diff options
Diffstat (limited to 'include/net/netfilter')
| -rw-r--r-- | include/net/netfilter/ipv6/nf_conntrack_ipv6.h | 2 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack.h | 12 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_ecache.h | 3 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_expect.h | 6 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_extend.h | 6 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_helper.h | 3 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_l3proto.h | 3 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_l4proto.h | 3 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_tuple.h | 12 | ||||
| -rw-r--r-- | include/net/netfilter/nf_nat.h | 15 | ||||
| -rw-r--r-- | include/net/netfilter/nf_nat_helper.h | 4 | ||||
| -rw-r--r-- | include/net/netfilter/nf_nat_protocol.h | 3 |
12 files changed, 28 insertions, 44 deletions
diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h index abc55ad..1ee717e 100644 --- a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h +++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h @@ -9,7 +9,7 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6; extern int nf_ct_frag6_init(void); extern void nf_ct_frag6_cleanup(void); -extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb); +extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb, u32 user); extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb, struct net_device *in, struct net_device *out, diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index cbdd628..a0904ad 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -255,11 +255,9 @@ static inline bool nf_ct_kill(struct nf_conn *ct) } /* These are for NAT. Icky. */ -/* Update TCP window tracking data when NAT mangles the packet */ -extern void nf_conntrack_tcp_update(const struct sk_buff *skb, - unsigned int dataoff, - struct nf_conn *ct, int dir, - s16 offset); +extern s16 (*nf_ct_nat_offset)(const struct nf_conn *ct, + enum ip_conntrack_dir dir, + u32 seq); /* Fake conntrack entry for untracked connections */ extern struct nf_conn nf_conntrack_untracked; @@ -295,11 +293,11 @@ extern unsigned int nf_conntrack_htable_size; extern unsigned int nf_conntrack_max; #define NF_CT_STAT_INC(net, count) \ - (per_cpu_ptr((net)->ct.stat, raw_smp_processor_id())->count++) + __this_cpu_inc((net)->ct.stat->count) #define NF_CT_STAT_INC_ATOMIC(net, count) \ do { \ local_bh_disable(); \ - per_cpu_ptr((net)->ct.stat, raw_smp_processor_id())->count++; \ + __this_cpu_inc((net)->ct.stat->count); \ local_bh_enable(); \ } while (0) diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h index 4f20d58..475facc 100644 --- a/include/net/netfilter/nf_conntrack_ecache.h +++ b/include/net/netfilter/nf_conntrack_ecache.h @@ -13,8 +13,7 @@ #include <net/netfilter/nf_conntrack_extend.h> /* Connection tracking event types */ -enum ip_conntrack_events -{ +enum ip_conntrack_events { IPCT_NEW = 0, /* new conntrack */ IPCT_RELATED = 1, /* related conntrack */ IPCT_DESTROY = 2, /* destroyed conntrack */ diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index a965280..9a2b9cb 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h @@ -9,8 +9,7 @@ extern unsigned int nf_ct_expect_hsize; extern unsigned int nf_ct_expect_max; -struct nf_conntrack_expect -{ +struct nf_conntrack_expect { /* Conntrack expectation list member */ struct hlist_node lnode; @@ -64,8 +63,7 @@ static inline struct net *nf_ct_exp_net(struct nf_conntrack_expect *exp) #endif } -struct nf_conntrack_expect_policy -{ +struct nf_conntrack_expect_policy { unsigned int max_expected; unsigned int timeout; }; diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h index 7f8fc5d..e192dc1 100644 --- a/include/net/netfilter/nf_conntrack_extend.h +++ b/include/net/netfilter/nf_conntrack_extend.h @@ -3,8 +3,7 @@ #include <net/netfilter/nf_conntrack.h> -enum nf_ct_ext_id -{ +enum nf_ct_ext_id { NF_CT_EXT_HELPER, NF_CT_EXT_NAT, NF_CT_EXT_ACCT, @@ -65,8 +64,7 @@ __nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp); #define NF_CT_EXT_F_PREALLOC 0x0001 -struct nf_ct_ext_type -{ +struct nf_ct_ext_type { /* Destroys relationships (can be NULL). */ void (*destroy)(struct nf_conn *ct); /* Called when realloacted (can be