1 #ifndef _IP_CONNTRACK_CORE_H
2 #define _IP_CONNTRACK_CORE_H
3 #include <linux/netfilter.h>
4 #include <linux/netfilter_ipv4/lockhelp.h>
6 /* This header is used to share core functionality between the
7 standalone connection tracking module, and the compatibility layer's use
8 of connection tracking. */
9 extern unsigned int ip_conntrack_in(unsigned int hooknum
,
10 struct sk_buff
**pskb
,
11 const struct net_device
*in
,
12 const struct net_device
*out
,
13 int (*okfn
)(struct sk_buff
*));
15 extern int ip_conntrack_init(void);
16 extern void ip_conntrack_cleanup(void);
18 struct ip_conntrack_protocol
;
21 ip_ct_get_tuple(const struct iphdr
*iph
,
22 const struct sk_buff
*skb
,
24 struct ip_conntrack_tuple
*tuple
,
25 const struct ip_conntrack_protocol
*protocol
);
28 ip_ct_invert_tuple(struct ip_conntrack_tuple
*inverse
,
29 const struct ip_conntrack_tuple
*orig
,
30 const struct ip_conntrack_protocol
*protocol
);
32 /* Find a connection corresponding to a tuple. */
33 struct ip_conntrack_tuple_hash
*
34 ip_conntrack_find_get(const struct ip_conntrack_tuple
*tuple
,
35 const struct ip_conntrack
*ignored_conntrack
);
37 extern int __ip_conntrack_confirm(struct sk_buff
**pskb
);
39 /* Confirm a connection: returns NF_DROP if packet must be dropped. */
40 static inline int ip_conntrack_confirm(struct sk_buff
**pskb
)
43 && !is_confirmed((struct ip_conntrack
*)(*pskb
)->nfct
))
44 return __ip_conntrack_confirm(pskb
);
48 extern struct list_head
*ip_conntrack_hash
;
49 extern struct list_head ip_conntrack_expect_list
;
50 DECLARE_RWLOCK_EXTERN(ip_conntrack_lock
);
51 #endif /* _IP_CONNTRACK_CORE_H */
