summaryrefslogtreecommitdiffstats
path: root/include/libnetfilter_conntrack
diff options
context:
space:
mode:
Diffstat (limited to 'include/libnetfilter_conntrack')
-rw-r--r--include/libnetfilter_conntrack/Makefile.am2
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack.h23
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack_extensions.h2
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack_icmp.h22
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack_sctp.h34
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack_tcp.h34
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack_udp.h34
7 files changed, 146 insertions, 5 deletions
diff --git a/include/libnetfilter_conntrack/Makefile.am b/include/libnetfilter_conntrack/Makefile.am
index da43eec..d6e11c5 100644
--- a/include/libnetfilter_conntrack/Makefile.am
+++ b/include/libnetfilter_conntrack/Makefile.am
@@ -1,4 +1,4 @@
-pkginclude_HEADERS = libnetfilter_conntrack.h linux_nfnetlink_conntrack.h
+pkginclude_HEADERS = libnetfilter_conntrack.h linux_nfnetlink_conntrack.h libnetfilter_conntrack_tcp.h libnetfilter_conntrack_udp.h libnetfilter_conntrack_icmp.h libnetfilter_conntrack_sctp.h
noinst_HEADERS = libnetfilter_conntrack_extensions.h
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 9fbb969..a93e246 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -108,6 +108,11 @@ struct nfct_expect {
u_int32_t id;
};
+struct nfct_conntrack_compare {
+ struct nfct_conntrack *ct;
+ unsigned int flag;
+ unsigned int protoflag;
+};
enum {
NFCT_STATUS_BIT = 0,
@@ -234,10 +239,12 @@ extern void nfct_unregister_callback(struct nfct_handle *cth);
/*
* callback displayers
*/
-extern int nfct_default_conntrack_display(void *arg, unsigned int, int, void *);
-extern int nfct_default_conntrack_display_id(void *arg, unsigned int, int, void *);
-extern int nfct_default_expect_display(void *arg, unsigned int, int, void *);
-extern int nfct_default_expect_display_id(void *arg, unsigned int, int, void *);
+extern int nfct_default_conntrack_display(void *, unsigned int, int, void *);
+extern int nfct_default_conntrack_display_id(void *, unsigned int, int, void *);
+extern int nfct_default_expect_display(void *, unsigned int, int, void *);
+extern int nfct_default_expect_display_id(void *, unsigned int, int, void *);
+extern int nfct_default_conntrack_event_display(void *, unsigned int, int,
+ void *);
/*
* [Create|update|get|destroy] conntracks
@@ -282,6 +289,14 @@ extern int nfct_sprintf_mark(char *buf, struct nfct_conntrack *ct);
extern int nfct_sprintf_use(char *buf, struct nfct_conntrack *ct);
extern int nfct_sprintf_id(char *buf, u_int32_t id);
+/*
+ * Conntrack comparison
+ */
+extern int nfct_conntrack_compare(struct nfct_conntrack *ct1,
+ struct nfct_conntrack *ct2,
+ unsigned int cmp_flag,
+ unsigned int cmp_protoflag);
+
/*
* Expectations
*/
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_extensions.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_extensions.h
index 25430d7..db7828d 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack_extensions.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_extensions.h
@@ -29,6 +29,8 @@ struct nfct_proto {
void (*build_protoinfo)(struct nfnlhdr *, int, struct nfct_conntrack *);
int (*print_protoinfo)(char *, union nfct_protoinfo *);
int (*print_proto)(char *, struct nfct_tuple *);
+ int (*compare)(struct nfct_conntrack *, struct nfct_conntrack *,
+ unsigned int);
};
extern void nfct_register_proto(struct nfct_proto *h);
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_icmp.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_icmp.h
new file mode 100644
index 0000000..837621b
--- /dev/null
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_icmp.h
@@ -0,0 +1,22 @@
+/*
+ * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
+ *
+ * This software may be used and distributed according to the terms
+ * of the GNU General Public License, incorporated herein by reference.
+ */
+
+#ifndef _LIBNETFILTER_CONNTRACK_ICMP_H_
+#define _LIBNETFILTER_CONNTRACK_ICMP_H_
+
+enum icmp_flags {
+ ICMP_TYPE_BIT = 0,
+ ICMP_TYPE = (1 << ICMP_TYPE_BIT),
+
+ ICMP_CODE_BIT = 1,
+ ICMP_CODE = (1 << ICMP_CODE_BIT),
+
+ ICMP_ID_BIT = 2,
+ ICMP_ID = (1 << ICMP_ID_BIT)
+};
+
+#endif
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_sctp.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_sctp.h
new file mode 100644
index 0000000..366bc9c
--- /dev/null
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_sctp.h
@@ -0,0 +1,34 @@
+/*
+ * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
+ *
+ * This software may be used and distributed according to the terms
+ * of the GNU General Public License, incorporated herein by reference.
