~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/net/netfilter/nf_conntrack_synproxy.h

Version: ~ [ linux-5.12-rc5 ] ~ [ linux-5.11.11 ] ~ [ linux-5.10.27 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.109 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.184 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.228 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.264 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.264 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef _NF_CONNTRACK_SYNPROXY_H
  2 #define _NF_CONNTRACK_SYNPROXY_H
  3 
  4 #include <net/netns/generic.h>
  5 
  6 struct nf_conn_synproxy {
  7         u32     isn;
  8         u32     its;
  9         u32     tsoff;
 10 };
 11 
 12 static inline struct nf_conn_synproxy *nfct_synproxy(const struct nf_conn *ct)
 13 {
 14 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
 15         return nf_ct_ext_find(ct, NF_CT_EXT_SYNPROXY);
 16 #else
 17         return NULL;
 18 #endif
 19 }
 20 
 21 static inline struct nf_conn_synproxy *nfct_synproxy_ext_add(struct nf_conn *ct)
 22 {
 23 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
 24         return nf_ct_ext_add(ct, NF_CT_EXT_SYNPROXY, GFP_ATOMIC);
 25 #else
 26         return NULL;
 27 #endif
 28 }
 29 
 30 static inline bool nf_ct_add_synproxy(struct nf_conn *ct,
 31                                       const struct nf_conn *tmpl)
 32 {
 33         if (tmpl && nfct_synproxy(tmpl)) {
 34                 if (!nfct_seqadj_ext_add(ct))
 35                         return false;
 36 
 37                 if (!nfct_synproxy_ext_add(ct))
 38                         return false;
 39         }
 40 
 41         return true;
 42 }
 43 
 44 struct synproxy_stats {
 45         unsigned int                    syn_received;
 46         unsigned int                    cookie_invalid;
 47         unsigned int                    cookie_valid;
 48         unsigned int                    cookie_retrans;
 49         unsigned int                    conn_reopened;
 50 };
 51 
 52 struct synproxy_net {
 53         struct nf_conn                  *tmpl;
 54         struct synproxy_stats __percpu  *stats;
 55         unsigned int                    hook_ref4;
 56         unsigned int                    hook_ref6;
 57 };
 58 
 59 extern unsigned int synproxy_net_id;
 60 static inline struct synproxy_net *synproxy_pernet(struct net *net)
 61 {
 62         return net_generic(net, synproxy_net_id);
 63 }
 64 
 65 struct synproxy_options {
 66         u8                              options;
 67         u8                              wscale;
 68         u16                             mss;
 69         u32                             tsval;
 70         u32                             tsecr;
 71 };
 72 
 73 struct tcphdr;
 74 struct xt_synproxy_info;
 75 bool synproxy_parse_options(const struct sk_buff *skb, unsigned int doff,
 76                             const struct tcphdr *th,
 77                             struct synproxy_options *opts);
 78 unsigned int synproxy_options_size(const struct synproxy_options *opts);
 79 void synproxy_build_options(struct tcphdr *th,
 80                             const struct synproxy_options *opts);
 81 
 82 void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
 83                                     struct synproxy_options *opts);
 84 void synproxy_check_timestamp_cookie(struct synproxy_options *opts);
 85 
 86 unsigned int synproxy_tstamp_adjust(struct sk_buff *skb, unsigned int protoff,
 87                                     struct tcphdr *th, struct nf_conn *ct,
 88                                     enum ip_conntrack_info ctinfo,
 89                                     const struct nf_conn_synproxy *synproxy);
 90 
 91 #endif /* _NF_CONNTRACK_SYNPROXY_H */
 92 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp