netfilter: conntrack: remove events flags from userspace exposed file
This patch moves the event flags from linux/netfilter/nf_conntrack_common.h to net/netfilter/nf_conntrack_ecache.h. This flags are not of any use from userspace. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso
pablo
@@ -75,75 +75,6 @@ enum ip_conntrack_status {
|
|||||||
IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT),
|
IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT),
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Connection tracking event bits */
|
|
||||||
enum ip_conntrack_events
|
|
||||||
{
|
|
||||||
/* New conntrack */
|
|
||||||
IPCT_NEW_BIT = 0,
|
|
||||||
IPCT_NEW = (1 << IPCT_NEW_BIT),
|
|
||||||
|
|
||||||
/* Expected connection */
|
|
||||||
IPCT_RELATED_BIT = 1,
|
|
||||||
IPCT_RELATED = (1 << IPCT_RELATED_BIT),
|
|
||||||
|
|
||||||
/* Destroyed conntrack */
|
|
||||||
IPCT_DESTROY_BIT = 2,
|
|
||||||
IPCT_DESTROY = (1 << IPCT_DESTROY_BIT),
|
|
||||||
|
|
||||||
/* Timer has been refreshed */
|
|
||||||
IPCT_REFRESH_BIT = 3,
|
|
||||||
IPCT_REFRESH = (1 << IPCT_REFRESH_BIT),
|
|
||||||
|
|
||||||
/* Status has changed */
|
|
||||||
IPCT_STATUS_BIT = 4,
|
|
||||||
IPCT_STATUS = (1 << IPCT_STATUS_BIT),
|
|
||||||
|
|
||||||
/* Update of protocol info */
|
|
||||||
IPCT_PROTOINFO_BIT = 5,
|
|
||||||
IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT),
|
|
||||||
|
|
||||||
/* Volatile protocol info */
|
|
||||||
IPCT_PROTOINFO_VOLATILE_BIT = 6,
|
|
||||||
IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT),
|
|
||||||
|
|
||||||
/* New helper for conntrack */
|
|
||||||
IPCT_HELPER_BIT = 7,
|
|
||||||
IPCT_HELPER = (1 << IPCT_HELPER_BIT),
|
|
||||||
|
|
||||||
/* Update of helper info */
|
|
||||||
IPCT_HELPINFO_BIT = 8,
|
|
||||||
IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT),
|
|
||||||
|
|
||||||
/* Volatile helper info */
|
|
||||||
IPCT_HELPINFO_VOLATILE_BIT = 9,
|
|
||||||
IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT),
|
|
||||||
|
|
||||||
/* NAT info */
|
|
||||||
IPCT_NATINFO_BIT = 10,
|
|
||||||
IPCT_NATINFO = (1 << IPCT_NATINFO_BIT),
|
|
||||||
|
|
||||||
/* Counter highest bit has been set, unused */
|
|
||||||
IPCT_COUNTER_FILLING_BIT = 11,
|
|
||||||
IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT),
|
|
||||||
|
|
||||||
/* Mark is set */
|
|
||||||
IPCT_MARK_BIT = 12,
|
|
||||||
IPCT_MARK = (1 << IPCT_MARK_BIT),
|
|
||||||
|
|
||||||
/* NAT sequence adjustment */
|
|
||||||
IPCT_NATSEQADJ_BIT = 13,
|
|
||||||
IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT),
|
|
||||||
|
|
||||||
/* Secmark is set */
|
|
||||||
IPCT_SECMARK_BIT = 14,
|
|
||||||
IPCT_SECMARK = (1 << IPCT_SECMARK_BIT),
|
|
||||||
};
|
|
||||||
|
|
||||||
enum ip_conntrack_expect_events {
|
|
||||||
IPEXP_NEW_BIT = 0,
|
|
||||||
IPEXP_NEW = (1 << IPEXP_NEW_BIT),
|
|
||||||
};
|
|
||||||
|
|
||||||
#ifdef __KERNEL__
|
#ifdef __KERNEL__
|
