[net-next-2.6.git] / include / net / netfilter / nf_nat.h

#ifndef _NF_NAT_H
#define _NF_NAT_H
#include <linux/netfilter_ipv4.h>
#include <net/netfilter/nf_conntrack_tuple.h>

#define NF_NAT_MAPPING_TYPE_MAX_NAMELEN 16

enum nf_nat_manip_type
{
	IP_NAT_MANIP_SRC,
	IP_NAT_MANIP_DST
};

/* SRC manip occurs POST_ROUTING or LOCAL_IN */
#define HOOK2MANIP(hooknum) ((hooknum) != NF_IP_POST_ROUTING && (hooknum) != NF_IP_LOCAL_IN)

#define IP_NAT_RANGE_MAP_IPS 1
#define IP_NAT_RANGE_PROTO_SPECIFIED 2

/* NAT sequence number modifications */
struct nf_nat_seq {
	/* position of the last TCP sequence number modification (if any) */
	u_int32_t correction_pos;

	/* sequence number offset before and after last modification */
	int16_t offset_before, offset_after;
};

/* Single range specification. */
struct nf_nat_range
{
	/* Set to OR of flags above. */
	unsigned int flags;

	/* Inclusive: network order. */
	__be32 min_ip, max_ip;

	/* Inclusive: network order */
	union nf_conntrack_man_proto min, max;
};

/* For backwards compat: don't use in modern code. */
struct nf_nat_multi_range_compat
{
	unsigned int rangesize; /* Must be 1. */

	/* hangs off end. */
	struct nf_nat_range range[1];
};

#ifdef __KERNEL__
#include <linux/list.h>

/* The structure embedded in the conntrack structure. */
struct nf_nat_info
{
	struct list_head bysource;
	struct nf_nat_seq seq[IP_CT_DIR_MAX];
};

struct nf_conn;

/* Set up the info structure to map into this range. */
extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
				      const struct nf_nat_range *range,
				      unsigned int hooknum);

/* Is this tuple already taken? (not by us)*/
extern int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
			     const struct nf_conn *ignored_conntrack);

extern int nf_nat_module_is_loaded;

#else  /* !__KERNEL__: iptables wants this to compile. */
#define nf_nat_multi_range nf_nat_multi_range_compat
#endif /*__KERNEL__*/
#endif
Commit	Line	Data
5b1158e9 JK	1	#ifndef _NF_NAT_H
	2	#define _NF_NAT_H
	3	#include <linux/netfilter_ipv4.h>
	4	#include <net/netfilter/nf_conntrack_tuple.h>
	5
	6	#define NF_NAT_MAPPING_TYPE_MAX_NAMELEN 16
	7
	8	enum nf_nat_manip_type
	9	{
	10	IP_NAT_MANIP_SRC,
	11	IP_NAT_MANIP_DST
	12	};
	13
	14	/* SRC manip occurs POST_ROUTING or LOCAL_IN */
	15	#define HOOK2MANIP(hooknum) ((hooknum) != NF_IP_POST_ROUTING && (hooknum) != NF_IP_LOCAL_IN)
	16
	17	#define IP_NAT_RANGE_MAP_IPS 1
	18	#define IP_NAT_RANGE_PROTO_SPECIFIED 2
	19
	20	/* NAT sequence number modifications */
	21	struct nf_nat_seq {
	22	/* position of the last TCP sequence number modification (if any) */
	23	u_int32_t correction_pos;
	24
	25	/* sequence number offset before and after last modification */
	26	int16_t offset_before, offset_after;
	27	};
	28
	29	/* Single range specification. */
	30	struct nf_nat_range
	31	{
	32	/* Set to OR of flags above. */
	33	unsigned int flags;
	34
	35	/* Inclusive: network order. */
	36	__be32 min_ip, max_ip;
	37
	38	/* Inclusive: network order */
	39	union nf_conntrack_man_proto min, max;
	40	};
	41
	42	/* For backwards compat: don't use in modern code. */
	43	struct nf_nat_multi_range_compat
	44	{
	45	unsigned int rangesize; /* Must be 1. */
	46
	47	/* hangs off end. */
	48	struct nf_nat_range range[1];
	49	};
	50
	51	#ifdef __KERNEL__
	52	#include <linux/list.h>
	53
	54	/* The structure embedded in the conntrack structure. */
	55	struct nf_nat_info
	56	{
	57	struct list_head bysource;
	58	struct nf_nat_seq seq[IP_CT_DIR_MAX];
	59	};
	60
	61	struct nf_conn;
	62
	63	/* Set up the info structure to map into this range. */
	64	extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
65	const struct nf_nat_range *range,
66	unsigned int hooknum);
67
68	/* Is this tuple already taken? (not by us)*/
69	extern int nf_nat_used_tuple(const struct nf_conntrack_tuple *tuple,
70	const struct nf_conn *ignored_conntrack);
71
72	extern int nf_nat_module_is_loaded;
73
74	#else /* !__KERNEL__: iptables wants this to compile. */
75	#define nf_nat_multi_range nf_nat_multi_range_compat
76	#endif /__KERNEL__/
77	#endif