[linux-block.git] / include / net / netfilter / nf_flow_table.h

#ifndef _NF_FLOW_TABLE_H
#define _NF_FLOW_TABLE_H

#include <linux/in.h>
#include <linux/in6.h>
#include <linux/netdevice.h>
#include <linux/rhashtable-types.h>
#include <linux/rcupdate.h>
#include <linux/netfilter.h>
#include <linux/netfilter/nf_conntrack_tuple_common.h>
#include <net/dst.h>

struct nf_flowtable;

struct nf_flowtable_type {
	struct list_head		list;
	int				family;
	int				(*init)(struct nf_flowtable *ft);
	void				(*free)(struct nf_flowtable *ft);
	nf_hookfn			*hook;
	struct module			*owner;
};

struct nf_flowtable {
	struct list_head		list;
	struct rhashtable		rhashtable;
	const struct nf_flowtable_type	*type;
	struct delayed_work		gc_work;
};

enum flow_offload_tuple_dir {
	FLOW_OFFLOAD_DIR_ORIGINAL = IP_CT_DIR_ORIGINAL,
	FLOW_OFFLOAD_DIR_REPLY = IP_CT_DIR_REPLY,
	FLOW_OFFLOAD_DIR_MAX = IP_CT_DIR_MAX
};

struct flow_offload_tuple {
	union {
		struct in_addr		src_v4;
		struct in6_addr		src_v6;
	};
	union {
		struct in_addr		dst_v4;
		struct in6_addr		dst_v6;
	};
	struct {
		__be16			src_port;
		__be16			dst_port;
	};

	int				iifidx;

	u8				l3proto;
	u8				l4proto;
	u8				dir;

	u16				mtu;

	struct dst_entry		*dst_cache;
};

struct flow_offload_tuple_rhash {
	struct rhash_head		node;
	struct flow_offload_tuple	tuple;
};

#define FLOW_OFFLOAD_SNAT	0x1
#define FLOW_OFFLOAD_DNAT	0x2
#define FLOW_OFFLOAD_DYING	0x4
#define FLOW_OFFLOAD_TEARDOWN	0x8

struct flow_offload {
	struct flow_offload_tuple_rhash		tuplehash[FLOW_OFFLOAD_DIR_MAX];
	u32					flags;
	union {
		/* Your private driver data here. */
		u32		timeout;
	};
};

#define NF_FLOW_TIMEOUT (30 * HZ)

struct nf_flow_route {
	struct {
		struct dst_entry	*dst;
	} tuple[FLOW_OFFLOAD_DIR_MAX];
};

struct flow_offload *flow_offload_alloc(struct nf_conn *ct,
					struct nf_flow_route *route);
void flow_offload_free(struct flow_offload *flow);

int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow);
struct flow_offload_tuple_rhash *flow_offload_lookup(struct nf_flowtable *flow_table,
						     struct flow_offload_tuple *tuple);
void nf_flow_table_cleanup(struct net_device *dev);

int nf_flow_table_init(struct nf_flowtable *flow_table);
void nf_flow_table_free(struct nf_flowtable *flow_table);

void flow_offload_teardown(struct flow_offload *flow);
static inline void flow_offload_dead(struct flow_offload *flow)
{
	flow->flags |= FLOW_OFFLOAD_DYING;
}

int nf_flow_snat_port(const struct flow_offload *flow,
		      struct sk_buff *skb, unsigned int thoff,
		      u8 protocol, enum flow_offload_tuple_dir dir);
int nf_flow_dnat_port(const struct flow_offload *flow,
		      struct sk_buff *skb, unsigned int thoff,
		      u8 protocol, enum flow_offload_tuple_dir dir);

struct flow_ports {
	__be16 source, dest;
};

unsigned int nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb,
				     const struct nf_hook_state *state);
unsigned int nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb,
				       const struct nf_hook_state *state);

#define MODULE_ALIAS_NF_FLOWTABLE(family)	\
	MODULE_ALIAS("nf-flowtable-" __stringify(family))

