diff options
Diffstat (limited to 'include')
5 files changed, 92 insertions, 5 deletions
diff --git a/include/libnetfilter_conntrack/Makefile.am b/include/libnetfilter_conntrack/Makefile.am index d6e11c5..1630695 100644 --- a/include/libnetfilter_conntrack/Makefile.am +++ b/include/libnetfilter_conntrack/Makefile.am @@ -1,4 +1,4 @@ -pkginclude_HEADERS = libnetfilter_conntrack.h linux_nfnetlink_conntrack.h libnetfilter_conntrack_tcp.h libnetfilter_conntrack_udp.h libnetfilter_conntrack_icmp.h libnetfilter_conntrack_sctp.h +pkginclude_HEADERS = libnetfilter_conntrack.h linux_nfnetlink_conntrack.h libnetfilter_conntrack_tcp.h libnetfilter_conntrack_udp.h libnetfilter_conntrack_icmp.h libnetfilter_conntrack_sctp.h libnetfilter_conntrack_ipv4.h libnetfilter_conntrack_ipv6.h noinst_HEADERS = libnetfilter_conntrack_extensions.h diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 4b751a2..46ba5da 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -109,8 +109,9 @@ struct nfct_expect { struct nfct_conntrack_compare { struct nfct_conntrack *ct; - unsigned int flag; - unsigned int protoflag; + unsigned int flags; + unsigned int l3flags; + unsigned int l4flags; }; enum { @@ -294,8 +295,7 @@ extern int nfct_sprintf_id(char *buf, u_int32_t id); */ extern int nfct_conntrack_compare(struct nfct_conntrack *ct1, struct nfct_conntrack *ct2, - unsigned int cmp_flag, - unsigned int cmp_protoflag); + struct nfct_conntrack_compare *cmp); /* * Expectations diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv4.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv4.h new file mode 100644 index 0000000..d15a7e3 --- /dev/null +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv4.h @@ -0,0 +1,29 @@ +/* + * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net> + * + * This software may be used and distributed according to the terms + * of the GNU General Public License, incorporated herein by reference. + */ + +#ifndef _LIBNETFILTER_CONNTRACK_IPV4_H_ +#define _LIBNETFILTER_CONNTRACK_IPV4_H_ + +enum ipv4_flags { + IPV4_ORIG_SRC_BIT = 0, + IPV4_ORIG_SRC = (1 << IPV4_ORIG_SRC_BIT), + + IPV4_ORIG_DST_BIT = 1, + IPV4_ORIG_DST = (1 << IPV4_ORIG_DST_BIT), + + IPV4_ORIG = (IPV4_ORIG_SRC | IPV4_ORIG_DST), + + IPV4_REPL_SRC_BIT = 2, + IPV4_REPL_SRC = (1 << IPV4_REPL_SRC_BIT), + + IPV4_REPL_DST_BIT = 3, + IPV4_REPL_DST = (1 << IPV4_REPL_DST_BIT), + + IPV4_REPL = (IPV4_REPL_SRC | IPV4_REPL_DST) +}; + +#endif diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv6.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv6.h new file mode 100644 index 0000000..280c5cd --- /dev/null +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_ipv6.h @@ -0,0 +1,29 @@ +/* + * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net> + * + * This software may be used and distributed according to the terms + * of the GNU General Public License, incorporated herein by reference. + */ + +#ifndef _LIBNETFILTER_CONNTRACK_IPV6_H_ +#define _LIBNETFILTER_CONNTRACK_IPV6_H_ + +enum ipv6_flags { + IPV6_ORIG_SRC_BIT = 0, + IPV6_ORIG_SRC = (1 << IPV6_ORIG_SRC_BIT), + + IPV6_ORIG_DST_BIT = 1, + IPV6_ORIG_DST = (1 << IPV6_ORIG_DST_BIT), + + IPV6_ORIG = (IPV6_ORIG_SRC | IPV6_ORIG_DST), + + IPV6_REPL_SRC_BIT = 2, + IPV6_REPL_SRC = (1 << IPV6_REPL_SRC_BIT), + + IPV6_REPL_DST_BIT = 3, + IPV6_REPL_DST = (1 << IPV6_REPL_DST_BIT), + + IPV6_REPL = (IPV6_REPL_SRC | IPV6_REPL_DST) +}; + +#endif diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack_l3extensions.h b/include/libnetfilter_conntrack/libnetfilter_conntrack_l3extensions.h new file mode 100644 index 0000000..86e002a --- /dev/null +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack_l3extensions.h @@ -0,0 +1,29 @@ +/* + * (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net> + * + * This software may be used and distributed according to the terms + * of the GNU General Public License, incorporated herein by reference. + */ + +#ifndef _LIBNETFILTER_CONNTRACK_L3EXTENSIONS_H_ +#define _LIBNETFILTER_CONNTRACK_L3EXTENSIONS_H_ + +#include "linux_list.h" + +struct nfct_l3proto { + struct list_head head; + + char *name; + u_int16_t protonum; + char *version; + + void (*parse_proto)(struct nfattr **, struct nfct_tuple *); + void (*build_tuple_proto)(struct nfnlhdr *, int, struct nfct_tuple *); + int (*print_proto)(char *, struct nfct_tuple *); + int (*compare)(struct nfct_conntrack *, struct nfct_conntrack *, + unsigned int); +}; + +extern void nfct_register_l3proto(struct nfct_l3proto *h); + +#endif |