279 lines
9.0 KiB
Diff
279 lines
9.0 KiB
Diff
diff --git a/include/libnetfilter_conntrack/Makefile.am b/include/libnetfilter_conntrack/Makefile.am
|
|
index 9e4a2d1..760fbf6 100644
|
|
--- a/include/libnetfilter_conntrack/Makefile.am
|
|
+++ b/include/libnetfilter_conntrack/Makefile.am
|
|
@@ -1,5 +1,5 @@
|
|
|
|
-pkginclude_HEADERS = libnetfilter_conntrack.h linux_nfnetlink_conntrack.h libnetfilter_conntrack_tcp.h libnetfilter_conntrack_udp.h libnetfilter_conntrack_icmp.h libnetfilter_conntrack_sctp.h libnetfilter_conntrack_ipv4.h libnetfilter_conntrack_ipv6.h
|
|
+pkginclude_HEADERS = libnetfilter_conntrack.h libnetfilter_conntrack_tcp.h libnetfilter_conntrack_udp.h libnetfilter_conntrack_icmp.h libnetfilter_conntrack_sctp.h libnetfilter_conntrack_ipv4.h libnetfilter_conntrack_ipv6.h
|
|
|
|
noinst_HEADERS = libnetfilter_conntrack_extensions.h \
|
|
libnetfilter_conntrack_l3extensions.h
|
|
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
|
|
index 27c3cf0..b51782d 100644
|
|
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
|
|
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
|
|
@@ -9,9 +9,8 @@
|
|
#define _LIBNETFILTER_CONNTRACK_H_
|
|
|
|
#include <netinet/in.h>
|
|
-#include <libnfnetlink/linux_nfnetlink.h>
|
|
#include <libnfnetlink/libnfnetlink.h>
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
+#include <linux/netfilter/nfnetlink_conntrack.h>
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
diff --git a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h b/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h
|
|
deleted file mode 100644
|
|
index 7f0fe96..0000000
|
|
--- a/include/libnetfilter_conntrack/linux_nfnetlink_conntrack.h
|
|
+++ /dev/null
|
|
@@ -1,161 +0,0 @@
|
|
-#ifndef _IPCONNTRACK_NETLINK_H
|
|
-#define _IPCONNTRACK_NETLINK_H
|
|
-#include <libnfnetlink/linux_nfnetlink.h>
|
|
-
|
|
-#ifdef __cplusplus
|
|
-extern "C" {
|
|
-#endif
|
|
-
|
|
-enum cntl_msg_types {
|
|
- IPCTNL_MSG_CT_NEW,
|
|
- IPCTNL_MSG_CT_GET,
|
|
- IPCTNL_MSG_CT_DELETE,
|
|
- IPCTNL_MSG_CT_GET_CTRZERO,
|
|
-
|
|
- IPCTNL_MSG_MAX
|
|
-};
|
|
-
|
|
-enum ctnl_exp_msg_types {
|
|
- IPCTNL_MSG_EXP_NEW,
|
|
- IPCTNL_MSG_EXP_GET,
|
|
- IPCTNL_MSG_EXP_DELETE,
|
|
-
|
|
- IPCTNL_MSG_EXP_MAX
|
|
-};
|
|
-
|
|
-
|
|
-enum ctattr_type {
|
|
- CTA_UNSPEC,
|
|
- CTA_TUPLE_ORIG,
|
|
- CTA_TUPLE_REPLY,
|
|
- CTA_STATUS,
|
|
- CTA_PROTOINFO,
|
|
- CTA_HELP,
|
|
- CTA_NAT_SRC,
|
|
-#define CTA_NAT CTA_NAT_SRC /* backwards compatibility */
|
|
- CTA_TIMEOUT,
|
|
- CTA_MARK,
|
|
- CTA_COUNTERS_ORIG,
|
|
- CTA_COUNTERS_REPLY,
|
|
- CTA_USE,
|
|
- CTA_ID,
|
|
- CTA_NAT_DST,
|
|
- CTA_TUPLE_MASTER,
|
|
- CTA_NAT_SEQ_ADJ_ORIG,
|
|
- CTA_NAT_SEQ_ADJ_REPLY,
|
|
- CTA_SECMARK,
|
|
- __CTA_MAX
|
|
-};
|
|
-#define CTA_MAX (__CTA_MAX - 1)
|
|
-
|
|
-enum ctattr_tuple {
|
|
- CTA_TUPLE_UNSPEC,
|
|
- CTA_TUPLE_IP,
|
|
