netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
Data Structures | Enumerations | Functions
filter.h File Reference
#include <stdint.h>
#include <string.h>
#include <netinet/in.h>
#include <hash.h>
Include dependency graph for filter.h:
This graph shows which files directly or indirectly include this file:

Data Structures

struct  ct_filter_ipv4_hnode
 
struct  ct_filter_ipv6_hnode
 
struct  ct_filter_netmask_ipv4
 
struct  ct_filter_netmask_ipv6
 

Enumerations

enum  ct_filter_type {
  CT_FILTER_L4PROTO,
  CT_FILTER_STATE,
  CT_FILTER_ADDRESS,
  CT_FILTER_MAX
}
 
enum  ct_filter_logic {
  CT_FILTER_NEGATIVE = 0,
  CT_FILTER_POSITIVE = 1
}
 

Functions

struct ct_filterct_filter_create (void)
 
void ct_filter_destroy (struct ct_filter *filter)
 
int ct_filter_add_ip (struct ct_filter *filter, void *data, uint8_t family)
 
int ct_filter_add_netmask (struct ct_filter *filter, void *data, uint8_t family)
 
void ct_filter_add_proto (struct ct_filter *filter, int protonum)
 
void ct_filter_add_state (struct ct_filter *f, int protonum, int state)
 
void ct_filter_set_logic (struct ct_filter *f, enum ct_filter_type type, enum ct_filter_logic logic)
 
int ct_filter_conntrack (const struct nf_conntrack *ct, int userspace)
 
int ct_filter_master (const struct nf_conntrack *master)
 
struct exp_filterexp_filter_create (void)
 
int exp_filter_add (struct exp_filter *f, const char *helper_name)
 
int exp_filter_find (struct exp_filter *f, const struct nf_expect *exp)
 

Enumeration Type Documentation

enum ct_filter_logic
Enumerator
CT_FILTER_NEGATIVE 
CT_FILTER_POSITIVE 
enum ct_filter_type
Enumerator
CT_FILTER_L4PROTO 
CT_FILTER_STATE 
CT_FILTER_ADDRESS 
CT_FILTER_MAX 

Function Documentation

int ct_filter_add_ip ( struct ct_filter filter,
void *  data,
uint8_t  family 
)

References ct_filter::h, ct_filter::h6, hashtable_add(), hashtable_find(), hashtable_hash(), id, ct_filter_ipv4_hnode::ip, ct_filter_ipv6_hnode::ipv6, ct_filter_ipv6_hnode::node, ct_filter_ipv4_hnode::node, and NULL.

Here is the call graph for this function:

int ct_filter_add_netmask ( struct ct_filter filter,
void *  data,
uint8_t  family 
)

References ct_filter::v, ct_filter::v6, vector_add(), and vector_iterate().

Here is the call graph for this function:

void ct_filter_add_proto ( struct ct_filter filter,
int  protonum 
)

References ct_filter::l4protomap.

void ct_filter_add_state ( struct ct_filter f,
int  protonum,
int  state 
)

References ct_filter::statemap.

int ct_filter_conntrack ( const struct nf_conntrack ct,
int  userspace 
)

References STATE.

struct ct_filter* ct_filter_create ( void  )

References CT_FILTER_MAX, FILTER_POOL_LIMIT, FILTER_POOL_SIZE, ct_filter::h, ct_filter::h6, hashtable_create(), ct_filter::logic, NULL, ct_filter::v, ct_filter::v6, and vector_create().

Here is the call graph for this function:

void ct_filter_destroy ( struct ct_filter filter)

References ct_filter::h, ct_filter::h6, hashtable_destroy(), ct_filter::v, ct_filter::v6, and vector_destroy().

Referenced by ctnl_kill().

Here is the call graph for this function:

Here is the caller graph for this function:

int ct_filter_master ( const struct nf_conntrack master)

References STATE.

void ct_filter_set_logic ( struct ct_filter f,
enum ct_filter_type  type,
enum ct_filter_logic  logic 
)

References ct_filter::logic, and type.

int exp_filter_add ( struct exp_filter f,
const char *  helper_name 
)

References exp_filter_item::head, exp_filter_item::helper_name, exp_filter::list, list_for_each_entry, NFCT_HELPER_NAME_MAX, and NULL.

struct exp_filter* exp_filter_create ( void  )

References INIT_LIST_HEAD, exp_filter::list, and NULL.

int exp_filter_find ( struct exp_filter f,
const struct nf_expect exp 
)

References ATTR_EXP_HELPER_NAME, exp_filter_item::head, exp_filter_item::helper_name, exp_filter::list, list_for_each_entry, name, nfexp_attr_is_set(), nfexp_get_attr(), and NULL.

Here is the call graph for this function: