#ifndef _IP_CONNTRACK_TUPLE_H
#define _IP_CONNTRACK_TUPLE_H
+#include <linux/types.h>
+#include <linux/netfilter/nf_conntrack_tuple_common.h>
+
/* A `tuple' is a structure containing the information to uniquely
identify a connection. ie. if two packets have the same tuple, they
are in the same connection; if not, they are not.
union ip_conntrack_manip_proto
{
/* Add other protocols here. */
- u_int32_t all;
+ u_int16_t all;
struct {
- u_int16_t port;
+ __be16 port;
} tcp;
struct {
- u_int16_t port;
+ __be16 port;
} udp;
struct {
- u_int16_t id;
+ __be16 id;
} icmp;
struct {
- u_int32_t key;
- } gre;
- struct {
- u_int16_t port;
+ __be16 port;
} sctp;
+ struct {
+ __be16 key; /* key is 32bit, pptp only uses 16 */
+ } gre;
};
/* The manipulable part of the tuple. */
struct ip_conntrack_manip
{
- u_int32_t ip;
+ __be32 ip;
union ip_conntrack_manip_proto u;
};
/* These are the parts of the tuple which are fixed. */
struct {
- u_int32_t ip;
+ __be32 ip;
union {
/* Add other protocols here. */
- u_int32_t all;
+ u_int16_t all;
struct {
- u_int16_t port;
+ __be16 port;
} tcp;
struct {
- u_int16_t port;
+ __be16 port;
} udp;
struct {
u_int8_t type, code;
} icmp;
struct {
- u_int32_t key;
- } gre;
- struct {
- u_int16_t port;
+ __be16 port;
} sctp;
+ struct {
+ __be16 key; /* key is 32bit,
+ * pptp only uses 16 */
+ } gre;
} u;
/* The protocol. */
- u_int16_t protonum;
+ u_int8_t protonum;
+
+ /* The direction (for tuplehash) */
+ u_int8_t dir;
} dst;
};
(tuple)->dst.u.all = 0; \
} while (0)
-enum ip_conntrack_dir
-{
- IP_CT_DIR_ORIGINAL,
- IP_CT_DIR_REPLY,
- IP_CT_DIR_MAX
-};
-
#ifdef __KERNEL__
#define DUMP_TUPLE(tp) \
-DEBUGP("tuple %p: %u %u.%u.%u.%u:%u -> %u.%u.%u.%u:%u\n", \
+DEBUGP("tuple %p: %u %u.%u.%u.%u:%hu -> %u.%u.%u.%u:%hu\n", \
(tp), (tp)->dst.protonum, \
- NIPQUAD((tp)->src.ip), ntohl((tp)->src.u.all), \
- NIPQUAD((tp)->dst.ip), ntohl((tp)->dst.u.all))
-
-#define DUMP_TUPLE_RAW(x) \
- DEBUGP("tuple %p: %u %u.%u.%u.%u:0x%08x -> %u.%u.%u.%u:0x%08x\n",\
- (x), (x)->dst.protonum, \
- NIPQUAD((x)->src.ip), ntohl((x)->src.u.all), \
- NIPQUAD((x)->dst.ip), ntohl((x)->dst.u.all))
-
-#define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL)
+ NIPQUAD((tp)->src.ip), ntohs((tp)->src.u.all), \
+ NIPQUAD((tp)->dst.ip), ntohs((tp)->dst.u.all))
/* If we're the first tuple, it's the original dir. */
-#define DIRECTION(h) ((enum ip_conntrack_dir)(&(h)->ctrack->tuplehash[1] == (h)))
+#define DIRECTION(h) ((enum ip_conntrack_dir)(h)->tuple.dst.dir)
/* Connections have two entries in the hash table: one for each way */
struct ip_conntrack_tuple_hash
struct list_head list;
struct ip_conntrack_tuple tuple;
-
- /* this == &ctrack->tuplehash[DIRECTION(this)]. */
- struct ip_conntrack *ctrack;
};
#endif /* __KERNEL__ */