- CTA_TUPLE_PROTO,
|
|
- __CTA_TUPLE_MAX
|
|
-};
|
|
-#define CTA_TUPLE_MAX (__CTA_TUPLE_MAX - 1)
|
|
-
|
|
-enum ctattr_ip {
|
|
- CTA_IP_UNSPEC,
|
|
- CTA_IP_V4_SRC,
|
|
- CTA_IP_V4_DST,
|
|
- CTA_IP_V6_SRC,
|
|
- CTA_IP_V6_DST,
|
|
- __CTA_IP_MAX
|
|
-};
|
|
-#define CTA_IP_MAX (__CTA_IP_MAX - 1)
|
|
-
|
|
-enum ctattr_l4proto {
|
|
- CTA_PROTO_UNSPEC,
|
|
- CTA_PROTO_NUM,
|
|
- CTA_PROTO_SRC_PORT,
|
|
- CTA_PROTO_DST_PORT,
|
|
- CTA_PROTO_ICMP_ID,
|
|
- CTA_PROTO_ICMP_TYPE,
|
|
- CTA_PROTO_ICMP_CODE,
|
|
- CTA_PROTO_ICMPV6_ID,
|
|
- CTA_PROTO_ICMPV6_TYPE,
|
|
- CTA_PROTO_ICMPV6_CODE,
|
|
- __CTA_PROTO_MAX
|
|
-};
|
|
-#define CTA_PROTO_MAX (__CTA_PROTO_MAX - 1)
|
|
-
|
|
-enum ctattr_protoinfo {
|
|
- CTA_PROTOINFO_UNSPEC,
|
|
- CTA_PROTOINFO_TCP,
|
|
- __CTA_PROTOINFO_MAX
|
|
-};
|
|
-#define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1)
|
|
-
|
|
-enum ctattr_protoinfo_tcp {
|
|
- CTA_PROTOINFO_TCP_UNSPEC,
|
|
- CTA_PROTOINFO_TCP_STATE,
|
|
- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL,
|
|
- CTA_PROTOINFO_TCP_WSCALE_REPLY,
|
|
- CTA_PROTOINFO_TCP_FLAGS_ORIGINAL,
|
|
- CTA_PROTOINFO_TCP_FLAGS_REPLY,
|
|
- __CTA_PROTOINFO_TCP_MAX
|
|
-};
|
|
-#define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1)
|
|
-
|
|
-enum ctattr_counters {
|
|
- CTA_COUNTERS_UNSPEC,
|
|
- CTA_COUNTERS_PACKETS, /* old 64bit counters */
|
|
- CTA_COUNTERS_BYTES, /* old 64bit counters */
|
|
- CTA_COUNTERS32_PACKETS,
|
|
- CTA_COUNTERS32_BYTES,
|
|
- __CTA_COUNTERS_MAX
|
|
-};
|
|
-#define CTA_COUNTERS_MAX (__CTA_COUNTERS_MAX - 1)
|
|
-
|
|
-enum ctattr_nat {
|
|
- CTA_NAT_UNSPEC,
|
|
- CTA_NAT_MINIP,
|
|
- CTA_NAT_MAXIP,
|
|
- CTA_NAT_PROTO,
|
|
- __CTA_NAT_MAX
|
|
-};
|
|
-#define CTA_NAT_MAX (__CTA_NAT_MAX - 1)
|
|
-
|
|
-enum ctattr_protonat {
|
|
- CTA_PROTONAT_UNSPEC,
|
|
- CTA_PROTONAT_PORT_MIN,
|
|
- CTA_PROTONAT_PORT_MAX,
|
|
- __CTA_PROTONAT_MAX
|
|
-};
|
|
-#define CTA_PROTONAT_MAX (__CTA_PROTONAT_MAX - 1)
|
|
-
|
|
-enum ctattr_natseq {
|
|
- CTA_NAT_SEQ_CORRECTION_POS,
|
|
- CTA_NAT_SEQ_OFFSET_BEFORE,
|
|
- CTA_NAT_SEQ_OFFSET_AFTER,
|
|
- __CTA_NAT_SEQ_MAX
|
|
-};
|
|
-#define CTA_NAT_SEQ_MAX (__CTA_NAT_SEQ_MAX - 1)
|
|
-
|
|
-enum ctattr_expect {
|
|
- CTA_EXPECT_UNSPEC,
|
|
- CTA_EXPECT_MASTER,
|
|
- CTA_EXPECT_TUPLE,
|
|
- CTA_EXPECT_MASK,
|
|
- CTA_EXPECT_TIMEOUT,
|
|
- CTA_EXPECT_ID,
|
|
- CTA_EXPECT_HELP_NAME,
|
|
- CTA_EXPECT_QUEUENR,
|
|
- __CTA_EXPECT_MAX
|
|
-};
|
|
-#define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1)
|
|
-
|
|
-enum ctattr_help {
|
|
- CTA_HELP_UNSPEC,
|
|
- CTA_HELP_NAME,
|
|
- __CTA_HELP_MAX
|
|
-};
|
|
-#define CTA_HELP_MAX (__CTA_HELP_MAX - 1)
|
|
-
|
|
-#ifdef __cplusplus
|
|
-}
|
|
-#endif
|
|
-
|
|
-#endif /* _IPCONNTRACK_NETLINK_H */
|
|
diff --git a/src/deprecated.c b/src/deprecated.c
|
|
index 6555062..d8331d5 100644
|
|
--- a/src/deprecated.c
|
|
