Commit libnetfilter_conntrack.h, I missed it :(

1 files changed, 126 insertions, 57 deletions

diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 954b3e2..33f43a5 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -1,30 +1,25 @@
-/* libctnetlink.h: Header file for the Connection Tracking library.
- *
- * Jay Schulist <jschlst@samba.org>, Copyright (c) 2001.
- * (C) 2002 by Harald Welte <laforge@gnumonks.org>
+/*
  * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
  *
  * This software may be used and distributed according to the terms
  * of the GNU General Public License, incorporated herein by reference.
  */
 
-#ifndef __LIBCTNETLINK_H
-#define __LIBCTNETLINK_H
+#ifndef _LIBNETFILTER_CONNTRACK_H_
+#define _LIBNETFILTER_CONNTRACK_H_
 
 #include <netinet/in.h>
 #include <asm/types.h>
 #include <linux/if.h>
 #include <linux/netfilter/nfnetlink.h>
 #include <linux/netfilter/nfnetlink_conntrack.h> 
-
-/* we need this for "enum ip_conntrack_status" */
-#include <linux/netfilter_ipv4/ip_conntrack.h>
-
 #include <libnfnetlink/libnfnetlink.h>
+#include <linux/netfilter_ipv4/ip_conntrack.h>
+#include "linux_list.h"
 
-#define CTNL_BUFFSIZE	4096
+#define LIBNETFILTER_CONNTRACK_VERSION "0.1.1"
 
-union ctnl_l4 {
+union nfct_l4 {
 	/* Add other protocols here. */
 	u_int16_t all;
 	struct {
@@ -42,7 +37,7 @@ union ctnl_l4 {
 	} sctp;
 };
 
-struct ctnl_tuple {
+struct nfct_tuple {
 	union {
 		u_int32_t v4;
 		u_int64_t v6;
@@ -54,32 +49,32 @@ struct ctnl_tuple {
 	} dst;
 
 	u_int8_t protonum;
-	union ctnl_l4 l4src;
-	union ctnl_l4 l4dst;
+	union nfct_l4 l4src;
+	union nfct_l4 l4dst;
 };
 
-union ctnl_protoinfo {
+union nfct_protoinfo {
 	struct {
 		u_int8_t state;
 	} tcp;
 };
 
-struct ctnl_counters {
+struct nfct_counters {
 	u_int64_t packets;
 	u_int64_t bytes;
 };
 
-struct ctnl_nat {
+struct nfct_nat {
 	u_int32_t min_ip, max_ip;
-	union ctnl_l4 l4min, l4max;
+	union nfct_l4 l4min, l4max;
 };
 
-#define CTNL_DIR_ORIGINAL 0
-#define CTNL_DIR_REPLY 1
-#define CTNL_DIR_MAX CTNL_DIR_REPLY+1
+#define NFCT_DIR_ORIGINAL 0
+#define NFCT_DIR_REPLY 1
+#define NFCT_DIR_MAX NFCT_DIR_REPLY+1
 
-struct ctnl_conntrack {
-	struct ctnl_tuple tuple[CTNL_DIR_MAX];
+struct nfct_conntrack {
+	struct nfct_tuple tuple[NFCT_DIR_MAX];
 	
 	unsigned long 	timeout;
 	unsigned long	mark;
@@ -87,45 +82,119 @@ struct ctnl_conntrack {
 	unsigned int	use;
 	unsigned int	id;
 
-	union ctnl_protoinfo protoinfo;
-	struct ctnl_counters counters[CTNL_DIR_MAX];
-	struct ctnl_nat nat;
+	union nfct_protoinfo protoinfo;
+	struct nfct_counters counters[NFCT_DIR_MAX];
+	struct nfct_nat nat;
+};
+
+struct nfct_expect {
+	struct nfct_tuple master;
+	struct nfct_tuple tuple;
+	struct nfct_tuple mask;
+	unsigned long timeout;
+	unsigned int id;
+};
+
+struct nfct_proto {
+	struct list_head head;
+	
+	char 		*name;
+	u_int8_t 	protonum;
+	char		*version;
+	
+	void (*parse_proto)(struct nfattr **, struct nfct_tuple *);
+	void (*parse_protoinfo)(struct nfattr **, struct nfct_conntrack *);
+	int (*print_protoinfo)(char *, union nfct_protoinfo *);
+	int (*print_proto)(char *, struct nfct_tuple *);
+};
+
+enum {
+	NFCT_STATUS_BIT = 0,
+	NFCT_STATUS = (NFCT_STATUS_BIT << 1),
+	
+	NFCT_PROTOINFO_BIT = 1,
+	NFCT_PROTOINFO = (NFCT_PROTOINFO_BIT << 1),
+
+	NFCT_TIMEOUT_BIT = 2,
+	NFCT_TIMEOUT = (NFCT_TIMEOUT_BIT << 1),
+
+	NFCT_MARK_BIT = 3,
+	NFCT_MARK = (NFCT_MARK_BIT << 1),
+
+	NFCT_COUNTERS_BIT = 4,
+	NFCT_COUNTERS = (NFCT_COUNTERS_BIT << 1),
+
+	NFCT_USE_BIT = 5,
+	NFCT_USE = (NFCT_USE_BIT << 1),
+
+	NFCT_ID_BIT = 6,
+	NFCT_ID = (NFCT_ID_BIT << 1)
 };
 
