| libnetfilter_conntrack.h | libnetfilter_conntrack.h | |||
|---|---|---|---|---|
| skipping to change at line 123 | skipping to change at line 123 | |||
| ATTR_SECMARK, /* u32 bits */ | ATTR_SECMARK, /* u32 bits */ | |||
| ATTR_ORIG_NAT_SEQ_CORRECTION_POS, /* u32 bits */ | ATTR_ORIG_NAT_SEQ_CORRECTION_POS, /* u32 bits */ | |||
| ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE, /* u32 bits */ | ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE, /* u32 bits */ | |||
| ATTR_ORIG_NAT_SEQ_OFFSET_AFTER = 48, /* u32 bits */ | ATTR_ORIG_NAT_SEQ_OFFSET_AFTER = 48, /* u32 bits */ | |||
| ATTR_REPL_NAT_SEQ_CORRECTION_POS, /* u32 bits */ | ATTR_REPL_NAT_SEQ_CORRECTION_POS, /* u32 bits */ | |||
| ATTR_REPL_NAT_SEQ_OFFSET_BEFORE, /* u32 bits */ | ATTR_REPL_NAT_SEQ_OFFSET_BEFORE, /* u32 bits */ | |||
| ATTR_REPL_NAT_SEQ_OFFSET_AFTER, /* u32 bits */ | ATTR_REPL_NAT_SEQ_OFFSET_AFTER, /* u32 bits */ | |||
| ATTR_SCTP_STATE = 52, /* u8 bits */ | ATTR_SCTP_STATE = 52, /* u8 bits */ | |||
| ATTR_SCTP_VTAG_ORIG, /* u32 bits */ | ATTR_SCTP_VTAG_ORIG, /* u32 bits */ | |||
| ATTR_SCTP_VTAG_REPL, /* u32 bits */ | ATTR_SCTP_VTAG_REPL, /* u32 bits */ | |||
| ATTR_HELPER_NAME, /* string (30 bytes max) */ | ||||
| ATTR_MAX | ATTR_MAX | |||
| }; | }; | |||
| /* message type */ | /* message type */ | |||
| enum nf_conntrack_msg_type { | enum nf_conntrack_msg_type { | |||
| NFCT_T_UNKNOWN = 0, | NFCT_T_UNKNOWN = 0, | |||
| NFCT_T_NEW_BIT = 0, | NFCT_T_NEW_BIT = 0, | |||
| NFCT_T_NEW = (1 << NFCT_T_NEW_BIT), | NFCT_T_NEW = (1 << NFCT_T_NEW_BIT), | |||
| skipping to change at line 282 | skipping to change at line 283 | |||
| enum { | enum { | |||
| NFCT_CMP_ALL = 0, | NFCT_CMP_ALL = 0, | |||
| NFCT_CMP_ORIG = (1 << 0), | NFCT_CMP_ORIG = (1 << 0), | |||
| NFCT_CMP_REPL = (1 << 1), | NFCT_CMP_REPL = (1 << 1), | |||
| NFCT_CMP_TIMEOUT_EQ = (1 << 2), | NFCT_CMP_TIMEOUT_EQ = (1 << 2), | |||
| NFCT_CMP_TIMEOUT_GT = (1 << 3), | NFCT_CMP_TIMEOUT_GT = (1 << 3), | |||
| NFCT_CMP_TIMEOUT_GE = (NFCT_CMP_TIMEOUT_EQ | NFCT_CMP_TIMEOUT_GT), | NFCT_CMP_TIMEOUT_GE = (NFCT_CMP_TIMEOUT_EQ | NFCT_CMP_TIMEOUT_GT), | |||
| NFCT_CMP_TIMEOUT_LT = (1 << 4), | NFCT_CMP_TIMEOUT_LT = (1 << 4), | |||
| NFCT_CMP_TIMEOUT_LE = (NFCT_CMP_TIMEOUT_EQ | NFCT_CMP_TIMEOUT_LT), | NFCT_CMP_TIMEOUT_LE = (NFCT_CMP_TIMEOUT_EQ | NFCT_CMP_TIMEOUT_LT), | |||
| NFCT_CMP_MASK = (1 << 5), | ||||
| NFCT_CMP_STRICT = (1 << 6), | ||||
| }; | }; | |||
| extern int nfct_cmp(const struct nf_conntrack *ct1, | extern int nfct_cmp(const struct nf_conntrack *ct1, | |||
| const struct nf_conntrack *ct2, | const struct nf_conntrack *ct2, | |||
| unsigned int flags); | unsigned int flags); | |||
| /* query */ | /* query */ | |||
| enum nf_conntrack_query { | enum nf_conntrack_query { | |||
