#define pr_fmt(fmt) …
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/init.h>
#include <linux/spinlock.h>
#include <linux/slab.h>
#include <linux/notifier.h>
#include <linux/netdevice.h>
#include <linux/netfilter.h>
#include <linux/proc_fs.h>
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_ipv6.h>
#include <linux/netfilter_bridge.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_queue.h>
#include <linux/netfilter/nf_conntrack_common.h>
#include <linux/list.h>
#include <linux/cgroup-defs.h>
#include <net/gso.h>
#include <net/sock.h>
#include <net/tcp_states.h>
#include <net/netfilter/nf_queue.h>
#include <net/netns/generic.h>
#include <linux/atomic.h>
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
#include "../bridge/br_private.h"
#endif
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
#include <net/netfilter/nf_conntrack.h>
#endif
#define NFQNL_QMAX_DEFAULT …
#define NFQNL_MAX_COPY_RANGE …
struct nfqnl_instance { … };
nfqnl_cmpfn;
static unsigned int nfnl_queue_net_id __read_mostly;
#define INSTANCE_BUCKETS …
struct nfnl_queue_net { … };
static struct nfnl_queue_net *nfnl_queue_pernet(struct net *net)
{ … }
static inline u_int8_t instance_hashfn(u_int16_t queue_num)
{ … }
static struct nfqnl_instance *
instance_lookup(struct nfnl_queue_net *q, u_int16_t queue_num)
{ … }
static struct nfqnl_instance *
instance_create(struct nfnl_queue_net *q, u_int16_t queue_num, u32 portid)
{ … }
static void nfqnl_flush(struct nfqnl_instance *queue, nfqnl_cmpfn cmpfn,
unsigned long data);
static void
instance_destroy_rcu(struct rcu_head *head)
{ … }
static void
__instance_destroy(struct nfqnl_instance *inst)
{ … }
static void
instance_destroy(struct nfnl_queue_net *q, struct nfqnl_instance *inst)
{ … }
static inline void
__enqueue_entry(struct nfqnl_instance *queue, struct nf_queue_entry *entry)
{ … }
static void
__dequeue_entry(struct nfqnl_instance *queue, struct nf_queue_entry *entry)
{ … }
static struct nf_queue_entry *
find_dequeue_entry(struct nfqnl_instance *queue, unsigned int id)
{ … }
static unsigned int nf_iterate(struct sk_buff *skb,
struct nf_hook_state *state,
const struct nf_hook_entries *hooks,
unsigned int *index)
{ … }
static struct nf_hook_entries *nf_hook_entries_head(const struct net *net, u8 pf, u8 hooknum)
{ … }
static int nf_ip_reroute(struct sk_buff *skb, const struct nf_queue_entry *entry)
{ … }
static int nf_reroute(struct sk_buff *skb, struct nf_queue_entry *entry)
{ … }
static void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
{ … }
static void nfqnl_reinject(struct nf_queue_entry *entry, unsigned int verdict)
{ … }
static void
nfqnl_flush(struct nfqnl_instance *queue, nfqnl_cmpfn cmpfn, unsigned long data)
{ … }
static int
nfqnl_put_packet_info(struct sk_buff *nlskb, struct sk_buff *packet,
bool csum_verify)
{ … }
static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk)
{ … }
static int nfqnl_put_sk_classid(struct sk_buff *skb, struct sock *sk)
{ … }
static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata)
{ … }
static u32 nfqnl_get_bridge_size(struct nf_queue_entry *entry)
{ … }
static int nfqnl_put_bridge(struct nf_queue_entry *entry, struct sk_buff *skb)
{ … }
static int nf_queue_checksum_help(struct sk_buff *entskb)
{ … }
static struct sk_buff *
nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
struct nf_queue_entry *entry,
__be32 **packet_id_ptr)
{ … }
static bool nf_ct_drop_unconfirmed(const struct nf_queue_entry *entry)
{ … }
static int
__nfqnl_enqueue_packet(struct net *net, struct nfqnl_instance *queue,
struct nf_queue_entry *entry)
{ … }
static struct nf_queue_entry *
nf_queue_entry_dup(struct nf_queue_entry *e)
{ … }
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
static void nf_bridge_adjust_skb_data(struct sk_buff *skb)
