rusty' Russell 3 * (C) 2002-2004 Netfilter Core Team <coreteam@netfilter.org> 4 */ 5 6 #include <linux/types.h> 7 #include <linux/jiffies.h> 8 #include <linux/timer.h> 9 #include <linux/netfilter.h> 10 #include <net/netfilter/nf_conntrack_l4proto.h> 11 #include <net/netfilter/nf_conntrack_timeout.h> 12 13 static const unsigned int nf_ct_generic_timeout = 600*HZ; 14 15 #ifdef CONFIG_NF_CONNTRACK_TIMEOUT 16 17 #include <linux/netfilter/nfnetlink.h> 18 #include <linux/netfilter/nfnetlink_cttimeout.h> 19 20 static int generic_timeout_nlattr_to_obj(struct nlattr *tb[], 21 struct net *net, void *data) 22 { 23 struct nf_generic_net *gn = nf_generic_pernet(net); 24 unsigned int *timeout = data; 25 26 if (!timeout) 27 timeout = &gn->timeout; 28 29 if (tb[CTA_TIMEOUT_GENERIC_TIMEOUT]) 30 *timeout = 31 ntohl(nla_get_be32(tb[CTA_TIMEOUT_GENERIC_TIMEOUT])) * HZ; 32 else { 33 /* Set default generic timeout. */ 34 *timeout = gn->timeout; 35 } 36 37 return 0; 38 } 39 40 static int 41 generic_timeout_obj_to_nlattr(struct sk_buff *skb, const void *data) 42 { 43 const unsigned int *timeout = data; 44 45 if (nla_put_be32(skb, CTA_TIMEOUT_GENERIC_TIMEOUT, htonl(*timeout / HZ))) 46 goto nla_put_failure; 47 48 return 0; 49 50 nla_put_failure: 51 return -ENOSPC; 52 } 53 54 static const struct nla_policy 55 generic_timeout_nla_policy[CTA_TIMEOUT_GENERIC_MAX+1] = { 56 [CTA_TIMEOUT_GENERIC_TIMEOUT] = { .type = NLA_U32 }, 57 }; 58 #endif /* CONFIG_NF_CONNTRACK_TIMEOUT */ 59 60 void nf_conntrack_generic_init_net(struct net *net) 61 { 62 struct nf_generic_net *gn = nf_generic_pernet(net); 63 64 gn->timeout = nf_ct_generic_timeout; 65 } 66 67 const struct nf_conntrack_l4proto nf_conntrack_l4proto_generic = 68 { 69 .l4proto = 255, 70 #ifdef CONFIG_NF_CONNTRACK_TIMEOUT 71 .ctnl_timeout = { 72 .nlattr_to_obj = generic_timeout_nlattr_to_obj, 73 .obj_to_nlattr = generic_timeout_obj_to_nlattr, 74 .nlattr_max = CTA_TIMEOUT_GENERIC_MAX, 75 .obj_size = sizeof(unsigned int), 76 .nla_policy = generic_timeout_nla_policy, 77 }, 78 #endif /* CONFIG_NF_CONNTRACK_TIMEOUT */ 79 }; 80