~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/include/net/netfilter/nf_queue.h

Version: ~ [ linux-6.0-rc1 ] ~ [ linux-5.19.1 ] ~ [ linux-5.18.17 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.60 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.136 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.210 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.255 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.290 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.325 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.302 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #ifndef _NF_QUEUE_H
  2 #define _NF_QUEUE_H
  3 
  4 #include <linux/ip.h>
  5 #include <linux/ipv6.h>
  6 #include <linux/jhash.h>
  7 
  8 /* Each queued (to userspace) skbuff has one of these. */
  9 struct nf_queue_entry {
 10         struct list_head        list;
 11         struct sk_buff          *skb;
 12         unsigned int            id;
 13 
 14         struct nf_hook_ops      *elem;
 15         struct nf_hook_state    state;
 16         u16                     size; /* sizeof(entry) + saved route keys */
 17 
 18         /* extra space to store route keys */
 19 };
 20 
 21 #define nf_queue_entry_reroute(x) ((void *)x + sizeof(struct nf_queue_entry))
 22 
 23 /* Packet queuing */
 24 struct nf_queue_handler {
 25         int                     (*outfn)(struct nf_queue_entry *entry,
 26                                          unsigned int queuenum);
 27         void                    (*nf_hook_drop)(struct net *net,
 28                                                 struct nf_hook_ops *ops);
 29 };
 30 
 31 void nf_register_queue_handler(const struct nf_queue_handler *qh);
 32 void nf_unregister_queue_handler(void);
 33 void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict);
 34 
 35 void nf_queue_entry_get_refs(struct nf_queue_entry *entry);
 36 void nf_queue_entry_release_refs(struct nf_queue_entry *entry);
 37 
 38 static inline void init_hashrandom(u32 *jhash_initval)
 39 {
 40         while (*jhash_initval == 0)
 41                 *jhash_initval = prandom_u32();
 42 }
 43 
 44 static inline u32 hash_v4(const struct sk_buff *skb, u32 jhash_initval)
 45 {
 46         const struct iphdr *iph = ip_hdr(skb);
 47 
 48         /* packets in either direction go into same queue */
 49         if ((__force u32)iph->saddr < (__force u32)iph->daddr)
 50                 return jhash_3words((__force u32)iph->saddr,
 51                         (__force u32)iph->daddr, iph->protocol, jhash_initval);
 52 
 53         return jhash_3words((__force u32)iph->daddr,
 54                         (__force u32)iph->saddr, iph->protocol, jhash_initval);
 55 }
 56 
 57 #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
 58 static inline u32 hash_v6(const struct sk_buff *skb, u32 jhash_initval)
 59 {
 60         const struct ipv6hdr *ip6h = ipv6_hdr(skb);
 61         u32 a, b, c;
 62 
 63         if ((__force u32)ip6h->saddr.s6_addr32[3] <
 64             (__force u32)ip6h->daddr.s6_addr32[3]) {
 65                 a = (__force u32) ip6h->saddr.s6_addr32[3];
 66                 b = (__force u32) ip6h->daddr.s6_addr32[3];
 67         } else {
 68                 b = (__force u32) ip6h->saddr.s6_addr32[3];
 69                 a = (__force u32) ip6h->daddr.s6_addr32[3];
 70         }
 71 
 72         if ((__force u32)ip6h->saddr.s6_addr32[1] <
 73             (__force u32)ip6h->daddr.s6_addr32[1])
 74                 c = (__force u32) ip6h->saddr.s6_addr32[1];
 75         else
 76                 c = (__force u32) ip6h->daddr.s6_addr32[1];
 77 
 78         return jhash_3words(a, b, c, jhash_initval);
 79 }
 80 #endif
 81 
 82 static inline u32
 83 nfqueue_hash(const struct sk_buff *skb, u16 queue, u16 queues_total, u8 family,
 84              u32 jhash_initval)
 85 {
 86         if (family == NFPROTO_IPV4)
 87                 queue += ((u64) hash_v4(skb, jhash_initval) * queues_total) >> 32;
 88 #if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
 89         else if (family == NFPROTO_IPV6)
 90                 queue += ((u64) hash_v6(skb, jhash_initval) * queues_total) >> 32;
 91 #endif
 92 
 93         return queue;
 94 }
 95 
 96 #endif /* _NF_QUEUE_H */
 97 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp