]>
Commit | Line | Data |
---|---|---|
3b49e2e9 PNA |
1 | #ifndef _NF_FLOW_TABLE_H |
2 | #define _NF_FLOW_TABLE_H | |
3 | ||
ac2a6666 PNA |
4 | #include <linux/in.h> |
5 | #include <linux/in6.h> | |
6 | #include <linux/netdevice.h> | |
0eb71a9d | 7 | #include <linux/rhashtable-types.h> |
ac2a6666 | 8 | #include <linux/rcupdate.h> |
a1b2f04e | 9 | #include <linux/netfilter.h> |
af81f9e7 | 10 | #include <linux/netfilter/nf_conntrack_tuple_common.h> |
8bb69f3b | 11 | #include <net/flow_offload.h> |
ac2a6666 | 12 | #include <net/dst.h> |
3b49e2e9 PNA |
13 | |
14 | struct nf_flowtable; | |
c29f74e0 PNA |
15 | struct nf_flow_rule; |
16 | struct flow_offload; | |
17 | enum flow_offload_tuple_dir; | |
3b49e2e9 PNA |
18 | |
19 | struct nf_flowtable_type { | |
20 | struct list_head list; | |
21 | int family; | |
a268de77 | 22 | int (*init)(struct nf_flowtable *ft); |
8bb69f3b PNA |
23 | int (*setup)(struct nf_flowtable *ft, |
24 | struct net_device *dev, | |
25 | enum flow_block_command cmd); | |
c29f74e0 PNA |
26 | int (*action)(struct net *net, |
27 | const struct flow_offload *flow, | |
28 | enum flow_offload_tuple_dir dir, | |
29 | struct nf_flow_rule *flow_rule); | |
b408c5b0 | 30 | void (*free)(struct nf_flowtable *ft); |
3b49e2e9 PNA |
31 | nf_hookfn *hook; |
32 | struct module *owner; | |
33 | }; | |
34 | ||
8bb69f3b PNA |
35 | enum nf_flowtable_flags { |
36 | NF_FLOWTABLE_HW_OFFLOAD = 0x1, | |
37 | }; | |
38 | ||
3b49e2e9 | 39 | struct nf_flowtable { |
84453a90 | 40 | struct list_head list; |
3b49e2e9 | 41 | struct rhashtable rhashtable; |
71a8a63b | 42 | int priority; |
3b49e2e9 PNA |
43 | const struct nf_flowtable_type *type; |
44 | struct delayed_work gc_work; | |
8bb69f3b PNA |
45 | unsigned int flags; |
46 | struct flow_block flow_block; | |
47 | possible_net_t net; | |
3b49e2e9 PNA |
48 | }; |
49 | ||
ac2a6666 | 50 | enum flow_offload_tuple_dir { |
af81f9e7 FF |
51 | FLOW_OFFLOAD_DIR_ORIGINAL = IP_CT_DIR_ORIGINAL, |
52 | FLOW_OFFLOAD_DIR_REPLY = IP_CT_DIR_REPLY, | |
53 | FLOW_OFFLOAD_DIR_MAX = IP_CT_DIR_MAX | |
ac2a6666 | 54 | }; |
ac2a6666 PNA |
55 | |
56 | struct flow_offload_tuple { | |
57 | union { | |
58 | struct in_addr src_v4; | |
59 | struct in6_addr src_v6; | |
60 | }; | |
61 | union { | |
62 | struct in_addr dst_v4; | |
63 | struct in6_addr dst_v6; | |
64 | }; | |
65 | struct { | |
66 | __be16 src_port; | |
67 | __be16 dst_port; | |
68 | }; | |
69 | ||
70 | int iifidx; | |
71 | ||
72 | u8 l3proto; | |
73 | u8 l4proto; | |
74 | u8 dir; | |
75 | ||
4f3780c0 FF |
76 | u16 mtu; |
77 | ||
ac2a6666 PNA |
78 | struct dst_entry *dst_cache; |
79 | }; | |
80 | ||
81 | struct flow_offload_tuple_rhash { | |
82 | struct rhash_head node; | |
83 | struct flow_offload_tuple tuple; | |
84 | }; | |
85 | ||
86 | #define FLOW_OFFLOAD_SNAT 0x1 | |
87 | #define FLOW_OFFLOAD_DNAT 0x2 | |
88 | #define FLOW_OFFLOAD_DYING 0x4 | |
59c466dd | 89 | #define FLOW_OFFLOAD_TEARDOWN 0x8 |
c29f74e0 PNA |
90 | #define FLOW_OFFLOAD_HW 0x10 |
91 | #define FLOW_OFFLOAD_HW_DYING 0x20 | |
92 | #define FLOW_OFFLOAD_HW_DEAD 0x40 | |
ac2a6666 | 93 | |
f1363e05 PNA |
94 | enum flow_offload_type { |
95 | NF_FLOW_OFFLOAD_UNSPEC = 0, | |
96 | NF_FLOW_OFFLOAD_ROUTE, | |
97 | }; | |
98 | ||
ac2a6666 PNA |
99 | struct flow_offload { |
100 | struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX]; | |
b32d2f34 | 101 | struct nf_conn *ct; |
