1 #ifndef _IP_CONNTRACK_CORE_H
2 #define _IP_CONNTRACK_CORE_H
3 #include <linux/netfilter.h>
5 #define MAX_IP_CT_PROTO 256
6 extern struct ip_conntrack_protocol
*ip_ct_protos
[MAX_IP_CT_PROTO
];
8 /* This header is used to share core functionality between the
9 standalone connection tracking module, and the compatibility layer's use
10 of connection tracking. */
11 extern unsigned int ip_conntrack_in(unsigned int hooknum
,
12 struct sk_buff
**pskb
,
13 const struct net_device
*in
,
14 const struct net_device
*out
,
15 int (*okfn
)(struct sk_buff
*));
17 extern int ip_conntrack_init(void);
18 extern void ip_conntrack_cleanup(void);
20 struct ip_conntrack_protocol
;
23 ip_ct_get_tuple(const struct iphdr
*iph
,
24 const struct sk_buff
*skb
,
26 struct ip_conntrack_tuple
*tuple
,
27 const struct ip_conntrack_protocol
*protocol
);
30 ip_ct_invert_tuple(struct ip_conntrack_tuple
*inverse
,
31 const struct ip_conntrack_tuple
*orig
,
32 const struct ip_conntrack_protocol
*protocol
);
34 /* Find a connection corresponding to a tuple. */
35 struct ip_conntrack_tuple_hash
*
36 ip_conntrack_find_get(const struct ip_conntrack_tuple
*tuple
,
37 const struct ip_conntrack
*ignored_conntrack
);
39 extern int __ip_conntrack_confirm(struct sk_buff
**pskb
);
41 /* Confirm a connection: returns NF_DROP if packet must be dropped. */
42 static inline int ip_conntrack_confirm(struct sk_buff
**pskb
)
44 struct ip_conntrack
*ct
= (struct ip_conntrack
*)(*pskb
)->nfct
;
48 if (!is_confirmed(ct
))
49 ret
= __ip_conntrack_confirm(pskb
);
50 ip_ct_deliver_cached_events(ct
);
55 extern void ip_ct_unlink_expect(struct ip_conntrack_expect
*exp
);
57 extern struct list_head
*ip_conntrack_hash
;
58 extern struct list_head ip_conntrack_expect_list
;
59 extern rwlock_t ip_conntrack_lock
;
60 #endif /* _IP_CONNTRACK_CORE_H */