1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
/* libctnetlink.h: Header file for the Connection Tracking library.
*
* Jay Schulist <jschlst@samba.org>, Copyright (c) 2001.
* (C) 2002 by Harald Welte <laforge@gnumonks.org>
* (C) 2005 by Pablo Neira Ayuso <pablo@eurodev.net>
*
* This software may be used and distributed according to the terms
* of the GNU General Public License, incorporated herein by reference.
*/
#ifndef __LIBCTNETLINK_H
#define __LIBCTNETLINK_H
#include <netinet/in.h>
#include <asm/types.h>
#include <linux/if.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_conntrack.h>
#include <libnfnetlink/libnfnetlink.h>
#define CTNL_BUFFSIZE 4096
union ctnl_l4 {
/* Add other protocols here. */
u_int16_t all;
struct {
u_int16_t port;
} tcp;
struct {
u_int16_t port;
} udp;
struct {
u_int8_t type, code;
u_int16_t id;
} icmp;
struct {
u_int16_t port;
} sctp;
};
struct ctnl_tuple {
union {
u_int32_t v4;
u_int64_t v6;
} src;
union {
u_int32_t v4;
u_int64_t v6;
} dst;
u_int8_t protonum;
union ctnl_l4 l4src;
union ctnl_l4 l4dst;
};
union ctnl_protoinfo {
struct {
u_int8_t state;
} tcp;
};
struct ctnl_counters {
u_int64_t packets;
u_int64_t bytes;
};
struct ctnl_nat {
u_int32_t min_ip, max_ip;
union ctnl_l4 l4min, l4max;
};
#define CTNL_DIR_ORIGINAL 0
#define CTNL_DIR_REPLY 1
#define CTNL_DIR_MAX CTNL_DIR_REPLY+1
struct ctnl_conntrack {
struct ctnl_tuple tuple[CTNL_DIR_MAX];
unsigned long timeout;
unsigned long mark;
unsigned int status;
unsigned int use;
unsigned int id;
union ctnl_protoinfo protoinfo;
struct ctnl_counters counters[CTNL_DIR_MAX];
struct ctnl_nat nat;
};
struct ctnl_msg_handler {
int type;
int (*handler)(struct sockaddr_nl *, struct nlmsghdr *, void *arg);
};
struct ctnl_handle {
struct nfnl_handle nfnlh;
struct ctnl_msg_handler *handler[IPCTNL_MSG_MAX];
};
extern int ctnl_open(struct ctnl_handle *, unsigned);
extern int ctnl_close(struct ctnl_handle *);
extern int ctnl_unregister_handler(struct ctnl_handle *, int);
extern int ctnl_register_handler(struct ctnl_handle *,
struct ctnl_msg_handler *);
extern int ctnl_new_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
extern int ctnl_upd_conntrack(struct ctnl_handle *, struct ctnl_conntrack *);
extern int ctnl_get_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
extern int ctnl_del_conntrack(struct ctnl_handle *, struct ctnl_tuple *, int);
extern int ctnl_list_conntrack(struct ctnl_handle *, int);
extern int ctnl_list_conntrack_zero_counters(struct ctnl_handle *, int);
extern int ctnl_event_conntrack(struct ctnl_handle *, int);
extern int ctnl_flush_conntrack(struct ctnl_handle *);
extern int ctnl_list_expect(struct ctnl_handle *, int);
extern int ctnl_event_expect(struct ctnl_handle *, int);
extern int ctnl_flush_expect(struct ctnl_handle *);
extern int ctnl_send(struct ctnl_handle *, struct nlmsghdr *);
extern int ctnl_wilddump_request(struct ctnl_handle *, int , int);
#endif /* __LIBCTNETLINK_H */
|