]> git.proxmox.com Git - mirror_ovs.git/blob - datapath/conntrack.h
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
datapath: Fix wrong push/pop ethernet validation
[mirror_ovs.git] / datapath / conntrack.h
1 /*
2 * Copyright (c) 2015 Nicira, Inc.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
12 */
13
14 #ifndef OVS_CONNTRACK_H
15 #define OVS_CONNTRACK_H 1
16
17 #include <linux/version.h>
18 #include "flow.h"
19
20 struct ovs_conntrack_info;
21 struct ovs_ct_limit_info;
22 enum ovs_key_attr;
23
24 #if IS_ENABLED(CONFIG_NF_CONNTRACK)
25 int ovs_ct_init(struct net *);
26 void ovs_ct_exit(struct net *);
27 bool ovs_ct_verify(struct net *, enum ovs_key_attr attr);
28 int ovs_ct_copy_action(struct net *, const struct nlattr *,
29 const struct sw_flow_key *, struct sw_flow_actions **,
30 bool log);
31 int ovs_ct_action_to_attr(const struct ovs_conntrack_info *, struct sk_buff *);
32
33 int ovs_ct_execute(struct net *, struct sk_buff *, struct sw_flow_key *,
34 const struct ovs_conntrack_info *);
35 int ovs_ct_clear(struct sk_buff *skb, struct sw_flow_key *key);
36
37 void ovs_ct_fill_key(const struct sk_buff *skb, struct sw_flow_key *key);
38 int ovs_ct_put_key(const struct sw_flow_key *swkey,
39 const struct sw_flow_key *output, struct sk_buff *skb);
40 void ovs_ct_free_action(const struct nlattr *a);
41
42 #define CT_SUPPORTED_MASK (OVS_CS_F_NEW | OVS_CS_F_ESTABLISHED | \
43 OVS_CS_F_RELATED | OVS_CS_F_REPLY_DIR | \
44 OVS_CS_F_INVALID | OVS_CS_F_TRACKED | \
45 OVS_CS_F_SRC_NAT | OVS_CS_F_DST_NAT)
46 #else
47 #include <linux/errno.h>
48
49 static inline int ovs_ct_init(struct net *net) { return 0; }
50
51 static inline void ovs_ct_exit(struct net *net) { }
52
53 static inline bool ovs_ct_verify(struct net *net, int attr)
54 {
55 return false;
56 }
57
58 static inline int ovs_ct_copy_action(struct net *net, const struct nlattr *nla,
59 const struct sw_flow_key *key,
60 struct sw_flow_actions **acts, bool log)
61 {
62 return -ENOTSUPP;
63 }
64
65 static inline int ovs_ct_action_to_attr(const struct ovs_conntrack_info *info,
66 struct sk_buff *skb)
67 {
68 return -ENOTSUPP;
69 }
70
71 static inline int ovs_ct_execute(struct net *net, struct sk_buff *skb,
72 struct sw_flow_key *key,
73 const struct ovs_conntrack_info *info)
74 {
75 kfree_skb(skb);
76 return -ENOTSUPP;
77 }
78
79 static inline int ovs_ct_clear(struct sk_buff *skb,
80 struct sw_flow_key *key)
81 {
82 return -ENOTSUPP;
83 }
84
85 static inline void ovs_ct_fill_key(const struct sk_buff *skb,
86 struct sw_flow_key *key)
87 {
88 key->ct_state = 0;
89 key->ct_zone = 0;
90 key->ct.mark = 0;
91 memset(&key->ct.labels, 0, sizeof(key->ct.labels));
92 /* Clear 'ct_orig_proto' to mark the non-existence of original
93 * direction key fields.
94 */
95 key->ct_orig_proto = 0;
96 }
97
98 static inline int ovs_ct_put_key(const struct sw_flow_key *swkey,
99 const struct sw_flow_key *output,
100 struct sk_buff *skb)
101 {
102 return 0;
103 }
104
105 static inline void ovs_ct_free_action(const struct nlattr *a) { }
106
107 #define CT_SUPPORTED_MASK 0
108 #endif
109
110 #if IS_ENABLED(CONFIG_NETFILTER_CONNCOUNT)
111 extern struct genl_family dp_ct_limit_genl_family;
112 #endif
113 #endif /* ovs_conntrack.h */
openvswitch mirror