conntrack.c - OpenGrok cross reference for /linux/net/openvswitch/conntrack.c

Lines Matching refs:ct
64 	struct nf_conn *ct;
154 static u32 ovs_ct_get_mark(const struct nf_conn *ct)
157 	return ct ? READ_ONCE(ct->mark) : 0;
168 static void ovs_ct_get_labels(const struct nf_conn *ct,
173 	if (ct) {
174 		if (ct->master && !nf_ct_is_confirmed(ct))
175 			ct = ct->master;
176 		cl = nf_ct_labels_find(ct);
190 		key->ct.orig_tp.src = htons(orig->dst.u.icmp.type);
191 		key->ct.orig_tp.dst = htons(orig->dst.u.icmp.code);
193 		key->ct.orig_tp.src = orig->src.u.all;
194 		key->ct.orig_tp.dst = orig->dst.u.all;
200 				const struct nf_conn *ct)
204 	key->ct.mark = ovs_ct_get_mark(ct);
205 	ovs_ct_get_labels(ct, &key->ct.labels);
207 	if (ct) {
211 		if (ct->master)
212 			ct = ct->master;
213 		orig = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple;
217 		    nf_ct_l3num(ct) == NFPROTO_IPV4) {
224 			   nf_ct_l3num(ct) == NFPROTO_IPV6) {
238  * previously sent the packet to conntrack via the ct action.  If
249 	struct nf_conn *ct;
252 	ct = nf_ct_get(skb, &ctinfo);
253 	if (ct) {
256 		if (!nf_ct_is_confirmed(ct))
261 		if (ct->master)
266 			if (ct->status & IPS_SRC_NAT)
268 			if (ct->status & IPS_DST_NAT)
271 		zone = nf_ct_zone(ct);
277 	__ovs_ct_update_key(key, state, zone, ct);
301 	    nla_put_u32(skb, OVS_KEY_ATTR_CT_MARK, output->ct.mark))
305 	    nla_put(skb, OVS_KEY_ATTR_CT_LABELS, sizeof(output->ct.labels),
306 		    &output->ct.labels))
316 			orig.src_port = output->ct.orig_tp.src;
317 			orig.dst_port = output->ct.orig_tp.dst;
331 			orig.src_port = output->ct.orig_tp.src;
332 			orig.dst_port = output->ct.orig_tp.dst;
344 static int ovs_ct_set_mark(struct nf_conn *ct, struct sw_flow_key *key,
350 	new_mark = ct_mark | (READ_ONCE(ct->mark) & ~(mask));
351 	if (READ_ONCE(ct->mark) != new_mark) {
352 		WRITE_ONCE(ct->mark, new_mark);
353 		if (nf_ct_is_confirmed(ct))
354 			nf_conntrack_event_cache(IPCT_MARK, ct);
355 		key->ct.mark = new_mark;
364 static struct nf_conn_labels *ovs_ct_get_conn_labels(struct nf_conn *ct)
368 	cl = nf_ct_labels_find(ct);
370 		nf_ct_labels_ext_add(ct);
371 		cl = nf_ct_labels_find(ct);
381 static int ovs_ct_init_labels(struct nf_conn *ct, struct sw_flow_key *key,
389 	master_cl = ct->master ? nf_ct_labels_find(ct->master) : NULL;
394 	cl = ovs_ct_get_conn_labels(ct);
415 	nf_conntrack_event_cache(IPCT_LABEL, ct);
417 	memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);
422 static int ovs_ct_set_labels(struct nf_conn *ct, struct sw_flow_key *key,
429 	cl = ovs_ct_get_conn_labels(ct);
433 	err = nf_connlabels_replace(ct, labels->ct_labels_32,
439 	memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN);
468 	const struct nf_conn *ct = nf_ct_tuplehash_to_ctrack(h);
473 	if (test_bit(IPS_SEEN_REPLY_BIT, &ct->status))
475 	if (test_bit(IPS_EXPECTED_BIT, &ct->status))
495 	struct nf_conn *ct;
519 	ct = nf_ct_tuplehash_to_ctrack(h);
