~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/net/netfilter/nf_conntrack_synproxy.h

Version: ~ [ linux-5.17-rc1 ] ~ [ linux-5.16.2 ] ~ [ linux-5.15.16 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.93 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.173 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.225 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.262 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.297 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.299 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* SPDX-License-Identifier: GPL-2.0 */
  2 #ifndef _NF_CONNTRACK_SYNPROXY_H
  3 #define _NF_CONNTRACK_SYNPROXY_H
  4 
  5 #include <net/netns/generic.h>
  6 
  7 struct nf_conn_synproxy {
  8         u32     isn;
  9         u32     its;
 10         u32     tsoff;
 11 };
 12 
 13 static inline struct nf_conn_synproxy *nfct_synproxy(const struct nf_conn *ct)
 14 {
 15 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
 16         return nf_ct_ext_find(ct, NF_CT_EXT_SYNPROXY);
 17 #else
 18         return NULL;
 19 #endif
 20 }
 21 
 22 static inline struct nf_conn_synproxy *nfct_synproxy_ext_add(struct nf_conn *ct)
 23 {
 24 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
 25         return nf_ct_ext_add(ct, NF_CT_EXT_SYNPROXY, GFP_ATOMIC);
 26 #else
 27         return NULL;
 28 #endif
 29 }
 30 
 31 static inline bool nf_ct_add_synproxy(struct nf_conn *ct,
 32                                       const struct nf_conn *tmpl)
 33 {
 34         if (tmpl && nfct_synproxy(tmpl)) {
 35                 if (!nfct_seqadj_ext_add(ct))
 36                         return false;
 37 
 38                 if (!nfct_synproxy_ext_add(ct))
 39                         return false;
 40         }
 41 
 42         return true;
 43 }
 44 
 45 struct synproxy_stats {
 46         unsigned int                    syn_received;
 47         unsigned int                    cookie_invalid;
 48         unsigned int                    cookie_valid;
 49         unsigned int                    cookie_retrans;
 50         unsigned int                    conn_reopened;
 51 };
 52 
 53 struct synproxy_net {
 54         struct nf_conn                  *tmpl;
 55         struct synproxy_stats __percpu  *stats;
 56         unsigned int                    hook_ref4;
 57         unsigned int                    hook_ref6;
 58 };
 59 
 60 extern unsigned int synproxy_net_id;
 61 static inline struct synproxy_net *synproxy_pernet(struct net *net)
 62 {
 63         return net_generic(net, synproxy_net_id);
 64 }
 65 
 66 struct synproxy_options {
 67         u8                              options;
 68         u8                              wscale;
 69         u16                             mss;
 70         u32                             tsval;
 71         u32                             tsecr;
 72 };
 73 
 74 struct tcphdr;
 75 struct xt_synproxy_info;
 76 bool synproxy_parse_options(const struct sk_buff *skb, unsigned int doff,
 77                             const struct tcphdr *th,
 78                             struct synproxy_options *opts);
 79 unsigned int synproxy_options_size(const struct synproxy_options *opts);
 80 void synproxy_build_options(struct tcphdr *th,
 81                             const struct synproxy_options *opts);
 82 
 83 void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
 84                                     struct synproxy_options *opts);
 85 void synproxy_check_timestamp_cookie(struct synproxy_options *opts);
 86 
 87 unsigned int synproxy_tstamp_adjust(struct sk_buff *skb, unsigned int protoff,
 88                                     struct tcphdr *th, struct nf_conn *ct,
 89                                     enum ip_conntrack_info ctinfo,
 90                                     const struct nf_conn_synproxy *synproxy);
 91 
 92 #endif /* _NF_CONNTRACK_SYNPROXY_H */
 93 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp