projects / deliverable / linux.git / blame
| Commit | Line | Data |
|---|---|---|
| f9e815b3 HW |
1 | #ifndef _NFNETLINK_H |
| 2 | #define _NFNETLINK_H | |
| 3 | #include <linux/types.h> | |
| 4 | ||
| ac6d439d PM |
5 | #ifndef __KERNEL__ |
| 6 | /* nfnetlink groups: Up to 32 maximum - backwards compatibility for userspace */ | |
| f9e815b3 HW |
7 | #define NF_NETLINK_CONNTRACK_NEW 0x00000001 |
| 8 | #define NF_NETLINK_CONNTRACK_UPDATE 0x00000002 | |
| 9 | #define NF_NETLINK_CONNTRACK_DESTROY 0x00000004 | |
| 10 | #define NF_NETLINK_CONNTRACK_EXP_NEW 0x00000008 | |
| 11 | #define NF_NETLINK_CONNTRACK_EXP_UPDATE 0x00000010 | |
| 12 | #define NF_NETLINK_CONNTRACK_EXP_DESTROY 0x00000020 | |
| ac6d439d PM |
13 | #endif |
| 14 | ||
| 15 | enum nfnetlink_groups { | |
| 16 | NFNLGRP_NONE, | |
| 17 | #define NFNLGRP_NONE NFNLGRP_NONE | |
| 18 | NFNLGRP_CONNTRACK_NEW, | |
| 19 | #define NFNLGRP_CONNTRACK_NEW NFNLGRP_CONNTRACK_NEW | |
| 20 | NFNLGRP_CONNTRACK_UPDATE, | |
| 21 | #define NFNLGRP_CONNTRACK_UPDATE NFNLGRP_CONNTRACK_UPDATE | |
| 22 | NFNLGRP_CONNTRACK_DESTROY, | |
| 23 | #define NFNLGRP_CONNTRACK_DESTROY NFNLGRP_CONNTRACK_DESTROY | |
| 24 | NFNLGRP_CONNTRACK_EXP_NEW, | |
| 25 | #define NFNLGRP_CONNTRACK_EXP_NEW NFNLGRP_CONNTRACK_EXP_NEW | |
| 26 | NFNLGRP_CONNTRACK_EXP_UPDATE, | |
| 27 | #define NFNLGRP_CONNTRACK_EXP_UPDATE NFNLGRP_CONNTRACK_EXP_UPDATE | |
| 28 | NFNLGRP_CONNTRACK_EXP_DESTROY, | |
| 29 | #define NFNLGRP_CONNTRACK_EXP_DESTROY NFNLGRP_CONNTRACK_EXP_DESTROY | |
| 30 | __NFNLGRP_MAX, | |
| 31 | }; | |
| 32 | #define NFNLGRP_MAX (__NFNLGRP_MAX - 1) | |
| f9e815b3 HW |
33 | |
| 34 | /* Generic structure for encapsulation optional netfilter information. | |
| 35 | * It is reminiscent of sockaddr, but with sa_family replaced | |
| 36 | * with attribute type. | |
| 37 | * ! This should someday be put somewhere generic as now rtnetlink and | |
| 38 | * ! nfnetlink use the same attributes methods. - J. Schulist. | |
| 39 | */ | |
| 40 | ||
| 41 | struct nfattr | |
| 42 | { | |
| 43 | u_int16_t nfa_len; | |
| ebe0bbf0 HW |
44 | u_int16_t nfa_type; /* we use 15 bits for the type, and the highest |
| 45 | * bit to indicate whether the payload is nested */ | |
| f9e815b3 HW |
46 | } __attribute__ ((packed)); |
| 47 | ||
| ebe0bbf0 HW |
48 | /* FIXME: Apart from NFNL_NFA_NESTED shamelessly copy and pasted from |
| 49 | * rtnetlink.h, it's time to put this in a generic file */ | |
| 50 | ||
| 51 | #define NFNL_NFA_NEST 0x8000 | |
| 52 | #define NFA_TYPE(attr) ((attr)->nfa_type & 0x7fff) | |
| f9e815b3 HW |
53 | |
| 54 | #define NFA_ALIGNTO 4 | |
| 55 | #define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) & ~(NFA_ALIGNTO - 1)) | |
