net/netns/conntrack.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 #ifndef __NETNS_CONNTRACK_H
0003 #define __NETNS_CONNTRACK_H
0004
0005 #include <linux/list.h>
0006 #include <linux/list_nulls.h>
0007 #include <linux/atomic.h>
0008 #include <linux/workqueue.h>
0009 #include <linux/netfilter/nf_conntrack_tcp.h>
0010 #ifdef CONFIG_NF_CT_PROTO_DCCP
0011 #include <linux/netfilter/nf_conntrack_dccp.h>
0012 #endif
0013 #ifdef CONFIG_NF_CT_PROTO_SCTP
0014 #include <linux/netfilter/nf_conntrack_sctp.h>
0015 #endif
0016 #include <linux/seqlock.h>
0017
0018 struct ctl_table_header;
0019 struct nf_conntrack_ecache;
0020
0021 struct nf_generic_net {
0022     unsigned int timeout;
0023 };
0024
0025 struct nf_tcp_net {
0026     unsigned int timeouts[TCP_CONNTRACK_TIMEOUT_MAX];
0027     u8 tcp_loose;
0028     u8 tcp_be_liberal;
0029     u8 tcp_max_retrans;
0030     u8 tcp_ignore_invalid_rst;
0031 #if IS_ENABLED(CONFIG_NF_FLOW_TABLE)
0032     unsigned int offload_timeout;
0033 #endif
0034 };
0035
0036 enum udp_conntrack {
0037     UDP_CT_UNREPLIED,
0038     UDP_CT_REPLIED,
0039     UDP_CT_MAX
0040 };
0041
0042 struct nf_udp_net {
0043     unsigned int timeouts[UDP_CT_MAX];
0044 #if IS_ENABLED(CONFIG_NF_FLOW_TABLE)
0045     unsigned int offload_timeout;
0046 #endif
0047 };
0048
0049 struct nf_icmp_net {
0050     unsigned int timeout;
0051 };
0052
0053 #ifdef CONFIG_NF_CT_PROTO_DCCP
0054 struct nf_dccp_net {
0055     u8 dccp_loose;
0056     unsigned int dccp_timeout[CT_DCCP_MAX + 1];
0057 };
0058 #endif
0059
0060 #ifdef CONFIG_NF_CT_PROTO_SCTP
0061 struct nf_sctp_net {
0062     unsigned int timeouts[SCTP_CONNTRACK_MAX];
0063 };
0064 #endif
0065
0066 #ifdef CONFIG_NF_CT_PROTO_GRE
0067 enum gre_conntrack {
0068     GRE_CT_UNREPLIED,
0069     GRE_CT_REPLIED,
0070     GRE_CT_MAX
0071 };
0072
0073 struct nf_gre_net {
0074     struct list_head    keymap_list;
0075     unsigned int        timeouts[GRE_CT_MAX];
0076 };
0077 #endif
0078
0079 struct nf_ip_net {
0080     struct nf_generic_net   generic;
0081     struct nf_tcp_net   tcp;
0082     struct nf_udp_net   udp;
0083     struct nf_icmp_net  icmp;
0084     struct nf_icmp_net  icmpv6;
0085 #ifdef CONFIG_NF_CT_PROTO_DCCP
0086     struct nf_dccp_net  dccp;
0087 #endif
0088 #ifdef CONFIG_NF_CT_PROTO_SCTP
0089     struct nf_sctp_net  sctp;
0090 #endif
0091 #ifdef CONFIG_NF_CT_PROTO_GRE
0092     struct nf_gre_net   gre;
0093 #endif
0094 };
0095
0096 struct netns_ct {
0097 #ifdef CONFIG_NF_CONNTRACK_EVENTS
0098     u8 ctnetlink_has_listener;
0099     bool ecache_dwork_pending;
0100 #endif
0101     u8          sysctl_log_invalid; /* Log invalid packets */
0102     u8          sysctl_events;
0103     u8          sysctl_acct;
0104     u8          sysctl_tstamp;
0105     u8          sysctl_checksum;
0106
0107     struct ip_conntrack_stat __percpu *stat;
0108     struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb;
0109     struct nf_ip_net    nf_ct_proto;
0110 #if defined(CONFIG_NF_CONNTRACK_LABELS)
0111     unsigned int        labels_used;
0112 #endif
0113 };
0114 #endif