-struct ctnl_msg_handler {
+typedef void (*nfct_callback)(void *arg, unsigned int flags);
+
+struct nfct_msg_handler {
 	int type;
 	int (*handler)(struct sockaddr_nl *, struct nlmsghdr *, void *arg);
 };
 
-struct ctnl_handle {
+struct nfct_handle {
 	struct nfnl_handle nfnlh;
-	struct ctnl_msg_handler *handler[IPCTNL_MSG_MAX];
+	nfct_callback callback;
+	struct nfct_msg_handler *handler[IPCTNL_MSG_MAX];
 };
 
-extern int ctnl_open(struct ctnl_handle *, u_int8_t, unsigned);
-extern int ctnl_close(struct ctnl_handle *);
-extern int ctnl_unregister_handler(struct ctnl_handle *, int);
-extern int ctnl_register_handler(struct ctnl_handle *, 
-				 struct ctnl_msg_handler *);
-extern int ctnl_new_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
-extern int ctnl_upd_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
-extern int ctnl_get_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
-extern int ctnl_del_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
-extern int ctnl_list_conntrack(struct ctnl_handle *, int);
-extern int ctnl_list_conntrack_zero_counters(struct ctnl_handle *, int);
-extern int ctnl_event_conntrack(struct ctnl_handle *, int);
-extern int ctnl_flush_conntrack(struct ctnl_handle *);
-
-extern int ctnl_new_expect(struct ctnl_handle *, struct ctnl_tuple *, 
-			   struct ctnl_tuple *, struct ctnl_tuple *, 
-			   unsigned long);
-extern int ctnl_del_expect(struct ctnl_handle *,struct ctnl_tuple *);
-extern int ctnl_get_expect(struct ctnl_handle *, struct ctnl_tuple *);
-extern int ctnl_list_expect(struct ctnl_handle *, int);
-extern int ctnl_event_expect(struct ctnl_handle *, int);
-extern int ctnl_flush_expect(struct ctnl_handle *);
-
-extern int ctnl_send(struct ctnl_handle *, struct nlmsghdr *);
-extern int ctnl_wilddump_request(struct ctnl_handle *, int , int);
-
-#endif	/* __LIBCTNETLINK_H */
+extern void nfct_register_proto(struct nfct_proto *h);
+extern void nfct_unregister_proto(struct nfct_proto *h);
+
+extern struct nfct_handle *nfct_open(u_int8_t, unsigned);
+extern int nfct_close(struct nfct_handle *cth);
+extern void nfct_set_callback(struct nfct_handle *cth, nfct_callback callback);
+
+/*
+ * callback displayers
+ */
+extern void nfct_default_conntrack_display(void *arg, unsigned int flags); 
+extern void nfct_default_expect_display(void *arg, unsigned int flags);
+
+extern int nfct_create_conntrack(struct nfct_handle *cth,
+				 struct nfct_tuple *orig,
+				 struct nfct_tuple *reply,
+				 unsigned long timeout,
+				 union nfct_protoinfo *proto,
+				 unsigned int status);
+extern int nfct_create_conntrack_nat(struct nfct_handle *cth,
+				     struct nfct_tuple *orig,
+				     struct nfct_tuple *reply,
+				     unsigned long timeout,
+				     union nfct_protoinfo *proto,
+				     unsigned int status,
+				     struct nfct_nat *nat);
+extern int nfct_update_conntrack(struct nfct_handle *cth,
+				 struct nfct_tuple *orig,
+				 struct nfct_tuple *reply,
+				 unsigned long timeout,
+				 union nfct_protoinfo *proto,
+				 unsigned int status);
+extern int nfct_delete_conntrack(struct nfct_handle *cth,struct nfct_tuple *tuple, int dir);
+extern int nfct_get_conntrack(struct nfct_handle *cth,struct nfct_tuple *tuple, int dir); 
+extern int nfct_dump_conntrack_table(struct nfct_handle *cth);
+extern int nfct_dump_conntrack_table_zero(struct nfct_handle *cth);
+extern int nfct_event_conntrack(struct nfct_handle *cth); 
+
+/* 
+ * Expectations
+ */
+extern int nfct_dump_expect_list(struct nfct_handle *cth);
+extern int nfct_flush_conntrack_table(struct nfct_handle *cth);
+extern int nfct_get_expectation(struct nfct_handle *cth,struct nfct_tuple *tuple);
+extern int nfct_create_expectation(struct nfct_handle *cth,
+				   struct nfct_tuple *master,
+				   struct nfct_tuple *tuple,
+				   struct nfct_tuple *mask,
+				   unsigned long timeout);
+extern int nfct_delete_expectation(struct nfct_handle *cth,struct nfct_tuple *tuple);
+extern int nfct_event_expectation(struct nfct_handle *cth);
+extern int nfct_flush_expectation_table(struct nfct_handle *cth);
+
+#endif	/* _LIBNETFILTER_CONNTRACK_H_ */