NF_INET_NUMHOOKS
};
+union nf_inet_addr {
+ u_int32_t all[4];
+ __be32 ip;
+ __be32 ip6[4];
+};
+
#ifdef __KERNEL__
#ifdef CONFIG_NETFILTER
extern int get_h225_addr(struct nf_conn *ct, unsigned char *data,
TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 *port);
+ union nf_inet_addr *addr, __be16 *port);
extern void nf_conntrack_h245_expect(struct nf_conn *new,
struct nf_conntrack_expect *this);
extern void nf_conntrack_q931_expect(struct nf_conn *new,
extern int (*set_h245_addr_hook) (struct sk_buff *skb,
unsigned char **data, int dataoff,
H245_TransportAddress *taddr,
- union nf_conntrack_address *addr,
+ union nf_inet_addr *addr,
__be16 port);
extern int (*set_h225_addr_hook) (struct sk_buff *skb,
unsigned char **data, int dataoff,
TransportAddress *taddr,
- union nf_conntrack_address *addr,
+ union nf_inet_addr *addr,
__be16 port);
extern int (*set_sig_addr_hook) (struct sk_buff *skb,
struct nf_conn *ct,
nf_ct_expect_related. You will have to call put afterwards. */
struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me);
void nf_ct_expect_init(struct nf_conntrack_expect *, int,
- union nf_conntrack_address *,
- union nf_conntrack_address *,
+ union nf_inet_addr *,
+ union nf_inet_addr *,
u_int8_t, __be16 *, __be16 *);
void nf_ct_expect_put(struct nf_conntrack_expect *exp);
int nf_ct_expect_related(struct nf_conntrack_expect *expect);
#ifndef _NF_CONNTRACK_TUPLE_H
#define _NF_CONNTRACK_TUPLE_H
+#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/nf_conntrack_tuple_common.h>
/* A `tuple' is a structure containing the information to uniquely
"non-manipulatable" lines, for the benefit of the NAT code.
*/
-#define NF_CT_TUPLE_L3SIZE 4
-
-/* The l3 protocol-specific manipulable parts of the tuple: always in
- network order! */
-union nf_conntrack_address {
- u_int32_t all[NF_CT_TUPLE_L3SIZE];
- __be32 ip;
- __be32 ip6[4];
-};
+#define NF_CT_TUPLE_L3SIZE ARRAY_SIZE(((union nf_inet_addr *)NULL)->all)
/* The protocol-specific manipulable parts of the tuple: always in
network order! */
/* The manipulable part of the tuple. */
struct nf_conntrack_man
{
- union nf_conntrack_address u3;
+ union nf_inet_addr u3;
union nf_conntrack_man_proto u;
/* Layer 3 protocol */
u_int16_t l3num;
/* These are the parts of the tuple which are fixed. */
struct {
- union nf_conntrack_address u3;
+ union nf_inet_addr u3;
union {
/* Add other protocols here. */
__be16 all;
struct nf_conntrack_tuple_mask
{
struct {
- union nf_conntrack_address u3;
+ union nf_inet_addr u3;
union nf_conntrack_man_proto u;
} src;
};
static int set_h225_addr(struct sk_buff *skb,
unsigned char **data, int dataoff,
TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 port)
+ union nf_inet_addr *addr, __be16 port)
{
return set_addr(skb, data, dataoff, taddr->ipAddress.ip,
addr->ip, port);
static int set_h245_addr(struct sk_buff *skb,
unsigned char **data, int dataoff,
H245_TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 port)
+ union nf_inet_addr *addr, __be16 port)
{
return set_addr(skb, data, dataoff,
taddr->unicastAddress.iPAddress.network,
int dir = CTINFO2DIR(ctinfo);
int i;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
for (i = 0; i < count; i++) {
if (get_h225_addr(ct, *data, &taddr[i], &addr, &port)) {
int dir = CTINFO2DIR(ctinfo);
int i;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
for (i = 0; i < count; i++) {
if (get_h225_addr(ct, *data, &taddr[i], &addr, &port) &&
struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
int dir = CTINFO2DIR(ctinfo);
u_int16_t nated_port = ntohs(port);
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
/* Set expectations for NAT */
exp->saved_proto.tcp.port = exp->tuple.dst.u.tcp.port;
EXPORT_SYMBOL_GPL(nf_ct_expect_alloc);
void nf_ct_expect_init(struct nf_conntrack_expect *exp, int family,
- union nf_conntrack_address *saddr,
- union nf_conntrack_address *daddr,
+ union nf_inet_addr *saddr,
+ union nf_inet_addr *daddr,
u_int8_t proto, __be16 *src, __be16 *dst)
{
int len;
unsigned int matchlen, matchoff;
struct nf_ct_ftp_master *ct_ftp_info = &nfct_help(ct)->help.ct_ftp_info;
struct nf_conntrack_expect *exp;
- union nf_conntrack_address *daddr;
+ union nf_inet_addr *daddr;
struct nf_conntrack_man cmd = {};
unsigned int i;
int found = 0, ends_in_nl;
int (*set_h245_addr_hook) (struct sk_buff *skb,
unsigned char **data, int dataoff,
H245_TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 port)
+ union nf_inet_addr *addr, __be16 port)
__read_mostly;
int (*set_h225_addr_hook) (struct sk_buff *skb,
unsigned char **data, int dataoff,
TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 port)
+ union nf_inet_addr *addr, __be16 port)
__read_mostly;
int (*set_sig_addr_hook) (struct sk_buff *skb,
struct nf_conn *ct,
/****************************************************************************/
