[netfilter-cvslog] r4373 -
trunk/libnetfilter_conntrack/include/libnetfilter_conntrack
pablo at netfilter.org
pablo at netfilter.org
Thu Oct 20 21:10:42 CEST 2005
Author: pablo at netfilter.org
Date: 2005-10-20 21:10:40 +0200 (Thu, 20 Oct 2005)
New Revision: 4373
Modified:
trunk/libnetfilter_conntrack/include/libnetfilter_conntrack/libnetfilter_conntrack.h
Log:
Commit libnetfilter_conntrack.h, I missed it :(
Modified: trunk/libnetfilter_conntrack/include/libnetfilter_conntrack/libnetfilter_conntrack.h
===================================================================
--- trunk/libnetfilter_conntrack/include/libnetfilter_conntrack/libnetfilter_conntrack.h 2005-10-20 18:34:48 UTC (rev 4372)
+++ trunk/libnetfilter_conntrack/include/libnetfilter_conntrack/libnetfilter_conntrack.h 2005-10-20 19:10:40 UTC (rev 4373)
@@ -1,30 +1,25 @@
-/* libctnetlink.h: Header file for the Connection Tracking library.
- *
- * Jay Schulist <jschlst at samba.org>, Copyright (c) 2001.
- * (C) 2002 by Harald Welte <laforge at gnumonks.org>
+/*
* (C) 2005 by Pablo Neira Ayuso <pablo at eurodev.net>
*
* This software may be used and distributed according to the terms
* of the GNU General Public License, incorporated herein by reference.
*/
-#ifndef __LIBCTNETLINK_H
-#define __LIBCTNETLINK_H
+#ifndef _LIBNETFILTER_CONNTRACK_H_
+#define _LIBNETFILTER_CONNTRACK_H_
#include <netinet/in.h>
#include <asm/types.h>
#include <linux/if.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_conntrack.h>
-
-/* we need this for "enum ip_conntrack_status" */
+#include <libnfnetlink/libnfnetlink.h>
#include <linux/netfilter_ipv4/ip_conntrack.h>
+#include "linux_list.h"
-#include <libnfnetlink/libnfnetlink.h>
+#define LIBNETFILTER_CONNTRACK_VERSION "0.1.1"
-#define CTNL_BUFFSIZE 4096
-
-union ctnl_l4 {
+union nfct_l4 {
/* Add other protocols here. */
u_int16_t all;
struct {
@@ -42,7 +37,7 @@
} sctp;
};
-struct ctnl_tuple {
+struct nfct_tuple {
union {
u_int32_t v4;
u_int64_t v6;
@@ -54,32 +49,32 @@
} dst;
u_int8_t protonum;
- union ctnl_l4 l4src;
- union ctnl_l4 l4dst;
+ union nfct_l4 l4src;
+ union nfct_l4 l4dst;
};
-union ctnl_protoinfo {
+union nfct_protoinfo {
struct {
u_int8_t state;
} tcp;
};
-struct ctnl_counters {
+struct nfct_counters {
u_int64_t packets;
u_int64_t bytes;
};
-struct ctnl_nat {
+struct nfct_nat {
u_int32_t min_ip, max_ip;
- union ctnl_l4 l4min, l4max;
+ union nfct_l4 l4min, l4max;
};
-#define CTNL_DIR_ORIGINAL 0
-#define CTNL_DIR_REPLY 1
-#define CTNL_DIR_MAX CTNL_DIR_REPLY+1
+#define NFCT_DIR_ORIGINAL 0
+#define NFCT_DIR_REPLY 1
+#define NFCT_DIR_MAX NFCT_DIR_REPLY+1
-struct ctnl_conntrack {
- struct ctnl_tuple tuple[CTNL_DIR_MAX];
+struct nfct_conntrack {
+ struct nfct_tuple tuple[NFCT_DIR_MAX];
unsigned long timeout;
unsigned long mark;
@@ -87,45 +82,119 @@
unsigned int use;
unsigned int id;
- union ctnl_protoinfo protoinfo;
- struct ctnl_counters counters[CTNL_DIR_MAX];
- struct ctnl_nat nat;
+ union nfct_protoinfo protoinfo;
+ struct nfct_counters counters[NFCT_DIR_MAX];
+ struct nfct_nat nat;
};
-struct ctnl_msg_handler {
+struct nfct_expect {
+ struct nfct_tuple master;
+ struct nfct_tuple tuple;
+ struct nfct_tuple mask;
+ unsigned long timeout;
+ unsigned int id;
+};
+
+struct nfct_proto {
+ struct list_head head;
+
+ char *name;
+ u_int8_t protonum;
+ char *version;
+
+ void (*parse_proto)(struct nfattr **, struct nfct_tuple *);
+ void (*parse_protoinfo)(struct nfattr **, struct nfct_conntrack *);
+ int (*print_protoinfo)(char *, union nfct_protoinfo *);
+ int (*print_proto)(char *, struct nfct_tuple *);
+};
+
+enum {
+ NFCT_STATUS_BIT = 0,
+ NFCT_STATUS = (NFCT_STATUS_BIT << 1),
+
+ NFCT_PROTOINFO_BIT = 1,
+ NFCT_PROTOINFO = (NFCT_PROTOINFO_BIT << 1),
+
+ NFCT_TIMEOUT_BIT = 2,
+ NFCT_TIMEOUT = (NFCT_TIMEOUT_BIT << 1),
+
+ NFCT_MARK_BIT = 3,
+ NFCT_MARK = (NFCT_MARK_BIT << 1),
+
+ NFCT_COUNTERS_BIT = 4,
+ NFCT_COUNTERS = (NFCT_COUNTERS_BIT << 1),
+
+ NFCT_USE_BIT = 5,
+ NFCT_USE = (NFCT_USE_BIT << 1),
+
+ NFCT_ID_BIT = 6,
+ NFCT_ID = (NFCT_ID_BIT << 1)