+ */
+
+#ifndef _LIBNETFILTER_CONNTRACK_SCTP_H_
+#define _LIBNETFILTER_CONNTRACK_SCTP_H_
+
+enum sctp_flags {
+ SCTP_ORIG_SPORT_BIT = 0,
+ SCTP_ORIG_SPORT = (1 << SCTP_ORIG_SPORT_BIT),
+
+ SCTP_ORIG_DPORT_BIT = 1,
+ SCTP_ORIG_DPORT = (1 << SCTP_ORIG_DPORT_BIT),
+
+ SCTP_REPL_SPORT_BIT = 2,
+ SCTP_REPL_SPORT = (1 << SCTP_REPL_SPORT_BIT),
+
+ SCTP_REPL_DPORT_BIT = 3,
+ SCTP_REPL_DPORT = (1 << SCTP_REPL_DPORT_BIT),
+
+ SCTP_MASK_SPORT_BIT = 4,
+ SCTP_MASK_SPORT = (1 << SCTP_MASK_SPORT_BIT),
+
+ SCTP_MASK_DPORT_BIT = 5,
+ SCTP_MASK_DPORT = (1 << SCTP_MASK_DPORT_BIT),
+
+ SCTP_STATE_BIT = 6,
+ SCTP_STATE = (1 << SCTP_STATE_BIT)
+};
+
+#endif
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_tcp.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_tcp.h
new file mode 100644
index 0000000..7231417
--- /dev/null
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_tcp.h
@@ -0,0 +1,34 @@
+/*
+ * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
+ *
+ * This software may be used and distributed according to the terms
+ * of the GNU General Public License, incorporated herein by reference.
+ */
+
+#ifndef _LIBNETFILTER_CONNTRACK_TCP_H_
+#define _LIBNETFILTER_CONNTRACK_TCP_H_
+
+enum tcp_flags {
+ TCP_ORIG_SPORT_BIT = 0,
+ TCP_ORIG_SPORT = (1 << TCP_ORIG_SPORT_BIT),
+
+ TCP_ORIG_DPORT_BIT = 1,
+ TCP_ORIG_DPORT = (1 << TCP_ORIG_DPORT_BIT),
+
+ TCP_REPL_SPORT_BIT = 2,
+ TCP_REPL_SPORT = (1 << TCP_REPL_SPORT_BIT),
+
+ TCP_REPL_DPORT_BIT = 3,
+ TCP_REPL_DPORT = (1 << TCP_REPL_DPORT_BIT),
+
+ TCP_MASK_SPORT_BIT = 4,
+ TCP_MASK_SPORT = (1 << TCP_MASK_SPORT_BIT),
+
+ TCP_MASK_DPORT_BIT = 5,
+ TCP_MASK_DPORT = (1 << TCP_MASK_DPORT_BIT),
+
+ TCP_STATE_BIT = 6,
+ TCP_STATE = (1 << TCP_STATE_BIT)
+};
+
+#endif
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_udp.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_udp.h
new file mode 100644
index 0000000..895095e
--- /dev/null
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_udp.h
@@ -0,0 +1,34 @@
+/*
+ * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
+ *
+ * This software may be used and distributed according to the terms
+ * of the GNU General Public License, incorporated herein by reference.
+ */
+
+#ifndef _LIBNETFILTER_CONNTRACK_UDP_H_
+#define _LIBNETFILTER_CONNTRACK_UDP_H_
+
+enum udp_flags {
+ UDP_ORIG_SPORT_BIT = 0,
+ UDP_ORIG_SPORT = (1 << UDP_ORIG_SPORT_BIT),
+
+ UDP_ORIG_DPORT_BIT = 1,
+ UDP_ORIG_DPORT = (1 << UDP_ORIG_DPORT_BIT),
+
+ UDP_REPL_SPORT_BIT = 2,
+ UDP_REPL_SPORT = (1 << UDP_REPL_SPORT_BIT),
+
+ UDP_REPL_DPORT_BIT = 3,
+ UDP_REPL_DPORT = (1 << UDP_REPL_DPORT_BIT),
+
+ UDP_MASK_SPORT_BIT = 4,
+ UDP_MASK_SPORT = (1 << UDP_MASK_SPORT_BIT),
+
+ UDP_MASK_DPORT_BIT = 5,
+ UDP_MASK_DPORT = (1 << UDP_MASK_DPORT_BIT),
+
+ UDP_STATE_BIT = 6,
+ UDP_STATE = (1 << UDP_STATE_BIT)
+};
+
+#endif