| NFCT_Q_CREATE, | NFCT_Q_CREATE, | |||
| NFCT_Q_UPDATE, | NFCT_Q_UPDATE, | |||
| skipping to change at line 326 | skipping to change at line 329 | |||
| }; | }; | |||
| extern void nfct_copy(struct nf_conntrack *dest, | extern void nfct_copy(struct nf_conntrack *dest, | |||
| const struct nf_conntrack *source, | const struct nf_conntrack *source, | |||
| unsigned int flags); | unsigned int flags); | |||
| extern void nfct_copy_attr(struct nf_conntrack *ct1, | extern void nfct_copy_attr(struct nf_conntrack *ct1, | |||
| const struct nf_conntrack *ct2, | const struct nf_conntrack *ct2, | |||
| const enum nf_conntrack_attr type); | const enum nf_conntrack_attr type); | |||
| /* filter */ | ||||
| struct nfct_filter; | ||||
| extern struct nfct_filter *nfct_filter_create(void); | ||||
| extern void nfct_filter_destroy(struct nfct_filter *filter); | ||||
| struct nfct_filter_proto { | ||||
| u_int16_t proto; | ||||
| u_int16_t state; | ||||
| }; | ||||
| struct nfct_filter_ipv4 { | ||||
| u_int32_t addr; | ||||
| u_int32_t mask; | ||||
| }; | ||||
| enum nfct_filter_attr { | ||||
| NFCT_FILTER_L4PROTO = 0, /* u_int32_t */ | ||||
| NFCT_FILTER_L4PROTO_STATE, /* struct nfct_filter_proto */ | ||||
| NFCT_FILTER_SRC_IPV4, /* struct nfct_filter_ipv4 */ | ||||
| NFCT_FILTER_DST_IPV4, /* struct nfct_filter_ipv4 */ | ||||
| NFCT_FILTER_MAX | ||||
| }; | ||||
| extern void nfct_filter_add_attr(struct nfct_filter *filter, | ||||
| const enum nfct_filter_attr attr, | ||||
| const void *value); | ||||
| extern void nfct_filter_add_attr_u32(struct nfct_filter *filter, | ||||
| const enum nfct_filter_attr attr, | ||||
| const u_int32_t value); | ||||
| enum nfct_filter_logic { | ||||
| NFCT_FILTER_LOGIC_POSITIVE, | ||||
| NFCT_FILTER_LOGIC_NEGATIVE, | ||||
| NFCT_FILTER_LOGIC_MAX | ||||
| }; | ||||
| extern int nfct_filter_set_logic(struct nfct_filter *filter, | ||||
| const enum nfct_filter_attr attr, | ||||
| const enum nfct_filter_logic logic); | ||||
| extern int nfct_filter_attach(int fd, struct nfct_filter *filter); | ||||
| extern int nfct_filter_detach(int fd); | ||||
| /* low level API: netlink functions */ | /* low level API: netlink functions */ | |||
| extern int nfct_build_conntrack(struct nfnl_subsys_handle *ssh, | extern int nfct_build_conntrack(struct nfnl_subsys_handle *ssh, | |||
| void *req, | void *req, | |||
| size_t size, | size_t size, | |||
| u_int16_t type, | u_int16_t type, | |||
| u_int16_t flags, | u_int16_t flags, | |||
| const struct nf_conntrack *ct); | const struct nf_conntrack *ct); | |||
| extern int nfct_parse_conntrack(enum nf_conntrack_msg_type msg, | extern int nfct_parse_conntrack(enum nf_conntrack_msg_type msg, | |||
| End of changes. 3 change blocks. | ||||
| 0 lines changed or deleted | 48 lines changed or added | |||