+};
+
+typedef void (*nfct_callback)(void *arg, unsigned int flags);
+
+struct nfct_msg_handler {
int type;
int (*handler)(struct sockaddr_nl *, struct nlmsghdr *, void *arg);
};
-struct ctnl_handle {
+struct nfct_handle {
struct nfnl_handle nfnlh;
- struct ctnl_msg_handler *handler[IPCTNL_MSG_MAX];
+ nfct_callback callback;
+ struct nfct_msg_handler *handler[IPCTNL_MSG_MAX];
};
-extern int ctnl_open(struct ctnl_handle *, u_int8_t, unsigned);
-extern int ctnl_close(struct ctnl_handle *);
-extern int ctnl_unregister_handler(struct ctnl_handle *, int);
-extern int ctnl_register_handler(struct ctnl_handle *,
- struct ctnl_msg_handler *);
-extern int ctnl_new_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
-extern int ctnl_upd_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
-extern int ctnl_get_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
-extern int ctnl_del_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
-extern int ctnl_list_conntrack(struct ctnl_handle *, int);
-extern int ctnl_list_conntrack_zero_counters(struct ctnl_handle *, int);
-extern int ctnl_event_conntrack(struct ctnl_handle *, int);
-extern int ctnl_flush_conntrack(struct ctnl_handle *);
+extern void nfct_register_proto(struct nfct_proto *h);
+extern void nfct_unregister_proto(struct nfct_proto *h);
-extern int ctnl_new_expect(struct ctnl_handle *, struct ctnl_tuple *,
- struct ctnl_tuple *, struct ctnl_tuple *,
- unsigned long);
-extern int ctnl_del_expect(struct ctnl_handle *,struct ctnl_tuple *);
-extern int ctnl_get_expect(struct ctnl_handle *, struct ctnl_tuple *);
-extern int ctnl_list_expect(struct ctnl_handle *, int);
-extern int ctnl_event_expect(struct ctnl_handle *, int);
-extern int ctnl_flush_expect(struct ctnl_handle *);
+extern struct nfct_handle *nfct_open(u_int8_t, unsigned);
+extern int nfct_close(struct nfct_handle *cth);
+extern void nfct_set_callback(struct nfct_handle *cth, nfct_callback callback);
-extern int ctnl_send(struct ctnl_handle *, struct nlmsghdr *);
-extern int ctnl_wilddump_request(struct ctnl_handle *, int , int);
+/*
+ * callback displayers
+ */
+extern void nfct_default_conntrack_display(void *arg, unsigned int flags);
+extern void nfct_default_expect_display(void *arg, unsigned int flags);
-#endif /* __LIBCTNETLINK_H */
+extern int nfct_create_conntrack(struct nfct_handle *cth,
+ struct nfct_tuple *orig,
+ struct nfct_tuple *reply,
+ unsigned long timeout,
+ union nfct_protoinfo *proto,
+ unsigned int status);
+extern int nfct_create_conntrack_nat(struct nfct_handle *cth,
+ struct nfct_tuple *orig,
+ struct nfct_tuple *reply,
+ unsigned long timeout,
+ union nfct_protoinfo *proto,
+ unsigned int status,
+ struct nfct_nat *nat);
+extern int nfct_update_conntrack(struct nfct_handle *cth,
+ struct nfct_tuple *orig,
+ struct nfct_tuple *reply,
+ unsigned long timeout,
+ union nfct_protoinfo *proto,
+ unsigned int status);
+extern int nfct_delete_conntrack(struct nfct_handle *cth,struct nfct_tuple *tuple, int dir);
+extern int nfct_get_conntrack(struct nfct_handle *cth,struct nfct_tuple *tuple, int dir);
+extern int nfct_dump_conntrack_table(struct nfct_handle *cth);
+extern int nfct_dump_conntrack_table_zero(struct nfct_handle *cth);
+extern int nfct_event_conntrack(struct nfct_handle *cth);
+
+/*
+ * Expectations
+ */
+extern int nfct_dump_expect_list(struct nfct_handle *cth);
+extern int nfct_flush_conntrack_table(struct nfct_handle *cth);
+extern int nfct_get_expectation(struct nfct_handle *cth,struct nfct_tuple *tuple);
+extern int nfct_create_expectation(struct nfct_handle *cth,
+ struct nfct_tuple *master,
+ struct nfct_tuple *tuple,
+ struct nfct_tuple *mask,
+ unsigned long timeout);
+extern int nfct_delete_expectation(struct nfct_handle *cth,struct nfct_tuple *tuple);
+extern int nfct_event_expectation(struct nfct_handle *cth);
+extern int nfct_flush_expectation_table(struct nfct_handle *cth);
+
+#endif /* _LIBNETFILTER_CONNTRACK_H_ */
More information about the netfilter-cvslog
mailing list