[linux-2.6-block.git] / include / linux / netfilter_bridge.h

#ifndef __LINUX_BRIDGE_NETFILTER_H
#define __LINUX_BRIDGE_NETFILTER_H

#include <uapi/linux/netfilter_bridge.h>
#include <linux/skbuff.h>

enum nf_br_hook_priorities {
	NF_BR_PRI_FIRST = INT_MIN,
	NF_BR_PRI_NAT_DST_BRIDGED = -300,
	NF_BR_PRI_FILTER_BRIDGED = -200,
	NF_BR_PRI_BRNF = 0,
	NF_BR_PRI_NAT_DST_OTHER = 100,
	NF_BR_PRI_FILTER_OTHER = 200,
	NF_BR_PRI_NAT_SRC = 300,
	NF_BR_PRI_LAST = INT_MAX,
};

#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)

#define BRNF_BRIDGED_DNAT		0x02
#define BRNF_NF_BRIDGE_PREROUTING	0x08

static inline unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)
{
	if (skb->nf_bridge->orig_proto == BRNF_PROTO_PPPOE)
		return PPPOE_SES_HLEN;
	return 0;
}

int br_handle_frame_finish(struct sock *sk, struct sk_buff *skb);

static inline void br_drop_fake_rtable(struct sk_buff *skb)
{
	struct dst_entry *dst = skb_dst(skb);

	if (dst && (dst->flags & DST_FAKE_RTABLE))
		skb_dst_drop(skb);
}

static inline int nf_bridge_get_physinif(const struct sk_buff *skb)
{
	struct nf_bridge_info *nf_bridge;

	if (skb->nf_bridge == NULL)
		return 0;

	nf_bridge = skb->nf_bridge;
	return nf_bridge->physindev ? nf_bridge->physindev->ifindex : 0;
}

static inline int nf_bridge_get_physoutif(const struct sk_buff *skb)
{
	struct nf_bridge_info *nf_bridge;

	if (skb->nf_bridge == NULL)
		return 0;

	nf_bridge = skb->nf_bridge;
	return nf_bridge->physoutdev ? nf_bridge->physoutdev->ifindex : 0;
}

static inline struct net_device *
nf_bridge_get_physindev(const struct sk_buff *skb)
{
	return skb->nf_bridge ? skb->nf_bridge->physindev : NULL;
}

static inline struct net_device *
nf_bridge_get_physoutdev(const struct sk_buff *skb)
{
	return skb->nf_bridge ? skb->nf_bridge->physoutdev : NULL;
}
#else
#define br_drop_fake_rtable(skb)	        do { } while (0)
#endif /* CONFIG_BRIDGE_NETFILTER */

#endif
Commit	Line	Data
1da177e4 LT	1	#ifndef __LINUX_BRIDGE_NETFILTER_H
	2	#define __LINUX_BRIDGE_NETFILTER_H
	3
607ca46e	4	#include <uapi/linux/netfilter_bridge.h>
c737b7c4	5	#include <linux/skbuff.h>
1da177e4 LT	6
	7	enum nf_br_hook_priorities {
	8	NF_BR_PRI_FIRST = INT_MIN,
	9	NF_BR_PRI_NAT_DST_BRIDGED = -300,
	10	NF_BR_PRI_FILTER_BRIDGED = -200,
	11	NF_BR_PRI_BRNF = 0,
	12	NF_BR_PRI_NAT_DST_OTHER = 100,
	13	NF_BR_PRI_FILTER_OTHER = 200,
	14	NF_BR_PRI_NAT_SRC = 300,
	15	NF_BR_PRI_LAST = INT_MAX,
	16	};
	17
34666d46	18	#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
1da177e4	19
1da177e4	20	#define BRNF_BRIDGED_DNAT 0x02
ea2d9b41	21	#define BRNF_NF_BRIDGE_PREROUTING 0x08
1da177e4	22
6c79bf0f BDS	23	static inline unsigned int nf_bridge_mtu_reduction(const struct sk_buff *skb)
6c79bf0f BDS	24	{
3eaf4025	25	if (skb->nf_bridge->orig_proto == BRNF_PROTO_PPPOE)
6c79bf0f BDS	26	return PPPOE_SES_HLEN;
	27	return 0;
	28	}
	29
7026b1dd	30	int br_handle_frame_finish(struct sock sk, struct sk_buff skb);
ea2d9b41	31
a881e963 PHP	32	static inline void br_drop_fake_rtable(struct sk_buff *skb)
	33	{
	34	struct dst_entry *dst = skb_dst(skb);
	35
	36	if (dst && (dst->flags & DST_FAKE_RTABLE))
	37	skb_dst_drop(skb);
	38	}
	39
c737b7c4 FW	40	static inline int nf_bridge_get_physinif(const struct sk_buff *skb)
c737b7c4 FW	41	{
547c4b54 FW	42	struct nf_bridge_info *nf_bridge;
	43
	44	if (skb->nf_bridge == NULL)
	45	return 0;
	46
	47	nf_bridge = skb->nf_bridge;
	48	return nf_bridge->physindev ? nf_bridge->physindev->ifindex : 0;
c737b7c4 FW	49	}
	50
	51	static inline int nf_bridge_get_physoutif(const struct sk_buff *skb)
	52	{
547c4b54 FW	53	struct nf_bridge_info *nf_bridge;
	54
	55	if (skb->nf_bridge == NULL)
	56	return 0;
	57
	58	nf_bridge = skb->nf_bridge;
	59	return nf_bridge->physoutdev ? nf_bridge->physoutdev->ifindex : 0;
c737b7c4 FW	60	}
	61
	62	static inline struct net_device *
	63	nf_bridge_get_physindev(const struct sk_buff *skb)
	64	{
	65	return skb->nf_bridge ? skb->nf_bridge->physindev : NULL;
	66	}
	67
	68	static inline struct net_device *
	69	nf_bridge_get_physoutdev(const struct sk_buff *skb)
	70	{
	71	return skb->nf_bridge ? skb->nf_bridge->physoutdev : NULL;
	72	}
07317621	73	#else
a881e963	74	#define br_drop_fake_rtable(skb) do { } while (0)
1da177e4 LT	75	#endif /* CONFIG_BRIDGE_NETFILTER */
1da177e4 LT	76
1da177e4	77	#endif