[people/arne_f/kernel.git] / include / net / netfilter / br_netfilter.h

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef _BR_NETFILTER_H_
#define _BR_NETFILTER_H_

#include "../../../net/bridge/br_private.h"

static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
{
	skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC);

	if (likely(skb->nf_bridge))
		refcount_set(&(skb->nf_bridge->use), 1);

	return skb->nf_bridge;
}

void nf_bridge_update_protocol(struct sk_buff *skb);

int br_nf_hook_thresh(unsigned int hook, struct net *net, struct sock *sk,
		      struct sk_buff *skb, struct net_device *indev,
		      struct net_device *outdev,
		      int (*okfn)(struct net *, struct sock *,
				  struct sk_buff *));

static inline struct nf_bridge_info *
nf_bridge_info_get(const struct sk_buff *skb)
{
	return skb->nf_bridge;
}

unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb);

static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
{
	unsigned int len = nf_bridge_encap_header_len(skb);

	skb_push(skb, len);
	skb->network_header -= len;
}

int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb);

static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
{
	struct net_bridge_port *port;

	port = br_port_get_rcu(dev);
	return port ? &port->br->fake_rtable : NULL;
}

struct net_device *setup_pre_routing(struct sk_buff *skb);
void br_netfilter_enable(void);

#if IS_ENABLED(CONFIG_IPV6)
int br_validate_ipv6(struct net *net, struct sk_buff *skb);
unsigned int br_nf_pre_routing_ipv6(void *priv,
				    struct sk_buff *skb,
				    const struct nf_hook_state *state);
#else
static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb)
{
	return -1;
}

static inline unsigned int
br_nf_pre_routing_ipv6(const struct nf_hook_ops *ops, struct sk_buff *skb,
		       const struct nf_hook_state *state)
{
	return NF_ACCEPT;
}
#endif

#endif /* _BR_NETFILTER_H_ */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
4b7fd5d9 PNA	2	#ifndef _BR_NETFILTER_H_
	3	#define _BR_NETFILTER_H_
	4
230ac490 PNA	5	#include "../../../net/bridge/br_private.h"
	6
	7	static inline struct nf_bridge_info nf_bridge_alloc(struct sk_buff skb)
	8	{
	9	skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC);
	10
	11	if (likely(skb->nf_bridge))
53869ceb	12	refcount_set(&(skb->nf_bridge->use), 1);
230ac490 PNA	13
	14	return skb->nf_bridge;
	15	}
	16
	17	void nf_bridge_update_protocol(struct sk_buff *skb);
	18
c5136b15 FW	19	int br_nf_hook_thresh(unsigned int hook, struct net net, struct sock sk,
	20	struct sk_buff skb, struct net_device indev,
	21	struct net_device *outdev,
	22	int (okfn)(struct net , struct sock *,
	23	struct sk_buff *));
	24
230ac490 PNA	25	static inline struct nf_bridge_info *
	26	nf_bridge_info_get(const struct sk_buff *skb)
	27	{
	28	return skb->nf_bridge;
	29	}
	30
	31	unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb);
	32
	33	static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
	34	{
	35	unsigned int len = nf_bridge_encap_header_len(skb);
	36
	37	skb_push(skb, len);
	38	skb->network_header -= len;
	39	}
	40
0c4b51f0	41	int br_nf_pre_routing_finish_bridge(struct net net, struct sock sk, struct sk_buff *skb);
230ac490 PNA	42
	43	static inline struct rtable bridge_parent_rtable(const struct net_device dev)
	44	{
	45	struct net_bridge_port *port;
	46
	47	port = br_port_get_rcu(dev);
	48	return port ? &port->br->fake_rtable : NULL;
	49	}
	50
	51	struct net_device setup_pre_routing(struct sk_buff skb);
4b7fd5d9 PNA	52	void br_netfilter_enable(void);
4b7fd5d9 PNA	53
230ac490	54	#if IS_ENABLED(CONFIG_IPV6)
c1444c63	55	int br_validate_ipv6(struct net net, struct sk_buff skb);
06198b34	56	unsigned int br_nf_pre_routing_ipv6(void *priv,
230ac490 PNA	57	struct sk_buff *skb,
	58	const struct nf_hook_state *state);
	59	#else
c1444c63	60	static inline int br_validate_ipv6(struct net net, struct sk_buff skb)
230ac490 PNA	61	{
	62	return -1;
	63	}
	64
	65	static inline unsigned int
	66	br_nf_pre_routing_ipv6(const struct nf_hook_ops ops, struct sk_buff skb,
	67	const struct nf_hook_state *state)
	68	{
18e1db67	69	return NF_ACCEPT;
230ac490 PNA	70	}
	71	#endif
	72
4b7fd5d9	73	#endif /* _BR_NETFILTER_H_ */