{ … }
static void nf_bridge_adjust_segmented_data(struct sk_buff *skb)
{ … }
#else
#define nf_bridge_adjust_skb_data …
#define nf_bridge_adjust_segmented_data …
#endif
static int
__nfqnl_enqueue_packet_gso(struct net *net, struct nfqnl_instance *queue,
struct sk_buff *skb, struct nf_queue_entry *entry)
{ … }
static int
nfqnl_enqueue_packet(struct nf_queue_entry *entry, unsigned int queuenum)
{ … }
static int
nfqnl_mangle(void *data, unsigned int data_len, struct nf_queue_entry *e, int diff)
{ … }
static int
nfqnl_set_mode(struct nfqnl_instance *queue,
unsigned char mode, unsigned int range)
{ … }
static int
dev_cmp(struct nf_queue_entry *entry, unsigned long ifindex)
{ … }
static void
nfqnl_dev_drop(struct net *net, int ifindex)
{ … }
static int
nfqnl_rcv_dev_event(struct notifier_block *this,
unsigned long event, void *ptr)
{ … }
static struct notifier_block nfqnl_dev_notifier = …;
static void nfqnl_nf_hook_drop(struct net *net)
{ … }
static int
nfqnl_rcv_nl_event(struct notifier_block *this,
unsigned long event, void *ptr)
{ … }
static struct notifier_block nfqnl_rtnl_notifier = …;
static const struct nla_policy nfqa_vlan_policy[NFQA_VLAN_MAX + 1] = …;
static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = …;
static const struct nla_policy nfqa_verdict_batch_policy[NFQA_MAX+1] = …;
static struct nfqnl_instance *
verdict_instance_lookup(struct nfnl_queue_net *q, u16 queue_num, u32 nlportid)
{ … }
static struct nfqnl_msg_verdict_hdr*
verdicthdr_get(const struct nlattr * const nfqa[])
{ … }
static int nfq_id_after(unsigned int id, unsigned int max)
{ … }
static int nfqnl_recv_verdict_batch(struct sk_buff *skb,
const struct nfnl_info *info,
const struct nlattr * const nfqa[])
{ … }
static struct nf_conn *nfqnl_ct_parse(const struct nfnl_ct_hook *nfnl_ct,
const struct nlmsghdr *nlh,
const struct nlattr * const nfqa[],
struct nf_queue_entry *entry,
enum ip_conntrack_info *ctinfo)
{ … }
static int nfqa_parse_bridge(struct nf_queue_entry *entry,
const struct nlattr * const nfqa[])
{ … }
static int nfqnl_recv_verdict(struct sk_buff *skb, const struct nfnl_info *info,
const struct nlattr * const nfqa[])
{ … }
static int nfqnl_recv_unsupp(struct sk_buff *skb, const struct nfnl_info *info,
const struct nlattr * const cda[])
{ … }
static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = …;
static const struct nf_queue_handler nfqh = …;
static int nfqnl_recv_config(struct sk_buff *skb, const struct nfnl_info *info,
const struct nlattr * const nfqa[])
{ … }
static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = …;
static const struct nfnetlink_subsystem nfqnl_subsys = …;
#ifdef CONFIG_PROC_FS
struct iter_state { … };
static struct hlist_node *get_first(struct seq_file *seq)
{ … }
static struct hlist_node *get_next(struct seq_file *seq, struct hlist_node *h)
{ … }
static struct hlist_node *get_idx(struct seq_file *seq, loff_t pos)
{ … }
static void *seq_start(struct seq_file *s, loff_t *pos)
__acquires(nfnl_queue_pernet(seq_file_net(s))->instances_lock)
{ … }
static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
{ … }
static void seq_stop(struct seq_file *s, void *v)
__releases(nfnl_queue_pernet(seq_file_net(s))->instances_lock)
{ … }
static int seq_show(struct seq_file *s, void *v)
{ … }
static const struct seq_operations nfqnl_seq_ops = …;
#endif
static int __net_init nfnl_queue_net_init(struct net *net)
{ … }
static void __net_exit nfnl_queue_net_exit(struct net *net)
{ … }
static struct pernet_operations nfnl_queue_net_ops = …;
static int __init nfnetlink_queue_init(void)
{ … }
static void __exit nfnetlink_queue_fini(void)
{ … }
MODULE_DESCRIPTION(…) …;
MODULE_AUTHOR(…) …;
MODULE_LICENSE(…) …;
MODULE_ALIAS_NFNL_SUBSYS(…);
module_init(…) …;
module_exit(nfnetlink_queue_fini);