f1363e05 PNA |
102 | u16 flags; |
103 | u16 type; | |
9f48e9bf | 104 | u32 timeout; |
62248df8 | 105 | struct rcu_head rcu_head; |
ac2a6666 PNA |
106 | }; |
107 | ||
108 | #define NF_FLOW_TIMEOUT (30 * HZ) | |
109 | ||
110 | struct nf_flow_route { | |
111 | struct { | |
112 | struct dst_entry *dst; | |
ac2a6666 PNA |
113 | } tuple[FLOW_OFFLOAD_DIR_MAX]; |
114 | }; | |
115 | ||
f1363e05 | 116 | struct flow_offload *flow_offload_alloc(struct nf_conn *ct); |
ac2a6666 PNA |
117 | void flow_offload_free(struct flow_offload *flow); |
118 | ||
f1363e05 PNA |
119 | int flow_offload_route_init(struct flow_offload *flow, |
120 | const struct nf_flow_route *route); | |
121 | ||
ac2a6666 | 122 | int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow); |
ac2a6666 PNA |
123 | struct flow_offload_tuple_rhash *flow_offload_lookup(struct nf_flowtable *flow_table, |
124 | struct flow_offload_tuple *tuple); | |
5f1be84a | 125 | void nf_flow_table_cleanup(struct net_device *dev); |
c0ea1bcb | 126 | |
a268de77 | 127 | int nf_flow_table_init(struct nf_flowtable *flow_table); |
b408c5b0 | 128 | void nf_flow_table_free(struct nf_flowtable *flow_table); |
ac2a6666 | 129 | |
59c466dd | 130 | void flow_offload_teardown(struct flow_offload *flow); |
6bdc3c68 FF |
131 | static inline void flow_offload_dead(struct flow_offload *flow) |
132 | { | |
133 | flow->flags |= FLOW_OFFLOAD_DYING; | |
134 | } | |
ac2a6666 PNA |
135 | |
136 | int nf_flow_snat_port(const struct flow_offload *flow, | |
137 | struct sk_buff *skb, unsigned int thoff, | |
138 | u8 protocol, enum flow_offload_tuple_dir dir); | |
139 | int nf_flow_dnat_port(const struct flow_offload *flow, | |
140 | struct sk_buff *skb, unsigned int thoff, | |
141 | u8 protocol, enum flow_offload_tuple_dir dir); | |
142 | ||
143 | struct flow_ports { | |
144 | __be16 source, dest; | |
145 | }; | |
146 | ||
7c23b629 PNA |
147 | unsigned int nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, |
148 | const struct nf_hook_state *state); | |
149 | unsigned int nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, | |
150 | const struct nf_hook_state *state); | |
151 | ||
ac2a6666 PNA |
152 | #define MODULE_ALIAS_NF_FLOWTABLE(family) \ |
153 | MODULE_ALIAS("nf-flowtable-" __stringify(family)) | |
154 | ||
c29f74e0 PNA |
155 | void nf_flow_offload_add(struct nf_flowtable *flowtable, |
156 | struct flow_offload *flow); | |
157 | void nf_flow_offload_del(struct nf_flowtable *flowtable, | |
158 | struct flow_offload *flow); | |
159 | void nf_flow_offload_stats(struct nf_flowtable *flowtable, | |
160 | struct flow_offload *flow); | |
161 | ||
162 | void nf_flow_table_offload_flush(struct nf_flowtable *flowtable); | |
163 | int nf_flow_table_offload_setup(struct nf_flowtable *flowtable, | |
164 | struct net_device *dev, | |
165 | enum flow_block_command cmd); | |
5c27d8d7 PNA |
166 | int nf_flow_rule_route_ipv4(struct net *net, const struct flow_offload *flow, |
167 | enum flow_offload_tuple_dir dir, | |
168 | struct nf_flow_rule *flow_rule); | |
169 | int nf_flow_rule_route_ipv6(struct net *net, const struct flow_offload *flow, | |
170 | enum flow_offload_tuple_dir dir, | |
171 | struct nf_flow_rule *flow_rule); | |
c29f74e0 PNA |
172 | |
173 | int nf_flow_table_offload_init(void); | |
174 | void nf_flow_table_offload_exit(void); | |
8bb69f3b | 175 | |
0286fbc6 | 176 | #endif /* _NF_FLOW_TABLE_H */ |