#include <linux/types.h>
#include <net/ip.h>
#include <net/tcp.h>
#include <net/netlink.h>
#include <net/netfilter/nf_tables.h>
#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_synproxy.h>
#include <net/netfilter/nf_synproxy.h>
#include <linux/netfilter/nf_tables.h>
#include <linux/netfilter/nf_synproxy.h>
struct nft_synproxy { … };
static const struct nla_policy nft_synproxy_policy[NFTA_SYNPROXY_MAX + 1] = …;
static void nft_synproxy_tcp_options(struct synproxy_options *opts,
const struct tcphdr *tcp,
struct synproxy_net *snet,
struct nf_synproxy_info *info,
const struct nft_synproxy *priv)
{ … }
static void nft_synproxy_eval_v4(const struct nft_synproxy *priv,
struct nft_regs *regs,
const struct nft_pktinfo *pkt,
const struct tcphdr *tcp,
struct tcphdr *_tcph,
struct synproxy_options *opts)
{ … }
#if IS_ENABLED(CONFIG_NF_TABLES_IPV6)
static void nft_synproxy_eval_v6(const struct nft_synproxy *priv,
struct nft_regs *regs,
const struct nft_pktinfo *pkt,
const struct tcphdr *tcp,
struct tcphdr *_tcph,
struct synproxy_options *opts)
{ … }
#endif
static void nft_synproxy_do_eval(const struct nft_synproxy *priv,
struct nft_regs *regs,
const struct nft_pktinfo *pkt)
{ … }
static int nft_synproxy_do_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[],
struct nft_synproxy *priv)
{ … }
static void nft_synproxy_do_destroy(const struct nft_ctx *ctx)
{ … }
static int nft_synproxy_do_dump(struct sk_buff *skb, struct nft_synproxy *priv)
{ … }
static void nft_synproxy_eval(const struct nft_expr *expr,
struct nft_regs *regs,
const struct nft_pktinfo *pkt)
{ … }
static int nft_synproxy_validate(const struct nft_ctx *ctx,
const struct nft_expr *expr)
{ … }
static int nft_synproxy_init(const struct nft_ctx *ctx,
const struct nft_expr *expr,
const struct nlattr * const tb[])
{ … }
static void nft_synproxy_destroy(const struct nft_ctx *ctx,
const struct nft_expr *expr)
{ … }
static int nft_synproxy_dump(struct sk_buff *skb,
const struct nft_expr *expr, bool reset)
{ … }
static struct nft_expr_type nft_synproxy_type;
static const struct nft_expr_ops nft_synproxy_ops = …;
static struct nft_expr_type nft_synproxy_type __read_mostly = …;
static int nft_synproxy_obj_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[],
struct nft_object *obj)
{ … }
static void nft_synproxy_obj_destroy(const struct nft_ctx *ctx,
struct nft_object *obj)
{ … }
static int nft_synproxy_obj_dump(struct sk_buff *skb,
struct nft_object *obj, bool reset)
{ … }
static void nft_synproxy_obj_eval(struct nft_object *obj,
struct nft_regs *regs,
const struct nft_pktinfo *pkt)
{ … }
static void nft_synproxy_obj_update(struct nft_object *obj,
struct nft_object *newobj)
{ … }
static struct nft_object_type nft_synproxy_obj_type;
static const struct nft_object_ops nft_synproxy_obj_ops = …;
static struct nft_object_type nft_synproxy_obj_type __read_mostly = …;
static int __init nft_synproxy_module_init(void)
{ … }
static void __exit nft_synproxy_module_exit(void)
{ … }
module_init(…) …;
module_exit(nft_synproxy_module_exit);
MODULE_LICENSE(…) …;
MODULE_AUTHOR(…) …;
MODULE_ALIAS_NFT_EXPR(…) …;
MODULE_ALIAS_NFT_OBJ(…);
MODULE_DESCRIPTION(…) …;