nf_conntrack_standalone.c | Explore in Territory

// SPDX-License-Identifier: GPL-2.0
#include <linux/types.h>
#include <linux/netfilter.h>
#include <linux/slab.h>
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/percpu.h>
#include <linux/netdevice.h>
#include <linux/security.h>
#include <net/net_namespace.h>
#ifdef CONFIG_SYSCTL
#include <linux/sysctl.h>
#endif

#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_core.h>
#include <net/netfilter/nf_conntrack_l4proto.h>
#include <net/netfilter/nf_conntrack_expect.h>
#include <net/netfilter/nf_conntrack_helper.h>
#include <net/netfilter/nf_conntrack_acct.h>
#include <net/netfilter/nf_conntrack_zones.h>
#include <net/netfilter/nf_conntrack_timestamp.h>
#include <linux/rculist_nulls.h>

static bool enable_hooks __read_mostly;
MODULE_PARM_DESC(…) …;
module_param(enable_hooks, bool, 0000);

unsigned int nf_conntrack_net_id __read_mostly;

#ifdef CONFIG_NF_CONNTRACK_PROCFS
void
print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
            const struct nf_conntrack_l4proto *l4proto)
{ … }
EXPORT_SYMBOL_GPL(…);

struct ct_iter_state { … };

static struct hlist_nulls_node *ct_get_first(struct seq_file *seq)
{ … }

static struct hlist_nulls_node *ct_get_next(struct seq_file *seq,
				      struct hlist_nulls_node *head)
{ … }

static struct hlist_nulls_node *ct_get_idx(struct seq_file *seq, loff_t pos)
{ … }

static void *ct_seq_start(struct seq_file *seq, loff_t *pos)
	__acquires(RCU)
{ … }

static void *ct_seq_next(struct seq_file *s, void *v, loff_t *pos)
{ … }

static void ct_seq_stop(struct seq_file *s, void *v)
	__releases(RCU)
{ … }

#ifdef CONFIG_NF_CONNTRACK_SECMARK
static void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct)
{ … }
#else
static inline void ct_show_secctx(struct seq_file *s, const struct nf_conn *ct)
{
}
#endif

#ifdef CONFIG_NF_CONNTRACK_ZONES
static void ct_show_zone(struct seq_file *s, const struct nf_conn *ct,
			 int dir)
{ … }
#else
static inline void ct_show_zone(struct seq_file *s, const struct nf_conn *ct,
				int dir)
{
}
#endif

#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP
static void ct_show_delta_time(struct seq_file *s, const struct nf_conn *ct)
{ … }
#else
static inline void
ct_show_delta_time(struct seq_file *s, const struct nf_conn *ct)
{
}
#endif

static const char* l3proto_name(u16 proto)
{ … }

static const char* l4proto_name(u16 proto)
{ … }

static void
seq_print_acct(struct seq_file *s, const struct nf_conn *ct, int dir)
{ … }

/* return 0 on success, 1 in case of error */
static int ct_seq_show(struct seq_file *s, void *v)
{ … }

static const struct seq_operations ct_seq_ops = …;

static void *ct_cpu_seq_start(struct seq_file *seq, loff_t *pos)
{ … }

static void *ct_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
{ … }

static void ct_cpu_seq_stop(struct seq_file *seq, void *v)
{ … }

static int ct_cpu_seq_show(struct seq_file *seq, void *v)
{ … }

static const struct seq_operations ct_cpu_seq_ops = …;

static int nf_conntrack_standalone_init_proc(struct net *net)
{ … }

static void nf_conntrack_standalone_fini_proc(struct net *net)
{ … }
#else
static int nf_conntrack_standalone_init_proc(struct net *net)
{
	return 0;
}

static void nf_conntrack_standalone_fini_proc(struct net *net)
{
}
#endif /* CONFIG_NF_CONNTRACK_PROCFS */

u32 nf_conntrack_count(const struct net *net)
{ … }
EXPORT_SYMBOL_GPL(…);

/* Sysctl support */

#ifdef CONFIG_SYSCTL
/* size the user *wants to set */
static unsigned int nf_conntrack_htable_size_user __read_mostly;

static int
nf_conntrack_hash_sysctl(const struct ctl_table *table, int write,
			 void *buffer, size_t *lenp, loff_t *ppos)
{ … }

static struct ctl_table_header *nf_ct_netfilter_header;

enum nf_ct_sysctl_index { … };

static struct ctl_table nf_ct_sysctl_table[] = …;

static struct ctl_table nf_ct_netfilter_table[] = …;

static void nf_conntrack_standalone_init_tcp_sysctl(struct net *net,
						    struct ctl_table *table)
{ … }

static void nf_conntrack_standalone_init_sctp_sysctl(struct net *net,
						     struct ctl_table *table)
{ … }

static void nf_conntrack_standalone_init_dccp_sysctl(struct net *net,
						     struct ctl_table *table)
{ … }

static void nf_conntrack_standalone_init_gre_sysctl(struct net *net,
						    struct ctl_table *table)
{ … }

static int nf_conntrack_standalone_init_sysctl(struct net *net)
{ … }

static void nf_conntrack_standalone_fini_sysctl(struct net *net)
{ … }
#else
static int nf_conntrack_standalone_init_sysctl(struct net *net)
{
	return 0;
}

static void nf_conntrack_standalone_fini_sysctl(struct net *net)
{
}
#endif /* CONFIG_SYSCTL */

static void nf_conntrack_fini_net(struct net *net)
{ … }

static int nf_conntrack_pernet_init(struct net *net)
{ … }

static void nf_conntrack_pernet_exit(struct list_head *net_exit_list)
{ … }

static struct pernet_operations nf_conntrack_net_ops = …;

static int __init nf_conntrack_standalone_init(void)
{ … }

static void __exit nf_conntrack_standalone_fini(void)
{ … }

module_init(…) …;
module_exit(nf_conntrack_standalone_fini);
linux/net/netfilter/nf_conntrack_standalone.c
