 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
#include <stdint.h>#include "linux_list.h"#include "myct.h"#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
Data Structures | |
| struct | ctd_helper_policy |
| struct | ctd_helper |
| struct | ctd_helper_instance |
Macros | |
| #define | CTD_HELPER_NAME_LEN 16 |
| #define | CTD_HELPER_POLICY_MAX 4 |
| #define | min_t(type, x, y) |
| #define | max_t(type, x, y) |
| #define | ARRAY_SIZE MNL_ARRAY_SIZE |
| #define | CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) |
| #define | pr_debug(fmt, arg...) ({ if (0) printf(fmt, ##arg); 0; }) |
Enumerations | |
| enum | ip_conntrack_dir { IP_CT_DIR_ORIGINAL, IP_CT_DIR_REPLY, IP_CT_DIR_MAX, IP_CT_DIR_ORIGINAL, IP_CT_DIR_REPLY, IP_CT_DIR_MAX, IP_CT_DIR_ORIGINAL, IP_CT_DIR_REPLY, IP_CT_DIR_MAX } |
| enum | ip_conntrack_info { IP_CT_ESTABLISHED, IP_CT_RELATED, IP_CT_NEW, IP_CT_IS_REPLY, IP_CT_ESTABLISHED_REPLY = IP_CT_ESTABLISHED + IP_CT_IS_REPLY, IP_CT_RELATED_REPLY = IP_CT_RELATED + IP_CT_IS_REPLY, IP_CT_NEW_REPLY = IP_CT_NEW + IP_CT_IS_REPLY, IP_CT_NUMBER = IP_CT_IS_REPLY * 2 - 1, IP_CT_ESTABLISHED, IP_CT_RELATED, IP_CT_NEW, IP_CT_IS_REPLY, IP_CT_ESTABLISHED_REPLY = IP_CT_ESTABLISHED + IP_CT_IS_REPLY, IP_CT_RELATED_REPLY = IP_CT_RELATED + IP_CT_IS_REPLY, IP_CT_NEW_REPLY = IP_CT_NEW + IP_CT_IS_REPLY, IP_CT_NUMBER = IP_CT_IS_REPLY * 2 - 1, IP_CT_ESTABLISHED, IP_CT_RELATED, IP_CT_NEW, IP_CT_IS_REPLY, IP_CT_NUMBER = IP_CT_IS_REPLY * 2 - 1 } |
Functions | |
| int | cthelper_expect_init (struct nf_expect *exp, struct nf_conntrack *master, uint32_t class, union nfct_attr_grp_addr *saddr, union nfct_attr_grp_addr *daddr, uint8_t l4proto, uint16_t *sport, uint16_t *dport, uint32_t flags) |
| int | cthelper_add_expect (struct nf_expect *exp) |
| int | cthelper_del_expect (struct nf_expect *exp) |
| void | cthelper_get_addr_src (struct nf_conntrack *ct, int dir, union nfct_attr_grp_addr *addr) |
| void | cthelper_get_addr_dst (struct nf_conntrack *ct, int dir, union nfct_attr_grp_addr *addr) |
| void | cthelper_get_port_src (struct nf_conntrack *ct, int dir, uint16_t *port) |
| void | cthelper_get_port_dst (struct nf_conntrack *ct, int dir, uint16_t *port) |
| int | in4_pton (const char *src, int srclen, uint8_t *dst, int delim, const char **end) |
| int | in6_pton (const char *src, int srclen, uint8_t *dst, int delim, const char **end) |
| void | helper_register (struct ctd_helper *helper) |
| struct ctd_helper * | helper_find (const char *libdir_path, const char *name, uint8_t l4proto, int flags) |
| #define ARRAY_SIZE MNL_ARRAY_SIZE |
Referenced by _init(), icmp_to_name(), icmpv6_to_name(), id_to_icmp(), id_to_icmpv6(), name_to_icmp(), name_to_icmpv6(), nfnl_ct_status2str(), nfnl_ct_str2status(), nfnl_ct_str2tcp_state(), nfnl_ct_tcp_state2str(), nfnl_inet_hook2str(), nfnl_log_copy_mode2str(), nfnl_log_flags2str(), nfnl_log_str2copy_mode(), nfnl_log_str2flags(), nfnl_nft_cmp_op2str(), nfnl_nft_cmp_str2op(), nfnl_nft_ct_key2str(), nfnl_nft_ct_str2key(), nfnl_nft_meta_key2str(), nfnl_nft_meta_str2key(), nfnl_nft_set_flags2str(), nfnl_nft_set_str2flags(), nfnl_nft_setelem_flags2str(), nfnl_nft_setelem_str2flags(), nfnl_nft_str2verdict(), nfnl_nft_verdict2str(), nfnl_queue_copy_mode2str(), nfnl_queue_str2copy_mode(), nfnl_str2inet_hook(), nfnl_str2verdict(), nfnl_verdict2str(), nl_af2str(), nl_ether_proto2str(), nl_llproto2str(), nl_msec2str(), nl_nlfamily2str(), nl_nlmsgtype2str(), nl_ovl_strategy2str(), nl_police2str(), nl_rtntype2str(), nl_str2af(), nl_str2ether_proto(), nl_str2llproto(), nl_str2nlfamily(), nl_str2nlmsgtype(), nl_str2ovl_strategy(), nl_str2police(), nl_str2rtntype(), rtnl_addr_flags2str(), rtnl_addr_str2flags(), rtnl_link_flags2str(), rtnl_link_mode2str(), rtnl_link_operstate2str(), rtnl_link_stat2str(), rtnl_link_str2flags(), rtnl_link_str2mode(), rtnl_link_str2operstate(), rtnl_link_str2stat(), rtnl_link_vlan_flags2str(), rtnl_link_vlan_str2flags(), rtnl_neigh_flags2str(), rtnl_neigh_state2str(), rtnl_neigh_str2flag(), rtnl_neigh_str2state(), rtnl_prio2str(), rtnl_route_metric2str(), rtnl_route_nh_flags2str(), rtnl_route_nh_str2flags(), rtnl_route_str2metric(), rtnl_scope2str(), rtnl_str2prio(), rtnl_str2scope(), xtables_option_metavalidate(), xtables_option_parse(), and xtables_parse_protocol().
