Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
4b7fd5d9 PNA |
2 | #ifndef _BR_NETFILTER_H_ |
3 | #define _BR_NETFILTER_H_ | |
4 | ||
a1b2f04e JS |
5 | #include <linux/netfilter.h> |
6 | ||
230ac490 PNA |
7 | #include "../../../net/bridge/br_private.h" |
8 | ||
9 | static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb) | |
10 | { | |
9211bfbf | 11 | #if IS_ENABLED(CONFIG_BRIDGE_NETFILTER) |
de8bda1d | 12 | struct nf_bridge_info *b = skb_ext_add(skb, SKB_EXT_BRIDGE_NF); |
230ac490 | 13 | |
de8bda1d FW |
14 | if (b) |
15 | memset(b, 0, sizeof(*b)); | |
230ac490 | 16 | |
de8bda1d | 17 | return b; |
9211bfbf JS |
18 | #else |
19 | return NULL; | |
20 | #endif | |
230ac490 PNA |
21 | } |
22 | ||
23 | void nf_bridge_update_protocol(struct sk_buff *skb); | |
24 | ||
c5136b15 FW |
25 | int br_nf_hook_thresh(unsigned int hook, struct net *net, struct sock *sk, |
26 | struct sk_buff *skb, struct net_device *indev, | |
27 | struct net_device *outdev, | |
28 | int (*okfn)(struct net *, struct sock *, | |
29 | struct sk_buff *)); | |
30 | ||
230ac490 PNA |
31 | unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb); |
32 | ||
33 | static inline void nf_bridge_push_encap_header(struct sk_buff *skb) | |
34 | { | |
35 | unsigned int len = nf_bridge_encap_header_len(skb); | |
36 | ||
37 | skb_push(skb, len); | |
38 | skb->network_header -= len; | |
39 | } | |
40 | ||
0c4b51f0 | 41 | int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb); |
230ac490 PNA |
42 | |
43 | static inline struct rtable *bridge_parent_rtable(const struct net_device *dev) | |
44 | { | |
9211bfbf | 45 | #if IS_ENABLED(CONFIG_BRIDGE_NETFILTER) |
230ac490 PNA |
46 | struct net_bridge_port *port; |
47 | ||
48 | port = br_port_get_rcu(dev); | |
49 | return port ? &port->br->fake_rtable : NULL; | |
9211bfbf JS |
50 | #else |
51 | return NULL; | |
52 | #endif | |
230ac490 PNA |
53 | } |
54 | ||
ff6d090d CB |
55 | struct net_device *setup_pre_routing(struct sk_buff *skb, |
56 | const struct net *net); | |
4b7fd5d9 | 57 | |
230ac490 | 58 | #if IS_ENABLED(CONFIG_IPV6) |
c1444c63 | 59 | int br_validate_ipv6(struct net *net, struct sk_buff *skb); |
06198b34 | 60 | unsigned int br_nf_pre_routing_ipv6(void *priv, |
230ac490 PNA |
61 | struct sk_buff *skb, |
62 | const struct nf_hook_state *state); | |
63 | #else | |
c1444c63 | 64 | static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb) |
230ac490 PNA |
65 | { |
66 | return -1; | |
67 | } | |
68 | ||
69 | static inline unsigned int | |
f1815650 | 70 | br_nf_pre_routing_ipv6(void *priv, struct sk_buff *skb, |
230ac490 PNA |
71 | const struct nf_hook_state *state) |
72 | { | |
18e1db67 | 73 | return NF_ACCEPT; |
230ac490 PNA |
74 | } |
75 | #endif | |
76 | ||
4b7fd5d9 | 77 | #endif /* _BR_NETFILTER_H_ */ |