mirror of
https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
synced 2024-10-20 18:39:12 +00:00
926b50f92a
This new "version 3" PPTP conntrack/nat helper is finally ready for mainline inclusion. Special thanks to lots of last-minute bugfixing by Patric McHardy. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
152 lines
3.6 KiB
C
152 lines
3.6 KiB
C
#ifndef _IP_CONNTRACK_TUPLE_H
|
|
#define _IP_CONNTRACK_TUPLE_H
|
|
|
|
/* A `tuple' is a structure containing the information to uniquely
|
|
identify a connection. ie. if two packets have the same tuple, they
|
|
are in the same connection; if not, they are not.
|
|
|
|
We divide the structure along "manipulatable" and
|
|
"non-manipulatable" lines, for the benefit of the NAT code.
|
|
*/
|
|
|
|
/* The protocol-specific manipulable parts of the tuple: always in
|
|
network order! */
|
|
union ip_conntrack_manip_proto
|
|
{
|
|
/* Add other protocols here. */
|
|
u_int16_t all;
|
|
|
|
struct {
|
|
u_int16_t port;
|
|
} tcp;
|
|
struct {
|
|
u_int16_t port;
|
|
} udp;
|
|
struct {
|
|
u_int16_t id;
|
|
} icmp;
|
|
struct {
|
|
u_int16_t port;
|
|
} sctp;
|
|
struct {
|
|
u_int16_t key; /* key is 32bit, pptp only uses 16 */
|
|
} gre;
|
|
};
|
|
|
|
/* The manipulable part of the tuple. */
|
|
struct ip_conntrack_manip
|
|
{
|
|
u_int32_t ip;
|
|
union ip_conntrack_manip_proto u;
|
|
};
|
|
|
|
/* This contains the information to distinguish a connection. */
|
|
struct ip_conntrack_tuple
|
|
{
|
|
struct ip_conntrack_manip src;
|
|
|
|
/* These are the parts of the tuple which are fixed. */
|
|
struct {
|
|
u_int32_t ip;
|
|
union {
|
|
/* Add other protocols here. */
|
|
u_int16_t all;
|
|
|
|
struct {
|
|
u_int16_t port;
|
|
} tcp;
|
|
struct {
|
|
u_int16_t port;
|
|
} udp;
|
|
struct {
|
|
u_int8_t type, code;
|
|
} icmp;
|
|
struct {
|
|
u_int16_t port;
|
|
} sctp;
|
|
struct {
|
|
u_int16_t key; /* key is 32bit,
|
|
* pptp only uses 16 */
|
|
} gre;
|
|
} u;
|
|
|
|
/* The protocol. */
|
|
u_int8_t protonum;
|
|
|
|
/* The direction (for tuplehash) */
|
|
u_int8_t dir;
|
|
} dst;
|
|
};
|
|
|
|
/* This is optimized opposed to a memset of the whole structure. Everything we
|
|
* really care about is the source/destination unions */
|
|
#define IP_CT_TUPLE_U_BLANK(tuple) \
|
|
do { \
|
|
(tuple)->src.u.all = 0; \
|
|
(tuple)->dst.u.all = 0; \
|
|
} while (0)
|
|
|
|
enum ip_conntrack_dir
|
|
{
|
|
IP_CT_DIR_ORIGINAL,
|
|
IP_CT_DIR_REPLY,
|
|
IP_CT_DIR_MAX
|
|
};
|
|
|
|
#ifdef __KERNEL__
|
|
|
|
#define DUMP_TUPLE(tp) \
|
|
DEBUGP("tuple %p: %u %u.%u.%u.%u:%hu -> %u.%u.%u.%u:%hu\n", \
|
|
(tp), (tp)->dst.protonum, \
|
|
NIPQUAD((tp)->src.ip), ntohs((tp)->src.u.all), \
|
|
NIPQUAD((tp)->dst.ip), ntohs((tp)->dst.u.all))
|
|
|
|
#define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL)
|
|
|
|
/* If we're the first tuple, it's the original dir. */
|
|
#define DIRECTION(h) ((enum ip_conntrack_dir)(h)->tuple.dst.dir)
|
|
|
|
/* Connections have two entries in the hash table: one for each way */
|
|
struct ip_conntrack_tuple_hash
|
|
{
|
|
struct list_head list;
|
|
|
|
struct ip_conntrack_tuple tuple;
|
|
};
|
|
|
|
#endif /* __KERNEL__ */
|
|
|
|
static inline int ip_ct_tuple_src_equal(const struct ip_conntrack_tuple *t1,
|
|
const struct ip_conntrack_tuple *t2)
|
|
{
|
|
return t1->src.ip == t2->src.ip
|
|
&& t1->src.u.all == t2->src.u.all;
|
|
}
|
|
|
|
static inline int ip_ct_tuple_dst_equal(const struct ip_conntrack_tuple *t1,
|
|
const struct ip_conntrack_tuple *t2)
|
|
{
|
|
return t1->dst.ip == t2->dst.ip
|
|
&& t1->dst.u.all == t2->dst.u.all
|
|
&& t1->dst.protonum == t2->dst.protonum;
|
|
}
|
|
|
|
static inline int ip_ct_tuple_equal(const struct ip_conntrack_tuple *t1,
|
|
const struct ip_conntrack_tuple *t2)
|
|
{
|
|
return ip_ct_tuple_src_equal(t1, t2) && ip_ct_tuple_dst_equal(t1, t2);
|
|
}
|
|
|
|
static inline int ip_ct_tuple_mask_cmp(const struct ip_conntrack_tuple *t,
|
|
const struct ip_conntrack_tuple *tuple,
|
|
const struct ip_conntrack_tuple *mask)
|
|
{
|
|
return !(((t->src.ip ^ tuple->src.ip) & mask->src.ip)
|
|
|| ((t->dst.ip ^ tuple->dst.ip) & mask->dst.ip)
|
|
|| ((t->src.u.all ^ tuple->src.u.all) & mask->src.u.all)
|
|
|| ((t->dst.u.all ^ tuple->dst.u.all) & mask->dst.u.all)
|
|
|| ((t->dst.protonum ^ tuple->dst.protonum)
|
|
& mask->dst.protonum));
|
|
}
|
|
|
|
#endif /* _IP_CONNTRACK_TUPLE_H */
|