+++ b/src/deprecated.c
|
|
@@ -43,6 +43,8 @@ static char *l3proto2str[AF_MAX] = {
|
|
static struct nfct_proto *findproto(char *name);
|
|
static struct nfct_l3proto *findl3proto(char *name);
|
|
|
|
+#define CTA_EXPECT_QUEUENR (CTA_EXPECT_HELP_NAME + 1)
|
|
+
|
|
/* handler used for nfnl_listen */
|
|
static int callback_handler(struct sockaddr_nl *nladdr,
|
|
struct nlmsghdr *n, void *arg)
|
|
diff --git a/src/deprecated/extensions/libnetfilter_conntrack_icmp.c b/src/deprecated/extensions/libnetfilter_conntrack_icmp.c
|
|
index 72a7eb0..7127b4b 100644
|
|
--- a/src/deprecated/extensions/libnetfilter_conntrack_icmp.c
|
|
+++ b/src/deprecated/extensions/libnetfilter_conntrack_icmp.c
|
|
@@ -12,7 +12,6 @@
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_icmp.h>
|
|
diff --git a/src/deprecated/extensions/libnetfilter_conntrack_sctp.c b/src/deprecated/extensions/libnetfilter_conntrack_sctp.c
|
|
index 3785c2e..f963161 100644
|
|
--- a/src/deprecated/extensions/libnetfilter_conntrack_sctp.c
|
|
+++ b/src/deprecated/extensions/libnetfilter_conntrack_sctp.c
|
|
@@ -12,7 +12,6 @@
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_sctp.h>
|
|
diff --git a/src/deprecated/extensions/libnetfilter_conntrack_tcp.c b/src/deprecated/extensions/libnetfilter_conntrack_tcp.c
|
|
index 9efdbb7..9f74517 100644
|
|
--- a/src/deprecated/extensions/libnetfilter_conntrack_tcp.c
|
|
+++ b/src/deprecated/extensions/libnetfilter_conntrack_tcp.c
|
|
@@ -12,7 +12,6 @@
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
|
|
diff --git a/src/deprecated/extensions/libnetfilter_conntrack_udp.c b/src/deprecated/extensions/libnetfilter_conntrack_udp.c
|
|
index c1d20c3..e63463c 100644
|
|
--- a/src/deprecated/extensions/libnetfilter_conntrack_udp.c
|
|
+++ b/src/deprecated/extensions/libnetfilter_conntrack_udp.c
|
|
@@ -12,7 +12,6 @@
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_udp.h>
|
|
diff --git a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c
|
|
index 727ea01..e70102d 100644
|
|
--- a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c
|
|
+++ b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c
|
|
@@ -9,7 +9,6 @@
|
|
#include <stdio.h>
|
|
#include <arpa/inet.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_l3extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_ipv4.h>
|
|
diff --git a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c
|
|
index 5f173f3..b751c7a 100644
|
|
--- a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c
|
|
+++ b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c
|
|
@@ -12,7 +12,6 @@
|
|
#include <string.h>
|
|
#include <netinet/in.h> /* For htons */
|
|
#include <arpa/inet.h>
|
|
-#include <libnetfilter_conntrack/linux_nfnetlink_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_l3extensions.h>
|
|
#include <libnetfilter_conntrack/libnetfilter_conntrack_ipv6.h>
|