Commit e2f1cbb1 authored by Jeremy Sowden's avatar Jeremy Sowden Committed by Pablo Neira Ayuso
Browse files

netfilter: synproxy: move code between headers. 



There is some non-conntrack code in the nf_conntrack_synproxy.h header.
Move it to the nf_synproxy.h header.

Signed-off-by: default avatarJeremy Sowden <jeremy@azazel.net>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 44dde236

include/net/netfilter/nf_conntrack_synproxy.h

+0 −39
Original line number Diff line number Diff line
@@ -43,43 +43,4 @@ static inline bool nf_ct_add_synproxy(struct nf_conn *ct, 
	return true;

}



struct synproxy_stats {

	unsigned int			syn_received;

	unsigned int			cookie_invalid;

	unsigned int			cookie_valid;

	unsigned int			cookie_retrans;

	unsigned int			conn_reopened;

};



struct synproxy_net {

	struct nf_conn			*tmpl;

	struct synproxy_stats __percpu	*stats;

	unsigned int			hook_ref4;

	unsigned int			hook_ref6;

};



extern unsigned int synproxy_net_id;

static inline struct synproxy_net *synproxy_pernet(struct net *net)

{

	return net_generic(net, synproxy_net_id);

}



struct synproxy_options {

	u8				options;

	u8				wscale;

	u16				mss_option;

	u16				mss_encode;

	u32				tsval;

	u32				tsecr;

};



struct tcphdr;

struct nf_synproxy_info;

bool synproxy_parse_options(const struct sk_buff *skb, unsigned int doff,

			    const struct tcphdr *th,

			    struct synproxy_options *opts);



void synproxy_init_timestamp_cookie(const struct nf_synproxy_info *info,

				    struct synproxy_options *opts);



#endif /* _NF_CONNTRACK_SYNPROXY_H */

include/net/netfilter/nf_synproxy.h

+38 −0
Original line number Diff line number Diff line
@@ -11,6 +11,44 @@ 
#include <net/netfilter/nf_conntrack_seqadj.h>

#include <net/netfilter/nf_conntrack_synproxy.h>



struct synproxy_stats {

	unsigned int			syn_received;

	unsigned int			cookie_invalid;

	unsigned int			cookie_valid;

	unsigned int			cookie_retrans;

	unsigned int			conn_reopened;

};



struct synproxy_net {

	struct nf_conn			*tmpl;

	struct synproxy_stats __percpu	*stats;

	unsigned int			hook_ref4;

	unsigned int			hook_ref6;

};



extern unsigned int synproxy_net_id;

static inline struct synproxy_net *synproxy_pernet(struct net *net)

{

	return net_generic(net, synproxy_net_id);

}



struct synproxy_options {

	u8				options;

	u8				wscale;

	u16				mss_option;

	u16				mss_encode;

	u32				tsval;

	u32				tsecr;

};



struct nf_synproxy_info;

bool synproxy_parse_options(const struct sk_buff *skb, unsigned int doff,

			    const struct tcphdr *th,

			    struct synproxy_options *opts);



void synproxy_init_timestamp_cookie(const struct nf_synproxy_info *info,

				    struct synproxy_options *opts);



void synproxy_send_client_synack(struct net *net, const struct sk_buff *skb,

				 const struct tcphdr *th,

				 const struct synproxy_options *opts);

CRA Git | Maintained and supported by SUSTech CRA and CCSE