 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
#include "netlink.h"#include "conntrackd.h"#include "filter.h"#include "log.h"#include <string.h>#include <errno.h>#include <sys/types.h>#include <sys/socket.h>#include <sys/fcntl.h>#include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
| int nl_create_conntrack | ( | struct nfct_handle * | h, |
| const struct nf_conntrack * | orig, | ||
| int | timeout | ||
| ) |
References ATTR_STATUS, ATTR_TCP_FLAGS_ORIG, ATTR_TCP_FLAGS_REPL, ATTR_TCP_MASK_ORIG, ATTR_TCP_MASK_REPL, ATTR_TCP_STATE, ATTR_TIMEOUT, CONFIG, ct, flags, IP_CT_TCP_FLAG_BE_LIBERAL, IP_CT_TCP_FLAG_CLOSE_INIT, IP_CT_TCP_FLAG_SACK_PERM, IP_CT_TCP_FLAG_WINDOW_SCALE, IPS_EXPECTED, nfct_attr_is_set(), nfct_clone(), nfct_destroy(), nfct_get_attr_u32(), nfct_get_attr_u8(), NFCT_Q_CREATE, nfct_query(), nfct_set_attr_u32(), nfct_set_attr_u8(), nfct_setobjopt(), NFCT_SOPT_SETUP_REPLY, NULL, nf_conntrack::status, and TCP_CONNTRACK_TIME_WAIT.
| int nl_create_expect | ( | struct nfct_handle * | h, |
| const struct nf_expect * | orig, | ||
| int | timeout | ||
| ) |
References ATTR_EXP_TIMEOUT, exp, NFCT_Q_CREATE, nfexp_clone(), nfexp_destroy(), nfexp_query(), nfexp_set_attr_u32(), and NULL.
| int nl_destroy_conntrack | ( | struct nfct_handle * | h, |
| const struct nf_conntrack * | ct | ||
| ) |
| int nl_destroy_expect | ( | struct nfct_handle * | h, |
| const struct nf_expect * | exp | ||
| ) |
| int nl_dump_conntrack_table | ( | struct nfct_handle * | h | ) |
References NFCT_Q_DUMP, and nfct_query().
Referenced by ctnl_init().
| int nl_dump_expect_table | ( | struct nfct_handle * | h | ) |
References NFCT_Q_DUMP, and nfexp_query().
Referenced by ctnl_init().
| int nl_flush_conntrack_table_selective | ( | void | ) |
References CONNTRACK, dlog(), LOG_ERR, nfct_callback_register(), nfct_close(), nfct_open(), NFCT_Q_DUMP, nfct_query(), NFCT_T_ALL, and NULL.
| int nl_flush_expect_table | ( | struct nfct_handle * | h | ) |
| int nl_get_conntrack | ( | struct nfct_handle * | h, |
| const struct nf_conntrack * | ct | ||
| ) |
References nfct_copy(), NFCT_CP_ORIG, nfct_destroy(), nfct_new(), NFCT_Q_GET, nfct_query(), and NULL.
| int nl_get_expect | ( | struct nfct_handle * | h, |
| const struct nf_expect * | exp | ||
| ) |
References NFCT_Q_GET, nfexp_clone(), nfexp_destroy(), nfexp_query(), and NULL.
| struct nfct_handle* nl_init_event_handler | ( | void | ) |
References CONFIG, dlog(), LOG_ERR, LOG_NOTICE, NETLINK_BROADCAST_SEND_ERROR, NETLINK_NO_ENOBUFS, nfct_fd(), nfct_filter_attach(), nfct_filter_destroy(), nfct_nfnlh(), nfct_open(), nfnl_rcvbufsiz(), NULL, SOL_NETLINK, and STATE.
Referenced by ctnl_init().
| struct nlif_handle* nl_init_interface_handler | ( | void | ) |
References nlif_fd(), nlif_open(), nlif_query(), and NULL.
| void nl_resize_socket_buffer | ( | struct nfct_handle * | h | ) |
References CONFIG, dlog(), LOG_NOTICE, LOG_WARNING, nfct_nfnlh(), nfnl_rcvbufsiz(), and s.
| int nl_send_expect_resync | ( | struct nfct_handle * | h | ) |
| int nl_send_resync | ( | struct nfct_handle * | h | ) |
| int nl_update_conntrack | ( | struct nfct_handle * | h, |
| const struct nf_conntrack * | orig, | ||
| int | timeout | ||
| ) |
References ATTR_DNAT_IPV4, ATTR_DNAT_PORT, ATTR_HELPER_NAME, ATTR_MASTER_IPV4_DST, ATTR_MASTER_IPV4_SRC, ATTR_MASTER_IPV6_DST, ATTR_MASTER_IPV6_SRC, ATTR_MASTER_L3PROTO, ATTR_MASTER_L4PROTO, ATTR_MASTER_PORT_DST, ATTR_MASTER_PORT_SRC, ATTR_SNAT_IPV4, ATTR_SNAT_PORT, ATTR_STATUS, ATTR_TCP_FLAGS_ORIG, ATTR_TCP_FLAGS_REPL, ATTR_TCP_MASK_ORIG, ATTR_TCP_MASK_REPL, ATTR_TCP_STATE, ATTR_TIMEOUT, CONFIG, ct, flags, IP_CT_TCP_FLAG_BE_LIBERAL, IP_CT_TCP_FLAG_CLOSE_INIT, IP_CT_TCP_FLAG_SACK_PERM, IP_CT_TCP_FLAG_WINDOW_SCALE, IPS_NAT_MASK, nfct_attr_is_set(), nfct_attr_unset(), nfct_clone(), nfct_destroy(), nfct_get_attr_u32(), nfct_get_attr_u8(), NFCT_Q_UPDATE, nfct_query(), nfct_set_attr_u32(), nfct_set_attr_u8(), NULL, nf_conntrack::status, and TCP_CONNTRACK_TIME_WAIT.
1.8.8 