| 56 | #define NFA_OK(nfa,len) ((len) > 0 && (nfa)->nfa_len >= sizeof(struct nfattr) \ | |
| 57 | && (nfa)->nfa_len <= (len)) | |
| 58 | #define NFA_NEXT(nfa,attrlen) ((attrlen) -= NFA_ALIGN((nfa)->nfa_len), \ | |
| 59 | (struct nfattr *)(((char *)(nfa)) + NFA_ALIGN((nfa)->nfa_len))) | |
| 60 | #define NFA_LENGTH(len) (NFA_ALIGN(sizeof(struct nfattr)) + (len)) | |
| 61 | #define NFA_SPACE(len) NFA_ALIGN(NFA_LENGTH(len)) | |
| 62 | #define NFA_DATA(nfa) ((void *)(((char *)(nfa)) + NFA_LENGTH(0))) | |
| 63 | #define NFA_PAYLOAD(nfa) ((int)((nfa)->nfa_len) - NFA_LENGTH(0)) | |
| 64 | #define NFA_NEST(skb, type) \ | |
| 65 | ({ struct nfattr *__start = (struct nfattr *) (skb)->tail; \ | |
| ebe0bbf0 | 66 | NFA_PUT(skb, (NFNL_NFA_NEST | type), 0, NULL); \ |
| f9e815b3 HW |
67 | __start; }) |
| 68 | #define NFA_NEST_END(skb, start) \ | |
| 69 | ({ (start)->nfa_len = ((skb)->tail - (unsigned char *) (start)); \ | |
| 70 | (skb)->len; }) | |
| 71 | #define NFA_NEST_CANCEL(skb, start) \ | |
| 72 | ({ if (start) \ | |
| 73 | skb_trim(skb, (unsigned char *) (start) - (skb)->data); \ | |
| 74 | -1; }) | |
| 75 | ||
| 76 | /* General form of address family dependent message. | |
| 77 | */ | |
| 78 | struct nfgenmsg { | |
| 79 | u_int8_t nfgen_family; /* AF_xxx */ | |
| 80 | u_int8_t version; /* nfnetlink version */ | |
| 81 | u_int16_t res_id; /* resource id */ | |
| 82 | } __attribute__ ((packed)); | |
| 83 | ||
| 080774a2 | 84 | #define NFNETLINK_V0 0 |
| f9e815b3 HW |
85 | |
| 86 | #define NFM_NFA(n) ((struct nfattr *)(((char *)(n)) \ | |
| 87 | + NLMSG_ALIGN(sizeof(struct nfgenmsg)))) | |
| 88 | #define NFM_PAYLOAD(n) NLMSG_PAYLOAD(n, sizeof(struct nfgenmsg)) | |
| 89 | ||
| 90 | /* netfilter netlink message types are split in two pieces: | |
| 91 | * 8 bit subsystem, 8bit operation. | |
| 92 | */ | |
| 93 | ||
| 94 | #define NFNL_SUBSYS_ID(x) ((x & 0xff00) >> 8) | |
| 95 | #define NFNL_MSG_TYPE(x) (x & 0x00ff) | |
| 96 | ||
| 0ab43f84 HW |
97 | /* No enum here, otherwise __stringify() trick of MODULE_ALIAS_NFNL_SUBSYS() |
| 98 | * won't work anymore */ | |
| 99 | #define NFNL_SUBSYS_NONE 0 | |
| 100 | #define NFNL_SUBSYS_CTNETLINK 1 | |
| 101 | #define NFNL_SUBSYS_CTNETLINK_EXP 2 | |
| 102 | #define NFNL_SUBSYS_QUEUE 3 | |
| 103 | #define NFNL_SUBSYS_ULOG 4 | |
| 104 | #define NFNL_SUBSYS_COUNT 5 | |
| f9e815b3 HW |
105 | |
| 106 | #ifdef __KERNEL__ | |
| 107 | ||
| 080774a2 | 108 | #include <linux/netlink.h> |
| f9e815b3 HW |
109 | #include <linux/capability.h> |
| 110 | ||
| 111 | struct nfnl_callback | |
| 112 | { | |
| f9e815b3 HW |
113 | int (*call)(struct sock *nl, struct sk_buff *skb, |
| 114 | struct nlmsghdr *nlh, struct nfattr *cda[], int *errp); | |
| 927ccbcc | 115 | u_int16_t attr_count; /* number of nfattr's */ |
| f9e815b3 HW |
116 | }; |
| 117 | ||
| 118 | struct nfnetlink_subsystem | |
| 119 | { | |
| 120 | const char *name; | |
| 121 | __u8 subsys_id; /* nfnetlink subsystem ID */ | |
| 122 | __u8 cb_count; /* number of callbacks */ | |
| f9e815b3 HW |
123 | struct nfnl_callback *cb; /* callback for individual types */ |
| 124 | }; | |
| 125 | ||
| 126 | extern void __nfa_fill(struct sk_buff *skb, int attrtype, | |
| 127 | int attrlen, const void *data); | |
| 128 | #define NFA_PUT(skb, attrtype, attrlen, data) \ | |
| 129 | ({ if (skb_tailroom(skb) < (int)NFA_SPACE(attrlen)) goto nfattr_failure; \ | |
| 130 | __nfa_fill(skb, attrtype, attrlen, data); }) | |
| 131 | ||
| 132 | extern struct semaphore nfnl_sem; | |
| 133 | ||
| 134 | #define nfnl_shlock() down(&nfnl_sem) | |
| 135 | #define nfnl_shlock_nowait() down_trylock(&nfnl_sem) | |
| 136 | ||
| 137 | #define nfnl_shunlock() do { up(&nfnl_sem); \ | |
| 138 | if(nfnl && nfnl->sk_receive_queue.qlen) \ | |
| 139 | nfnl->sk_data_ready(nfnl, 0); \ | |
| 140 | } while(0) | |
| 141 | ||
| 142 | extern void nfnl_lock(void); | |
| 143 | extern void nfnl_unlock(void); | |
| 144 | ||
| 145 | extern int nfnetlink_subsys_register(struct nfnetlink_subsystem *n); | |
| 146 | extern int nfnetlink_subsys_unregister(struct nfnetlink_subsystem *n); | |
| 147 | ||
| a2506c04 | 148 | extern void nfattr_parse(struct nfattr *tb[], int maxattr, |
| f9e815b3 HW |
149 | struct nfattr *nfa, int len); |
| 150 | ||
| 151 | #define nfattr_parse_nested(tb, max, nfa) \ | |
| 152 | nfattr_parse((tb), (max), NFA_DATA((nfa)), NFA_PAYLOAD((nfa))) | |
| 153 | ||
| 154 | #define nfattr_bad_size(tb, max, cta_min) \ | |
| 155 | ({ int __i, __res = 0; \ | |
| c0400c4f PNA |
156 | for (__i=0; __i<max; __i++) { \ |
| 157 | if (!cta_min[__i]) \ | |
| 158 | continue; \ | |
| f9e815b3 HW |
159 | if (tb[__i] && NFA_PAYLOAD(tb[__i]) < cta_min[__i]){ \ |
| 160 | __res = 1; \ | |
| 161 | break; \ | |
| 162 | } \ | |
| c0400c4f | 163 | } \ |
| f9e815b3 HW |
164 | __res; \ |
| 165 | }) | |
| 166 | ||
| a2427692 | 167 | extern int nfnetlink_has_listeners(unsigned int group); |
| f9e815b3 HW |
168 | extern int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, |
| 169 | int echo); | |
| 170 | extern int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags); | |
| 171 | ||
| 0ab43f84 HW |
172 | #define MODULE_ALIAS_NFNL_SUBSYS(subsys) \ |
| 173 | MODULE_ALIAS("nfnetlink-subsys-" __stringify(subsys)) | |
| 174 | ||
| f9e815b3 HW |
175 | #endif /* __KERNEL__ */ |
| 176 | #endif /* _NFNETLINK_H */ |