Eric Lee / smarc-fsl-linux-kernel

Blame view

include/linux/netfilter_bridge.h 2.14 KB
edit raw normal view history
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
1
2
3
4
5
 
  #ifndef __LINUX_BRIDGE_NETFILTER_H
  #define __LINUX_BRIDGE_NETFILTER_H
  
  /* bridge-specific defines for netfilter. 
   */
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
6
 
  #include <linux/netfilter.h>
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
7
 
  #include <linux/if_ether.h>
9bcfcaf5e   Stephen Hemminger   [NETFILTER] bridg... 
8
 
  #include <linux/if_vlan.h>
516299d2f   Michael Milner   [NETFILTER]: brid... 
9
 
  #include <linux/if_pppox.h>
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
  
  /* Bridge Hooks */
  /* After promisc drops, checksum checks. */
  #define NF_BR_PRE_ROUTING	0
  /* If the packet is destined for this box. */
  #define NF_BR_LOCAL_IN		1
  /* If the packet is destined for another interface. */
  #define NF_BR_FORWARD		2
  /* Packets coming from a local process. */
  #define NF_BR_LOCAL_OUT		3
  /* Packets about to hit the wire. */
  #define NF_BR_POST_ROUTING	4
  /* Not really a hook, but used for the ebtables broute table */
  #define NF_BR_BROUTING		5
  #define NF_BR_NUMHOOKS		6
  
  #ifdef __KERNEL__
  
  enum nf_br_hook_priorities {
  	NF_BR_PRI_FIRST = INT_MIN,
  	NF_BR_PRI_NAT_DST_BRIDGED = -300,
  	NF_BR_PRI_FILTER_BRIDGED = -200,
  	NF_BR_PRI_BRNF = 0,
  	NF_BR_PRI_NAT_DST_OTHER = 100,
  	NF_BR_PRI_FILTER_OTHER = 200,
  	NF_BR_PRI_NAT_SRC = 300,
  	NF_BR_PRI_LAST = INT_MAX,
  };
  
  #ifdef CONFIG_BRIDGE_NETFILTER
  
  #define BRNF_PKT_TYPE			0x01
  #define BRNF_BRIDGED_DNAT		0x02
  #define BRNF_DONT_TAKE_PARENT		0x04
  #define BRNF_BRIDGED			0x08
  #define BRNF_NF_BRIDGE_PREROUTING	0x10
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
46
47
 
  
  /* Only used in br_forward.c */
07317621d   Stephen Hemminger   [NETFILTER] bridg... 
48
49
 
  extern int nf_bridge_copy_header(struct sk_buff *skb);
  static inline int nf_bridge_maybe_copy_header(struct sk_buff *skb)
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
50
 
  {
07317621d   Stephen Hemminger   [NETFILTER] bridg... 
51
52
53
 
  	if (skb->nf_bridge)
  		return nf_bridge_copy_header(skb);
    	return 0;
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
54
 
  }
fc38582db   Patrick McHardy   [NETFILTER]: brid... 
55
56
57
58
59
60
61
62
63
64
65
 
  static inline unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb)
  {
  	switch (skb->protocol) {
  	case __constant_htons(ETH_P_8021Q):
  		return VLAN_HLEN;
  	case __constant_htons(ETH_P_PPP_SES):
  		return PPPOE_SES_HLEN;
  	default:
  		return 0;
  	}
  }
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
66
67
 
  /* This is called by the IP fragmenting code and it ensures there is
   * enough room for the encapsulating header (if there is one). */
fc38582db   Patrick McHardy   [NETFILTER]: brid... 
68
 
  static inline unsigned int nf_bridge_pad(const struct sk_buff *skb)
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
69
 
  {
fc38582db   Patrick McHardy   [NETFILTER]: brid... 
70
71
72
 
  	if (skb->nf_bridge)
  		return nf_bridge_encap_header_len(skb);
  	return 0;
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
73
74
75
76
 
  }
  
  struct bridge_skb_cb {
  	union {
47c183fa5   Al Viro   [BRIDGE]: Annotat... 
77
 
  		__be32 ipv4;
1da177e4c   Linus Torvalds   Linux-2.6.12-rc2 
78
79
 
  	} daddr;
  };
10ea6ac89   Patrick McHardy   [NETFILTER]: brid... 
80
 








07317621d
 
 Stephen Hemminger
 
[NETFILTER] bridg...




81
82




  #else
  #define nf_bridge_maybe_copy_header(skb)	(0)









9bcfcaf5e
 
 Stephen Hemminger
 
[NETFILTER] bridg...




83




  #define nf_bridge_pad(skb)			(0)









1da177e4c
 
 Linus Torvalds
 
Linux-2.6.12-rc2




84
85
86
87




  #endif /* CONFIG_BRIDGE_NETFILTER */
  
  #endif /* __KERNEL__ */
  #endif