]>
Commit | Line | Data |
---|---|---|
6f52b16c | 1 | /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ |
7af4cc3f HW |
2 | #ifndef _NFNETLINK_QUEUE_H |
3 | #define _NFNETLINK_QUEUE_H | |
4 | ||
0ba2c6e8 | 5 | #include <linux/types.h> |
7af4cc3f HW |
6 | #include <linux/netfilter/nfnetlink.h> |
7 | ||
8 | enum nfqnl_msg_types { | |
9 | NFQNL_MSG_PACKET, /* packet from kernel to userspace */ | |
10 | NFQNL_MSG_VERDICT, /* verdict from userspace to kernel */ | |
11 | NFQNL_MSG_CONFIG, /* connect to a particular queue */ | |
97d32cf9 | 12 | NFQNL_MSG_VERDICT_BATCH, /* batchv from userspace to kernel */ |
7af4cc3f HW |
13 | |
14 | NFQNL_MSG_MAX | |
15 | }; | |
16 | ||
17 | struct nfqnl_msg_packet_hdr { | |
98a4a861 AV |
18 | __be32 packet_id; /* unique ID of packet in queue */ |
19 | __be16 hw_protocol; /* hw protocol (network order) */ | |
60c195c7 | 20 | __u8 hook; /* netfilter hook */ |
7af4cc3f HW |
21 | } __attribute__ ((packed)); |
22 | ||
23 | struct nfqnl_msg_packet_hw { | |
98a4a861 | 24 | __be16 hw_addrlen; |
60c195c7 AB |
25 | __u16 _pad; |
26 | __u8 hw_addr[8]; | |
53e26658 | 27 | }; |
7af4cc3f HW |
28 | |
29 | struct nfqnl_msg_packet_timestamp { | |
b51bdad6 MF |
30 | __aligned_be64 sec; |
31 | __aligned_be64 usec; | |
53e26658 | 32 | }; |
7af4cc3f | 33 | |
15824ab2 SB |
34 | enum nfqnl_vlan_attr { |
35 | NFQA_VLAN_UNSPEC, | |
36 | NFQA_VLAN_PROTO, /* __be16 skb vlan_proto */ | |
37 | NFQA_VLAN_TCI, /* __be16 skb htons(vlan_tci) */ | |
38 | __NFQA_VLAN_MAX, | |
39 | }; | |
ba896a05 | 40 | #define NFQA_VLAN_MAX (__NFQA_VLAN_MAX - 1) |
15824ab2 | 41 | |
7af4cc3f HW |
42 | enum nfqnl_attr_type { |
43 | NFQA_UNSPEC, | |
44 | NFQA_PACKET_HDR, | |
45 | NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */ | |
60c195c7 | 46 | NFQA_MARK, /* __u32 nfmark */ |
7af4cc3f | 47 | NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */ |
60c195c7 AB |
48 | NFQA_IFINDEX_INDEV, /* __u32 ifindex */ |
49 | NFQA_IFINDEX_OUTDEV, /* __u32 ifindex */ | |
50 | NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */ | |
51 | NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */ | |
7af4cc3f HW |
52 | NFQA_HWADDR, /* nfqnl_msg_packet_hw */ |
53 | NFQA_PAYLOAD, /* opaque data payload */ | |
9cb01766 PNA |
54 | NFQA_CT, /* nf_conntrack_netlink.h */ |
55 | NFQA_CT_INFO, /* enum ip_conntrack_info */ | |
6ee584be | 56 | NFQA_CAP_LEN, /* __u32 length of captured packet */ |
7237190d | 57 | NFQA_SKB_INFO, /* __u32 skb meta information */ |
bd077937 | 58 | NFQA_EXP, /* nf_conntrack_netlink.h */ |
08c0cad6 VG |
59 | NFQA_UID, /* __u32 sk uid */ |
60 | NFQA_GID, /* __u32 sk gid */ | |
ef493bd9 | 61 | NFQA_SECCTX, /* security context string */ |
15824ab2 SB |
62 | NFQA_VLAN, /* nested attribute: packet vlan info */ |
63 | NFQA_L2HDR, /* full L2 header */ | |
7af4cc3f HW |
64 | |
65 | __NFQA_MAX | |
66 | }; | |
67 | #define NFQA_MAX (__NFQA_MAX - 1) | |
68 | ||
69 | struct nfqnl_msg_verdict_hdr { | |
98a4a861 AV |
70 | __be32 verdict; |
71 | __be32 id; | |
53e26658 | 72 | }; |
7af4cc3f HW |
73 | |
74 | ||
75 | enum nfqnl_msg_config_cmds { | |
76 | NFQNL_CFG_CMD_NONE, | |
77 | NFQNL_CFG_CMD_BIND, | |
78 | NFQNL_CFG_CMD_UNBIND, | |
79 | NFQNL_CFG_CMD_PF_BIND, | |
80 | NFQNL_CFG_CMD_PF_UNBIND, | |
81 | }; | |
82 | ||
83 | struct nfqnl_msg_config_cmd { | |
60c195c7 AB |
84 | __u8 command; /* nfqnl_msg_config_cmds */ |
85 | __u8 _pad; | |
98a4a861 | 86 | __be16 pf; /* AF_xxx for PF_[UN]BIND */ |
53e26658 | 87 | }; |
7af4cc3f HW |
88 | |
89 | enum nfqnl_config_mode { | |
90 | NFQNL_COPY_NONE, | |
91 | NFQNL_COPY_META, | |
92 | NFQNL_COPY_PACKET, | |
93 | }; | |
94 | ||
95 | struct nfqnl_msg_config_params { | |
98a4a861 | 96 | __be32 copy_range; |
60c195c7 | 97 | __u8 copy_mode; /* enum nfqnl_config_mode */ |
7af4cc3f HW |
98 | } __attribute__ ((packed)); |
99 | ||
100 | ||
101 | enum nfqnl_attr_config { | |
102 | NFQA_CFG_UNSPEC, | |
103 | NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */ | |
104 | NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */ | |
60c195c7 | 105 | NFQA_CFG_QUEUE_MAXLEN, /* __u32 */ |
fdb694a0 KK |
106 | NFQA_CFG_MASK, /* identify which flags to change */ |
107 | NFQA_CFG_FLAGS, /* value of these flags (__u32) */ | |
7af4cc3f HW |
108 | __NFQA_CFG_MAX |
109 | }; | |
838ab636 | 110 | #define NFQA_CFG_MAX (__NFQA_CFG_MAX-1) |
7af4cc3f | 111 | |
fdb694a0 KK |
112 | /* Flags for NFQA_CFG_FLAGS */ |
113 | #define NFQA_CFG_F_FAIL_OPEN (1 << 0) | |
9cb01766 | 114 | #define NFQA_CFG_F_CONNTRACK (1 << 1) |
00bd1cc2 | 115 | #define NFQA_CFG_F_GSO (1 << 2) |
08c0cad6 | 116 | #define NFQA_CFG_F_UID_GID (1 << 3) |
ef493bd9 RK |
117 | #define NFQA_CFG_F_SECCTX (1 << 4) |
118 | #define NFQA_CFG_F_MAX (1 << 5) | |
fdb694a0 | 119 | |
7237190d FW |
120 | /* flags for NFQA_SKB_INFO */ |
121 | /* packet appears to have wrong checksums, but they are ok */ | |
122 | #define NFQA_SKB_CSUMNOTREADY (1 << 0) | |
123 | /* packet is GSO (i.e., exceeds device mtu) */ | |
124 | #define NFQA_SKB_GSO (1 << 1) | |
496e4ae7 FW |
125 | /* csum not validated (incoming device doesn't support hw checksum, etc.) */ |
126 | #define NFQA_SKB_CSUM_NOTVERIFIED (1 << 2) | |
7237190d | 127 | |
7af4cc3f | 128 | #endif /* _NFNETLINK_QUEUE_H */ |