diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/net/netfilter/nf_conntrack.h | 5 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_expect.h | 13 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_helper.h | 5 |
3 files changed, 18 insertions, 5 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index 90b3e7f5df5..92287713359 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -75,6 +75,9 @@ do { \ struct nf_conntrack_helper; +/* Must be kept in sync with the classes defined by helpers */ +#define NF_CT_MAX_EXPECT_CLASSES 1 + /* nf_conn feature for connections that have a helper */ struct nf_conn_help { /* Helper. if any */ @@ -85,7 +88,7 @@ struct nf_conn_help { struct hlist_head expectations; /* Current number of expected connections */ - unsigned int expecting; + u8 expecting[NF_CT_MAX_EXPECT_CLASSES]; }; diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h index 47c28dd0789..dfdf4b45947 100644 --- a/include/net/netfilter/nf_conntrack_expect.h +++ b/include/net/netfilter/nf_conntrack_expect.h @@ -41,6 +41,9 @@ struct nf_conntrack_expect /* Flags */ unsigned int flags; + /* Expectation class */ + unsigned int class; + #ifdef CONFIG_NF_NAT_NEEDED __be32 saved_ip; /* This is the original per-proto part, used to map the @@ -53,6 +56,14 @@ struct nf_conntrack_expect struct rcu_head rcu; }; +struct nf_conntrack_expect_policy +{ + unsigned int max_expected; + unsigned int timeout; +}; + +#define NF_CT_EXPECT_CLASS_DEFAULT 0 + #define NF_CT_EXPECT_PERMANENT 0x1 #define NF_CT_EXPECT_INACTIVE 0x2 @@ -75,7 +86,7 @@ void nf_ct_unexpect_related(struct nf_conntrack_expect *exp); /* Allocate space for an expectation: this is mandatory before calling nf_ct_expect_related. You will have to call put afterwards. */ struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me); -void nf_ct_expect_init(struct nf_conntrack_expect *, int, +void nf_ct_expect_init(struct nf_conntrack_expect *, unsigned int, int, const union nf_inet_addr *, const union nf_inet_addr *, u_int8_t, const __be16 *, const __be16 *); diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index 4ca125e9b3c..f8060ab5a08 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h @@ -20,9 +20,7 @@ struct nf_conntrack_helper const char *name; /* name of the module */ struct module *me; /* pointer to self */ - unsigned int max_expected; /* Maximum number of concurrent - * expected connections */ - unsigned int timeout; /* timeout for expecteds */ + const struct nf_conntrack_expect_policy *expect_policy; /* Tuple of things we will help (compared against server response) */ struct nf_conntrack_tuple tuple; @@ -37,6 +35,7 @@ struct nf_conntrack_helper void (*destroy)(struct nf_conn *ct); int (*to_nlattr)(struct sk_buff *skb, const struct nf_conn *ct); + unsigned int expect_class_max; }; extern struct nf_conntrack_helper * |