static int get_h245_addr(struct nf_conn *ct, unsigned char *data,
H245_TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 *port)
+ union nf_inet_addr *addr, __be16 *port)
{
unsigned char *p;
int family = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
int ret = 0;
__be16 port;
__be16 rtp_port, rtcp_port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *rtp_exp;
struct nf_conntrack_expect *rtcp_exp;
typeof(nat_rtp_rtcp_hook) nat_rtp_rtcp;
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
typeof(nat_t120_hook) nat_t120;
/****************************************************************************/
int get_h225_addr(struct nf_conn *ct, unsigned char *data,
TransportAddress *taddr,
- union nf_conntrack_address *addr, __be16 *port)
+ union nf_inet_addr *addr, __be16 *port)
{
unsigned char *p;
int family = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
typeof(nat_h245_hook) nat_h245;
/* If the calling party is on the same side of the forward-to party,
* we don't need to track the second call */
-static int callforward_do_filter(union nf_conntrack_address *src,
- union nf_conntrack_address *dst,
+static int callforward_do_filter(union nf_inet_addr *src,
+ union nf_inet_addr *dst,
int family)
{
const struct nf_afinfo *afinfo;
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
typeof(nat_callforwarding_hook) nat_callforwarding;
int ret;
int i;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
typeof(set_h225_addr_hook) set_h225_addr;
pr_debug("nf_ct_q931: Setup\n");
/****************************************************************************/
static struct nf_conntrack_expect *find_expect(struct nf_conn *ct,
- union nf_conntrack_address *addr,
+ union nf_inet_addr *addr,
__be16 port)
{
struct nf_conntrack_expect *exp;
int ret = 0;
int i;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
typeof(nat_q931_hook) nat_q931;
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
pr_debug("nf_ct_ras: GCF\n");
struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
int dir = CTINFO2DIR(ctinfo);
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
typeof(set_h225_addr_hook) set_h225_addr;
pr_debug("nf_ct_ras: ARQ\n");
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
typeof(set_sig_addr_hook) set_sig_addr;
int dir = CTINFO2DIR(ctinfo);
int ret = 0;
__be16 port;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
struct nf_conntrack_expect *exp;
pr_debug("nf_ct_ras: LCF\n");
}
static int parse_addr(struct nf_conn *ct, const char *cp, const char **endp,
- union nf_conntrack_address *addr, const char *limit)
+ union nf_inet_addr *addr, const char *limit)
{
const char *end;
int family = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
static int epaddr_len(struct nf_conn *ct, const char *dptr,
const char *limit, int *shift)
{
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
const char *aux = dptr;
if (!parse_addr(ct, dptr, &dptr, &addr, limit)) {
static int set_expected_rtp(struct sk_buff *skb,
struct nf_conn *ct,
enum ip_conntrack_info ctinfo,
- union nf_conntrack_address *addr,
+ union nf_inet_addr *addr,
__be16 port,
const char *dptr)
{
enum ip_conntrack_info ctinfo)
{
int family = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
- union nf_conntrack_address addr;
+ union nf_inet_addr addr;
unsigned int dataoff, datalen;
const char *dptr;
int ret = NF_ACCEPT;
}
static inline unsigned int
-connlimit_iphash6(const union nf_conntrack_address *addr,
- const union nf_conntrack_address *mask)
+connlimit_iphash6(const union nf_inet_addr *addr,
+ const union nf_inet_addr *mask)
{
- union nf_conntrack_address res;
+ union nf_inet_addr res;
unsigned int i;
if (unlikely(!connlimit_rnd_inited)) {
}
static inline unsigned int
-same_source_net(const union nf_conntrack_address *addr,
- const union nf_conntrack_address *mask,
- const union nf_conntrack_address *u3, unsigned int family)
+same_source_net(const union nf_inet_addr *addr,
+ const union nf_inet_addr *mask,
+ const union nf_inet_addr *u3, unsigned int family)
{
if (family == AF_INET) {
return (addr->ip & mask->ip) == (u3->ip & mask->ip);
} else {
- union nf_conntrack_address lh, rh;
+ union nf_inet_addr lh, rh;
unsigned int i;
for (i = 0; i < ARRAY_SIZE(addr->ip6); ++i) {
static int count_them(struct xt_connlimit_data *data,
const struct nf_conntrack_tuple *tuple,
- const union nf_conntrack_address *addr,
- const union nf_conntrack_address *mask,
+ const union nf_inet_addr *addr,
+ const union nf_inet_addr *mask,
const struct xt_match *match)
{
struct nf_conntrack_tuple_hash *found;
bool *hotdrop)
{
const struct xt_connlimit_info *info = matchinfo;
- union nf_conntrack_address addr, mask;
+ union nf_inet_addr addr, mask;
struct nf_conntrack_tuple tuple;
const struct nf_conntrack_tuple *tuple_ptr = &tuple;
enum ip_conntrack_info ctinfo;
projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff