1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */ 2*4882a593Smuzhiyun #ifndef __NETNS_CONNTRACK_H 3*4882a593Smuzhiyun #define __NETNS_CONNTRACK_H 4*4882a593Smuzhiyun 5*4882a593Smuzhiyun #include <linux/list.h> 6*4882a593Smuzhiyun #include <linux/list_nulls.h> 7*4882a593Smuzhiyun #include <linux/atomic.h> 8*4882a593Smuzhiyun #include <linux/workqueue.h> 9*4882a593Smuzhiyun #include <linux/netfilter/nf_conntrack_tcp.h> 10*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_DCCP 11*4882a593Smuzhiyun #include <linux/netfilter/nf_conntrack_dccp.h> 12*4882a593Smuzhiyun #endif 13*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_SCTP 14*4882a593Smuzhiyun #include <linux/netfilter/nf_conntrack_sctp.h> 15*4882a593Smuzhiyun #endif 16*4882a593Smuzhiyun #include <linux/seqlock.h> 17*4882a593Smuzhiyun 18*4882a593Smuzhiyun struct ctl_table_header; 19*4882a593Smuzhiyun struct nf_conntrack_ecache; 20*4882a593Smuzhiyun 21*4882a593Smuzhiyun struct nf_generic_net { 22*4882a593Smuzhiyun unsigned int timeout; 23*4882a593Smuzhiyun }; 24*4882a593Smuzhiyun 25*4882a593Smuzhiyun struct nf_tcp_net { 26*4882a593Smuzhiyun unsigned int timeouts[TCP_CONNTRACK_TIMEOUT_MAX]; 27*4882a593Smuzhiyun int tcp_loose; 28*4882a593Smuzhiyun int tcp_be_liberal; 29*4882a593Smuzhiyun int tcp_max_retrans; 30*4882a593Smuzhiyun }; 31*4882a593Smuzhiyun 32*4882a593Smuzhiyun enum udp_conntrack { 33*4882a593Smuzhiyun UDP_CT_UNREPLIED, 34*4882a593Smuzhiyun UDP_CT_REPLIED, 35*4882a593Smuzhiyun UDP_CT_MAX 36*4882a593Smuzhiyun }; 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun struct nf_udp_net { 39*4882a593Smuzhiyun unsigned int timeouts[UDP_CT_MAX]; 40*4882a593Smuzhiyun }; 41*4882a593Smuzhiyun 42*4882a593Smuzhiyun struct nf_icmp_net { 43*4882a593Smuzhiyun unsigned int timeout; 44*4882a593Smuzhiyun }; 45*4882a593Smuzhiyun 46*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_DCCP 47*4882a593Smuzhiyun struct nf_dccp_net { 48*4882a593Smuzhiyun int dccp_loose; 49*4882a593Smuzhiyun unsigned int dccp_timeout[CT_DCCP_MAX + 1]; 50*4882a593Smuzhiyun }; 51*4882a593Smuzhiyun #endif 52*4882a593Smuzhiyun 53*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_SCTP 54*4882a593Smuzhiyun struct nf_sctp_net { 55*4882a593Smuzhiyun unsigned int timeouts[SCTP_CONNTRACK_MAX]; 56*4882a593Smuzhiyun }; 57*4882a593Smuzhiyun #endif 58*4882a593Smuzhiyun 59*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_GRE 60*4882a593Smuzhiyun enum gre_conntrack { 61*4882a593Smuzhiyun GRE_CT_UNREPLIED, 62*4882a593Smuzhiyun GRE_CT_REPLIED, 63*4882a593Smuzhiyun GRE_CT_MAX 64*4882a593Smuzhiyun }; 65*4882a593Smuzhiyun 66*4882a593Smuzhiyun struct nf_gre_net { 67*4882a593Smuzhiyun struct list_head keymap_list; 68*4882a593Smuzhiyun unsigned int timeouts[GRE_CT_MAX]; 69*4882a593Smuzhiyun }; 70*4882a593Smuzhiyun #endif 71*4882a593Smuzhiyun 72*4882a593Smuzhiyun struct nf_ip_net { 73*4882a593Smuzhiyun struct nf_generic_net generic; 74*4882a593Smuzhiyun struct nf_tcp_net tcp; 75*4882a593Smuzhiyun struct nf_udp_net udp; 76*4882a593Smuzhiyun struct nf_icmp_net icmp; 77*4882a593Smuzhiyun struct nf_icmp_net icmpv6; 78*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_DCCP 79*4882a593Smuzhiyun struct nf_dccp_net dccp; 80*4882a593Smuzhiyun #endif 81*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_SCTP 82*4882a593Smuzhiyun struct nf_sctp_net sctp; 83*4882a593Smuzhiyun #endif 84*4882a593Smuzhiyun #ifdef CONFIG_NF_CT_PROTO_GRE 85*4882a593Smuzhiyun struct nf_gre_net gre; 86*4882a593Smuzhiyun #endif 87*4882a593Smuzhiyun }; 88*4882a593Smuzhiyun 89*4882a593Smuzhiyun struct ct_pcpu { 90*4882a593Smuzhiyun spinlock_t lock; 91*4882a593Smuzhiyun struct hlist_nulls_head unconfirmed; 92*4882a593Smuzhiyun struct hlist_nulls_head dying; 93*4882a593Smuzhiyun }; 94*4882a593Smuzhiyun 95*4882a593Smuzhiyun struct netns_ct { 96*4882a593Smuzhiyun atomic_t count; 97*4882a593Smuzhiyun unsigned int expect_count; 98*4882a593Smuzhiyun #ifdef CONFIG_NF_CONNTRACK_EVENTS 99*4882a593Smuzhiyun struct delayed_work ecache_dwork; 100*4882a593Smuzhiyun bool ecache_dwork_pending; 101*4882a593Smuzhiyun #endif 102*4882a593Smuzhiyun bool auto_assign_helper_warned; 103*4882a593Smuzhiyun #ifdef CONFIG_SYSCTL 104*4882a593Smuzhiyun struct ctl_table_header *sysctl_header; 105*4882a593Smuzhiyun #endif 106*4882a593Smuzhiyun unsigned int sysctl_log_invalid; /* Log invalid packets */ 107*4882a593Smuzhiyun int sysctl_events; 108*4882a593Smuzhiyun int sysctl_acct; 109*4882a593Smuzhiyun int sysctl_auto_assign_helper; 110*4882a593Smuzhiyun int sysctl_tstamp; 111*4882a593Smuzhiyun int sysctl_checksum; 112*4882a593Smuzhiyun 113*4882a593Smuzhiyun struct ct_pcpu __percpu *pcpu_lists; 114*4882a593Smuzhiyun struct ip_conntrack_stat __percpu *stat; 115*4882a593Smuzhiyun struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; 116*4882a593Smuzhiyun struct nf_exp_event_notifier __rcu *nf_expect_event_cb; 117*4882a593Smuzhiyun struct nf_ip_net nf_ct_proto; 118*4882a593Smuzhiyun #if defined(CONFIG_NF_CONNTRACK_LABELS) 119*4882a593Smuzhiyun unsigned int labels_used; 120*4882a593Smuzhiyun #endif 121*4882a593Smuzhiyun }; 122*4882a593Smuzhiyun #endif 123