include/net/netfilter/br_netfilter.h

   1 #ifndef _BR_NETFILTER_H_
   2 #define _BR_NETFILTER_H_
   3
   4 #include "../../../net/bridge/br_private.h"
   5
   6 static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
   7 {
   8         skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC);
   9
  10         if (likely(skb->nf_bridge))
  11                 atomic_set(&(skb->nf_bridge->use), 1);
  12
  13         return skb->nf_bridge;
  14 }
  15
  16 void nf_bridge_update_protocol(struct sk_buff *skb);
  17
  18 int br_nf_hook_thresh(unsigned int hook, struct net *net, struct sock *sk,
  19                       struct sk_buff *skb, struct net_device *indev,
  20                       struct net_device *outdev,
  21                       int (*okfn)(struct net *, struct sock *,
  22                                   struct sk_buff *));
  23
  24 static inline struct nf_bridge_info *
  25 nf_bridge_info_get(const struct sk_buff *skb)
  26 {
  27         return skb->nf_bridge;
  28 }
  29
  30 unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb);
  31
  32 static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
  33 {
  34         unsigned int len = nf_bridge_encap_header_len(skb);
  35
  36         skb_push(skb, len);
  37         skb->network_header -= len;
  38 }
  39
  40 int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb);
  41
  42 static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
  43 {
  44         struct net_bridge_port *port;
  45
  46         port = br_port_get_rcu(dev);
  47         return port ? &port->br->fake_rtable : NULL;
  48 }
  49
  50 struct net_device *setup_pre_routing(struct sk_buff *skb);
  51
  52 #if IS_ENABLED(CONFIG_IPV6)
  53 int br_validate_ipv6(struct net *net, struct sk_buff *skb);
  54 unsigned int br_nf_pre_routing_ipv6(void *priv,
  55                                     struct sk_buff *skb,
  56                                     const struct nf_hook_state *state);
  57 #else
  58 static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb)
  59 {
  60         return -1;
  61 }
  62
  63 static inline unsigned int
  64 br_nf_pre_routing_ipv6(const struct nf_hook_ops *ops, struct sk_buff *skb,
  65                        const struct nf_hook_state *state)
  66 {
  67         return NF_ACCEPT;
  68 }
  69 #endif
  70
  71 #endif /* _BR_NETFILTER_H_ */