dd2934a957
l4 protocols are demuxed by l3num, l4num pair. However, almost all l4 trackers are l3 agnostic. Only exceptions are: - gre, icmp (ipv4 only) - icmpv6 (ipv6 only) This commit gets rid of the l3 mapping, l4 trackers can now be looked up by their IPPROTO_XXX value alone, which gets rid of the additional l3 indirection. For icmp, ipcmp6 and gre, add a check on state->pf and return -NF_ACCEPT in case we're asked to track e.g. icmpv6-in-ipv4, this seems more fitting than using the generic tracker. Additionally we can kill the 2nd l4proto definitions that were needed for v4/v6 split -- they are now the same so we can use single l4proto struct for each protocol, rather than two. The EXPORT_SYMBOLs can be removed as all these object files are part of nf_conntrack with no external references. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
27 lines
868 B
C
27 lines
868 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* IPv4 support for nf_conntrack.
|
|
*
|
|
* 23 Mar 2004: Yasuyuki Kozakai @ USAGI <yasuyuki.kozakai@toshiba.co.jp>
|
|
* - move L3 protocol dependent part from include/linux/netfilter_ipv4/
|
|
* ip_conntarck.h
|
|
*/
|
|
|
|
#ifndef _NF_CONNTRACK_IPV4_H
|
|
#define _NF_CONNTRACK_IPV4_H
|
|
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp;
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_udp;
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
|
|
#ifdef CONFIG_NF_CT_PROTO_DCCP
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp;
|
|
#endif
|
|
#ifdef CONFIG_NF_CT_PROTO_SCTP
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp;
|
|
#endif
|
|
#ifdef CONFIG_NF_CT_PROTO_UDPLITE
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite;
|
|
#endif
|
|
|
|
#endif /*_NF_CONNTRACK_IPV4_H*/
|