NULL). diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index 1b70680..d015de9 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -16,8 +16,7 @@ struct module; #define NF_CT_HELPER_NAME_LEN 16 -struct nf_conntrack_helper -{ +struct nf_conntrack_helper { struct hlist_node hnode; /* Internal use. */ const char *name; /* name of the module */ diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h index 9f99d36..a754761 100644 --- a/include/net/netfilter/nf_conntrack_l3proto.h +++ b/include/net/netfilter/nf_conntrack_l3proto.h @@ -16,8 +16,7 @@ #include <linux/seq_file.h> #include <net/netfilter/nf_conntrack.h> -struct nf_conntrack_l3proto -{ +struct nf_conntrack_l3proto { /* L3 Protocol Family number. ex) PF_INET */ u_int16_t l3proto; diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h index 3767fb4..ca6dcf3 100644 --- a/include/net/netfilter/nf_conntrack_l4proto.h +++ b/include/net/netfilter/nf_conntrack_l4proto.h @@ -15,8 +15,7 @@ struct seq_file; -struct nf_conntrack_l4proto -{ +struct nf_conntrack_l4proto { /* L3 Protocol number. */ u_int16_t l3proto; diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h index 2628c15..4ee44c8 100644 --- a/include/net/netfilter/nf_conntrack_tuple.h +++ b/include/net/netfilter/nf_conntrack_tuple.h @@ -26,8 +26,7 @@ /* The protocol-specific manipulable parts of the tuple: always in network order! */ -union nf_conntrack_man_proto -{ +union nf_conntrack_man_proto { /* Add other protocols here. */ __be16 all; @@ -52,8 +51,7 @@ union nf_conntrack_man_proto }; /* The manipulable part of the tuple. */ -struct nf_conntrack_man -{ +struct nf_conntrack_man { union nf_inet_addr u3; union nf_conntrack_man_proto u; /* Layer 3 protocol */ @@ -61,8 +59,7 @@ struct nf_conntrack_man }; /* This contains the information to distinguish a connection. */ -struct nf_conntrack_tuple -{ +struct nf_conntrack_tuple { struct nf_conntrack_man src; /* These are the parts of the tuple which are fixed. */ @@ -100,8 +97,7 @@ struct nf_conntrack_tuple } dst; }; -struct nf_conntrack_tuple_mask -{ +struct nf_conntrack_tuple_mask { struct { union nf_inet_addr u3; union nf_conntrack_man_proto u; diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h index 8df0b7f..f5f09f0 100644 --- a/include/net/netfilter/nf_nat.h +++ b/include/net/netfilter/nf_nat.h @@ -5,8 +5,7 @@ #define NF_NAT_MAPPING_TYPE_MAX_NAMELEN 16 -enum nf_nat_manip_type -{ +enum nf_nat_manip_type { IP_NAT_MANIP_SRC, IP_NAT_MANIP_DST }; @@ -30,8 +29,7 @@ struct nf_nat_seq { }; /* Single range specification. */ -struct nf_nat_range -{ +struct nf_nat_range { /* Set to OR of flags above. */ unsigned int flags; @@ -43,8 +41,7 @@ struct nf_nat_range }; /* For backwards compat: don't use in modern code. */ -struct nf_nat_multi_range_compat -{ +struct nf_nat_multi_range_compat { unsigned int rangesize; /* Must be 1. */ /* hangs off end. */ @@ -57,8 +54,7 @@ struct nf_nat_multi_range_compat #include <net/netfilter/nf_conntrack_extend.h> /* per conntrack: nat application helper private data */ -union nf_conntrack_nat_help -{ +union nf_conntrack_nat_help { /* insert nat helper private data here */ struct nf_nat_pptp nat_pptp_info; }; @@ -66,8 +62,7 @@ union nf_conntrack_nat_help struct nf_conn; /* The structure embedded in the conntrack structure. */ -struct nf_conn_nat -{ +struct nf_conn_nat { struct hlist_node bysource; struct nf_nat_seq seq[IP_CT_DIR_MAX]; struct nf_conn *ct; diff --git a/include/net/netfilter/nf_nat_helper.h b/include/net/netfilter/nf_nat_helper.h index 237a961..4222220 100644 --- a/include/net/netfilter/nf_nat_helper.h +++ b/include/net/netfilter/nf_nat_helper.h @@ -32,4 +32,8 @@ extern int (*nf_nat_seq_adjust_hook)(struct sk_buff *skb, * to port ct->master->saved_proto. */ extern void nf_nat_follow_master(struct nf_conn *ct, struct nf_conntrack_expect *this); + +extern s16 nf_nat_get_offset(const struct nf_conn *ct, + enum ip_conntrack_dir dir, + u32 seq); #endif diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h index f3662c4..c398017 100644 --- a/include/net/netfilter/nf_nat_protocol.h +++ b/include/net/netfilter/nf_nat_protocol.h @@ -6,8 +6,7 @@ struct nf_nat_range; -struct nf_nat_protocol -{ +struct nf_nat_protocol { /* Protocol number. */ unsigned int protonum; |