#endif /* _NF_FLOW_TABLE_H */
Commit	Line	Data
3b49e2e9 PNA	1	#ifndef _NF_FLOW_TABLE_H
	2	#define _NF_FLOW_TABLE_H
	3
ac2a6666 PNA	4	#include <linux/in.h>
	5	#include <linux/in6.h>
	6	#include <linux/netdevice.h>
0eb71a9d	7	#include <linux/rhashtable-types.h>
ac2a6666	8	#include <linux/rcupdate.h>
a1b2f04e	9	#include <linux/netfilter.h>
af81f9e7	10	#include <linux/netfilter/nf_conntrack_tuple_common.h>
ac2a6666	11	#include <net/dst.h>
3b49e2e9 PNA	12
	13	struct nf_flowtable;
	14
	15	struct nf_flowtable_type {
	16	struct list_head list;
	17	int family;
a268de77	18	int (init)(struct nf_flowtable ft);
b408c5b0	19	void (free)(struct nf_flowtable ft);
3b49e2e9 PNA	20	nf_hookfn *hook;
	21	struct module *owner;
	22	};
	23
	24	struct nf_flowtable {
84453a90	25	struct list_head list;
3b49e2e9 PNA	26	struct rhashtable rhashtable;
	27	const struct nf_flowtable_type *type;
	28	struct delayed_work gc_work;
	29	};
	30
ac2a6666	31	enum flow_offload_tuple_dir {
af81f9e7 FF	32	FLOW_OFFLOAD_DIR_ORIGINAL = IP_CT_DIR_ORIGINAL,
	33	FLOW_OFFLOAD_DIR_REPLY = IP_CT_DIR_REPLY,
	34	FLOW_OFFLOAD_DIR_MAX = IP_CT_DIR_MAX
ac2a6666	35	};
ac2a6666 PNA	36
	37	struct flow_offload_tuple {
	38	union {
	39	struct in_addr src_v4;
	40	struct in6_addr src_v6;
	41	};
	42	union {
	43	struct in_addr dst_v4;
	44	struct in6_addr dst_v6;
	45	};
	46	struct {
	47	__be16 src_port;
	48	__be16 dst_port;
	49	};
	50
	51	int iifidx;
	52
	53	u8 l3proto;
	54	u8 l4proto;
	55	u8 dir;
	56
4f3780c0 FF	57	u16 mtu;
4f3780c0 FF	58
ac2a6666 PNA	59	struct dst_entry *dst_cache;
	60	};
	61
	62	struct flow_offload_tuple_rhash {
	63	struct rhash_head node;
	64	struct flow_offload_tuple tuple;
	65	};
	66
	67	#define FLOW_OFFLOAD_SNAT 0x1
	68	#define FLOW_OFFLOAD_DNAT 0x2
	69	#define FLOW_OFFLOAD_DYING 0x4
59c466dd	70	#define FLOW_OFFLOAD_TEARDOWN 0x8
ac2a6666 PNA	71
	72	struct flow_offload {
	73	struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX];
	74	u32 flags;
	75	union {
	76	/* Your private driver data here. */
	77	u32 timeout;
	78	};
	79	};
	80
	81	#define NF_FLOW_TIMEOUT (30 * HZ)
	82
	83	struct nf_flow_route {
	84	struct {
	85	struct dst_entry *dst;
ac2a6666 PNA	86	} tuple[FLOW_OFFLOAD_DIR_MAX];
	87	};
	88
	89	struct flow_offload flow_offload_alloc(struct nf_conn ct,
	90	struct nf_flow_route *route);
	91	void flow_offload_free(struct flow_offload *flow);
	92
	93	int flow_offload_add(struct nf_flowtable flow_table, struct flow_offload flow);
ac2a6666 PNA	94	struct flow_offload_tuple_rhash flow_offload_lookup(struct nf_flowtable flow_table,
ac2a6666 PNA	95	struct flow_offload_tuple *tuple);
5f1be84a	96	void nf_flow_table_cleanup(struct net_device *dev);
c0ea1bcb	97
a268de77	98	int nf_flow_table_init(struct nf_flowtable *flow_table);
b408c5b0	99	void nf_flow_table_free(struct nf_flowtable *flow_table);
ac2a6666	100
59c466dd	101	void flow_offload_teardown(struct flow_offload *flow);
6bdc3c68 FF	102	static inline void flow_offload_dead(struct flow_offload *flow)
	103	{
	104	flow->flags \|= FLOW_OFFLOAD_DYING;
	105	}
ac2a6666 PNA	106
	107	int nf_flow_snat_port(const struct flow_offload *flow,
	108	struct sk_buff *skb, unsigned int thoff,
	109	u8 protocol, enum flow_offload_tuple_dir dir);
	110	int nf_flow_dnat_port(const struct flow_offload *flow,
	111	struct sk_buff *skb, unsigned int thoff,
	112	u8 protocol, enum flow_offload_tuple_dir dir);
	113
	114	struct flow_ports {
	115	__be16 source, dest;
	116	};
	117
7c23b629 PNA	118	unsigned int nf_flow_offload_ip_hook(void priv, struct sk_buff skb,
	119	const struct nf_hook_state *state);
	120	unsigned int nf_flow_offload_ipv6_hook(void priv, struct sk_buff skb,
	121	const struct nf_hook_state *state);
	122
ac2a6666 PNA	123	#define MODULE_ALIAS_NF_FLOWTABLE(family) \
	124	MODULE_ALIAS("nf-flowtable-" __stringify(family))
	125
0286fbc6	126	#endif /* _NF_FLOW_TABLE_H */