||||||
struct ip_conntrack_stat
|
struct ip_conntrack_stat
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -11,6 +11,75 @@
|
|||||||
#include <net/net_namespace.h>
|
#include <net/net_namespace.h>
|
||||||
#include <net/netfilter/nf_conntrack_expect.h>
|
#include <net/netfilter/nf_conntrack_expect.h>
|
||||||
|
|
||||||
|
/* Connection tracking event bits */
|
||||||
|
enum ip_conntrack_events
|
||||||
|
{
|
||||||
|
/* New conntrack */
|
||||||
|
IPCT_NEW_BIT = 0,
|
||||||
|
IPCT_NEW = (1 << IPCT_NEW_BIT),
|
||||||
|
|
||||||
|
/* Expected connection */
|
||||||
|
IPCT_RELATED_BIT = 1,
|
||||||
|
IPCT_RELATED = (1 << IPCT_RELATED_BIT),
|
||||||
|
|
||||||
|
/* Destroyed conntrack */
|
||||||
|
IPCT_DESTROY_BIT = 2,
|
||||||
|
IPCT_DESTROY = (1 << IPCT_DESTROY_BIT),
|
||||||
|
|
||||||
|
/* Timer has been refreshed */
|
||||||
|
IPCT_REFRESH_BIT = 3,
|
||||||
|
IPCT_REFRESH = (1 << IPCT_REFRESH_BIT),
|
||||||
|
|
||||||
|
/* Status has changed */
|
||||||
|
IPCT_STATUS_BIT = 4,
|
||||||
|
IPCT_STATUS = (1 << IPCT_STATUS_BIT),
|
||||||
|
|
||||||
|
/* Update of protocol info */
|
||||||
|
IPCT_PROTOINFO_BIT = 5,
|
||||||
|
IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT),
|
||||||
|
|
||||||
|
/* Volatile protocol info */
|
||||||
|
IPCT_PROTOINFO_VOLATILE_BIT = 6,
|
||||||
|
IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT),
|
||||||
|
|
||||||
|
/* New helper for conntrack */
|
||||||
|
IPCT_HELPER_BIT = 7,
|
||||||
|
IPCT_HELPER = (1 << IPCT_HELPER_BIT),
|
||||||
|
|
||||||
|
/* Update of helper info */
|
||||||
|
IPCT_HELPINFO_BIT = 8,
|
||||||
|
IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT),
|
||||||
|
|
||||||
|
/* Volatile helper info */
|
||||||
|
IPCT_HELPINFO_VOLATILE_BIT = 9,
|
||||||
|
IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT),
|
||||||
|
|
||||||
|
/* NAT info */
|
||||||
|
IPCT_NATINFO_BIT = 10,
|
||||||
|
IPCT_NATINFO = (1 << IPCT_NATINFO_BIT),
|
||||||
|
|
||||||
|
/* Counter highest bit has been set, unused */
|
||||||
|
IPCT_COUNTER_FILLING_BIT = 11,
|
||||||
|
IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT),
|
||||||
|
|
||||||
|
/* Mark is set */
|
||||||
|
IPCT_MARK_BIT = 12,
|
||||||
|
IPCT_MARK = (1 << IPCT_MARK_BIT),
|
||||||
|
|
||||||
|
/* NAT sequence adjustment */
|
||||||
|
IPCT_NATSEQADJ_BIT = 13,
|
||||||
|
IPCT_NATSEQADJ = (1 << IPCT_NATSEQADJ_BIT),
|
||||||
|
|
||||||
|
/* Secmark is set */
|
||||||
|
IPCT_SECMARK_BIT = 14,
|
||||||
|
IPCT_SECMARK = (1 << IPCT_SECMARK_BIT),
|
||||||
|
};
|
||||||
|
|
||||||
|
enum ip_conntrack_expect_events {
|
||||||
|
IPEXP_NEW_BIT = 0,
|
||||||
|
IPEXP_NEW = (1 << IPEXP_NEW_BIT),
|
||||||
|
};
|
||||||
|
|
||||||
#ifdef CONFIG_NF_CONNTRACK_EVENTS
|
#ifdef CONFIG_NF_CONNTRACK_EVENTS
|
||||||
struct nf_conntrack_ecache {
|
struct nf_conntrack_ecache {
|
||||||
struct nf_conn *ct;
|
struct nf_conn *ct;
|
||||||
|
|||||||
Reference in New Issue
Block a user