| #define CTD_HELPER_NAME_LEN 16 |
| #define CTD_HELPER_POLICY_MAX 4 |
| #define CTINFO2DIR | ( | ctinfo | ) | ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) |
| #define max_t | ( | type, | |
| x, | |||
| y | |||
| ) |
| #define min_t | ( | type, | |
| x, | |||
| y | |||
| ) |
| #define pr_debug | ( | fmt, | |
| arg... | |||
| ) | ({ if (0) printf(fmt, ##arg); 0; }) |
| enum ip_conntrack_dir |
| enum ip_conntrack_info |
References NFCT_Q_CREATE_UPDATE.
References NFCT_Q_DESTROY.
| int cthelper_expect_init | ( | struct nf_expect * | exp, |
| struct nf_conntrack * | master, | ||
| uint32_t | class, | ||
| union nfct_attr_grp_addr * | saddr, | ||
| union nfct_attr_grp_addr * | daddr, | ||
| uint8_t | l4proto, | ||
| uint16_t * | sport, | ||
| uint16_t * | dport, | ||
| uint32_t | flags | ||
| ) |
References ATTR_EXP_EXPECTED, ATTR_EXP_FLAGS, ATTR_EXP_MASK, ATTR_EXP_MASTER, ATTR_IPV4_DST, ATTR_IPV4_SRC, ATTR_IPV6_DST, ATTR_IPV6_SRC, ATTR_L3PROTO, ATTR_L4PROTO, ATTR_PORT_DST, ATTR_PORT_SRC, nfct_attr_grp_addr::ip, nfct_attr_grp_addr::ip6, mask, nfct_destroy(), nfct_get_attr_u8(), nfct_new(), nfct_set_attr(), nfct_set_attr_u16(), nfct_set_attr_u32(), nfct_set_attr_u8(), nfexp_set_attr(), and nfexp_set_attr_u32().
| void cthelper_get_addr_dst | ( | struct nf_conntrack * | ct, |
| int | dir, | ||
| union nfct_attr_grp_addr * | addr | ||
| ) |
References ATTR_GRP_ORIG_ADDR_DST, ATTR_GRP_REPL_ADDR_DST, MYCT_DIR_ORIG, MYCT_DIR_REPL, and nfct_get_attr_grp().
| void cthelper_get_addr_src | ( | struct nf_conntrack * | ct, |
| int | dir, | ||
| union nfct_attr_grp_addr * | addr | ||
| ) |
References ATTR_GRP_ORIG_ADDR_SRC, ATTR_GRP_REPL_ADDR_SRC, MYCT_DIR_ORIG, MYCT_DIR_REPL, and nfct_get_attr_grp().
| void cthelper_get_port_dst | ( | struct nf_conntrack * | ct, |
| int | dir, | ||
| uint16_t * | port | ||
| ) |
References ATTR_PORT_DST, ATTR_REPL_PORT_DST, MYCT_DIR_ORIG, MYCT_DIR_REPL, and nfct_get_attr_u16().
| void cthelper_get_port_src | ( | struct nf_conntrack * | ct, |
| int | dir, | ||
| uint16_t * | port | ||
| ) |
References ATTR_PORT_SRC, ATTR_REPL_PORT_SRC, MYCT_DIR_ORIG, MYCT_DIR_REPL, and nfct_get_attr_u16().
| struct ctd_helper* helper_find | ( | const char * | libdir_path, |
| const char * | name, | ||
| uint8_t | l4proto, | ||
| int | flags | ||
| ) |
References NULL.
| void helper_register | ( | struct ctd_helper * | helper | ) |
References ctd_helper::head.
Referenced by __attribute__().
| int in4_pton | ( | const char * | src, |
| int | srclen, | ||
| uint8_t * | dst, | ||
| int | delim, | ||
| const char ** | end | ||
| ) |
References IN6PTON_COLON_MASK, IN6PTON_DELIM, IN6PTON_DIGIT, IN6PTON_DOT, and s.
Referenced by in6_pton().
| int in6_pton | ( | const char * | src, |
| int | srclen, | ||
| uint8_t * | dst, | ||
| int | delim, | ||
| const char ** | end | ||
| ) |
References in4_pton(), IN6PTON_COLON_1, IN6PTON_COLON_1_2, IN6PTON_COLON_2, IN6PTON_COLON_MASK, IN6PTON_DELIM, IN6PTON_DOT, IN6PTON_NULL, IN6PTON_XDIGIT, NULL, s, and state.
1.8.8