1  /* SPDX-License-Identifier: GPL-2.0 */
2  #ifndef __NETNS_CONNTRACK_H
3  #define __NETNS_CONNTRACK_H
4  
5  #include <linux/list.h>
6  #include <linux/list_nulls.h>
7  #include <linux/atomic.h>
8  #include <linux/workqueue.h>
9  #include <linux/netfilter/nf_conntrack_tcp.h>
10  #ifdef CONFIG_NF_CT_PROTO_DCCP
11  #include <linux/netfilter/nf_conntrack_dccp.h>
12  #endif
13  #ifdef CONFIG_NF_CT_PROTO_SCTP
14  #include <linux/netfilter/nf_conntrack_sctp.h>
15  #endif
16  #include <linux/seqlock.h>
17  
18  struct ctl_table_header;
19  struct nf_conntrack_ecache;
20  
21  struct nf_generic_net {
22  	unsigned int timeout;
23  };
24  
25  struct nf_tcp_net {
26  	unsigned int timeouts[TCP_CONNTRACK_TIMEOUT_MAX];
27  	u8 tcp_loose;
28  	u8 tcp_be_liberal;
29  	u8 tcp_max_retrans;
30  	u8 tcp_ignore_invalid_rst;
31  #if IS_ENABLED(CONFIG_NF_FLOW_TABLE)
32  	unsigned int offload_timeout;
33  #endif
34  };
35  
36  enum udp_conntrack {
37  	UDP_CT_UNREPLIED,
38  	UDP_CT_REPLIED,
39  	UDP_CT_MAX
40  };
41  
42  struct nf_udp_net {
43  	unsigned int timeouts[UDP_CT_MAX];
44  #if IS_ENABLED(CONFIG_NF_FLOW_TABLE)
45  	unsigned int offload_timeout;
46  #endif
47  };
48  
49  struct nf_icmp_net {
50  	unsigned int timeout;
51  };
52  
53  #ifdef CONFIG_NF_CT_PROTO_DCCP
54  struct nf_dccp_net {
55  	u8 dccp_loose;
56  	unsigned int dccp_timeout[CT_DCCP_MAX + 1];
57  };
58  #endif
59  
60  #ifdef CONFIG_NF_CT_PROTO_SCTP
61  struct nf_sctp_net {
62  	unsigned int timeouts[SCTP_CONNTRACK_MAX];
63  };
64  #endif
65  
66  #ifdef CONFIG_NF_CT_PROTO_GRE
67  enum gre_conntrack {
68  	GRE_CT_UNREPLIED,
69  	GRE_CT_REPLIED,
70  	GRE_CT_MAX
71  };
72  
73  struct nf_gre_net {
74  	struct list_head	keymap_list;
75  	unsigned int		timeouts[GRE_CT_MAX];
76  };
77  #endif
78  
79  struct nf_ip_net {
80  	struct nf_generic_net   generic;
81  	struct nf_tcp_net	tcp;
82  	struct nf_udp_net	udp;
83  	struct nf_icmp_net	icmp;
84  	struct nf_icmp_net	icmpv6;
85  #ifdef CONFIG_NF_CT_PROTO_DCCP
86  	struct nf_dccp_net	dccp;
87  #endif
88  #ifdef CONFIG_NF_CT_PROTO_SCTP
89  	struct nf_sctp_net	sctp;
90  #endif
91  #ifdef CONFIG_NF_CT_PROTO_GRE
92  	struct nf_gre_net	gre;
93  #endif
94  };
95  
96  struct netns_ct {
97  #ifdef CONFIG_NF_CONNTRACK_EVENTS
98  	bool ecache_dwork_pending;
99  #endif
100  	u8			sysctl_log_invalid; /* Log invalid packets */
101  	u8			sysctl_events;
102  	u8			sysctl_acct;
103  	u8			sysctl_tstamp;
104  	u8			sysctl_checksum;
105  
106  	struct ip_conntrack_stat __percpu *stat;
107  	struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb;
108  	struct nf_ip_net	nf_ct_proto;
109  #if defined(CONFIG_NF_CONNTRACK_LABELS)
110  	atomic_t		labels_used;
111  #endif
112  };
113  #endif
114