526 		h = &ct->tuplehash[!h->tuple.dst.dir];
528 	nf_ct_set(skb, ct, ovs_ct_get_info(h));
529 	return ct;
539 	struct nf_conn *ct = NULL;
541 	/* If no ct, check if we have evidence that an existing conntrack entry
552 		ct = ovs_ct_find_existing(net, &info->zone, info->family, skb,
557 	return ct;
567 	struct nf_conn *ct;
570 	ct = nf_ct_get(skb, &ctinfo);
571 	if (!ct)
572 		ct = ovs_ct_executed(net, key, info, skb, &ct_executed);
574 	if (ct)
579 	if (!net_eq(net, read_pnet(&ct->ct_net)))
581 	if (!nf_ct_zone_equal_any(info->ct, nf_ct_zone(ct)))
586 		help = nf_ct_ext_find(ct, NF_CT_EXT_HELPER);
593 		timeout_ext = nf_ct_timeout_find(ct);
603 		if (nf_ct_is_confirmed(ct))
604 			nf_ct_delete(ct, 0, 0);
606 		nf_ct_put(ct);
669 		      struct sk_buff *skb, struct nf_conn *ct,
681 	err = nf_ct_nat(skb, ct, ctinfo, &action, &info->range, info->commit);
695 		      struct sk_buff *skb, struct nf_conn *ct,
735 	struct nf_conn *ct;
743 		struct nf_conn *tmpl = info->ct;
748 			ct = nf_ct_get(skb, &ctinfo);
749 			nf_ct_put(ct);
768 	ct = nf_ct_get(skb, &ctinfo);
769 	if (ct) {
783 		    (nf_ct_is_confirmed(ct) || info->commit)) {
784 			int err = ovs_ct_nat(net, key, info, skb, ct, ctinfo);
791 		/* Userspace may decide to perform a ct lookup without a helper
797 		if (!nf_ct_is_confirmed(ct) && info->commit &&
798 		    info->helper && !nfct_help(ct)) {
799 			int err = __nf_ct_try_assign_helper(ct, info->ct,
806 			if (info->nat && !nfct_seqadj(ct)) {
807 				if (!nfct_seqadj_ext_add(ct))
818 		if ((nf_ct_is_confirmed(ct) ? !cached || add_helper :
820 			int err = nf_ct_helper(skb, ct, ctinfo, info->family);
827 		if (nf_ct_protonum(ct) == IPPROTO_TCP &&
828 		    nf_ct_is_confirmed(ct) && nf_conntrack_tcp_established(ct)) {
832 			nf_ct_set_tcp_be_liberal(ct);
835 		nf_conn_act_ct_ext_fill(skb, ct, ctinfo);
846 	struct nf_conn *ct;
853 	ct = (struct nf_conn *)skb_nfct(skb);
854 	if (ct)
855 		nf_ct_deliver_cached_events(ct);
961 	struct nf_conn *ct;
969 	ct = nf_ct_get(skb, &ctinfo);
970 	if (!ct)
975 		if (!nf_ct_is_confirmed(ct)) {
995 		struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct);
1006 		err = ovs_ct_set_mark(ct, key, info->mark.value,
1011 	if (!nf_ct_is_confirmed(ct)) {
1012 		err = ovs_ct_init_labels(ct, key, &info->labels.value,
1017 		nf_conn_act_ct_ext_add(skb, ct, ctinfo);
1020 		err = ovs_ct_set_labels(ct, key, &info->labels.value,
1078 	struct nf_conn *ct;
1080 	ct = nf_ct_get(skb, &ctinfo);
1082 	nf_ct_put(ct);
1391 		OVS_NLERR(log, "ct family unspecified");
1406 	ct_info.ct = nf_ct_tmpl_alloc(net, &ct_info.zone, GFP_KERNEL);
1407 	if (!ct_info.ct) {
1413 		if (nf_ct_set_timeout(net, ct_info.ct, family, key->ip.proto,
1420 				nf_ct_timeout_find(ct_info.ct)->timeout);
1425 		err = nf_ct_add_helper(ct_info.ct, helper, ct_info.family,
1439 		__set_bit(IPS_CONFIRMED_BIT, &ct_info.ct->status);
1577 	if (ct_info->ct) {
1579 			nf_ct_destroy_timeout(ct_info->ct);
1580 		nf_ct_tmpl_free(ct_info->ct);