| /linux/net/netfilter/ |
| H A D | core.c | 279 nf_hook_entry_head(struct net *net, int pf, unsigned int hooknum, in nf_hook_entry_head() argument
287 if (WARN_ON_ONCE(ARRAY_SIZE(net->nf.hooks_arp) <= hooknum)) in nf_hook_entry_head()
289 return net->nf.hooks_arp + hooknum; in nf_hook_entry_head()
293 if (WARN_ON_ONCE(ARRAY_SIZE(net->nf.hooks_bridge) <= hooknum)) in nf_hook_entry_head()
295 return net->nf.hooks_bridge + hooknum; in nf_hook_entry_head()
299 if (WARN_ON_ONCE(hooknum != NF_INET_INGRESS)) in nf_hook_entry_head()
308 if (WARN_ON_ONCE(ARRAY_SIZE(net->nf.hooks_ipv4) <= hooknum)) in nf_hook_entry_head()
310 return net->nf.hooks_ipv4 + hooknum; in nf_hook_entry_head()
312 if (WARN_ON_ONCE(ARRAY_SIZE(net->nf.hooks_ipv6) <= hooknum)) in nf_hook_entry_head()
314 return net->nf.hooks_ipv6 + hooknum; in nf_hook_entry_head()
[all …]
|
| H A D | nf_nat_ovs.c | 16 int hooknum, err = NF_ACCEPT; in nf_ct_nat_execute() local
20 hooknum = NF_INET_LOCAL_IN; /* Source NAT */ in nf_ct_nat_execute()
22 hooknum = NF_INET_LOCAL_OUT; /* Destination NAT */ in nf_ct_nat_execute()
30 hooknum)) in nf_ct_nat_execute()
43 hooknum, in nf_ct_nat_execute()
62 : nf_nat_alloc_null_binding(ct, hooknum); in nf_ct_nat_execute()
77 err = nf_nat_packet(ct, ctinfo, hooknum, skb); in nf_ct_nat_execute()
|
| H A D | nf_nat_redirect.c | 51 unsigned int hooknum) in nf_nat_redirect_ipv4() argument
55 WARN_ON(hooknum != NF_INET_PRE_ROUTING && in nf_nat_redirect_ipv4()
56 hooknum != NF_INET_LOCAL_OUT); in nf_nat_redirect_ipv4()
59 if (hooknum == NF_INET_LOCAL_OUT) { in nf_nat_redirect_ipv4()
105 unsigned int hooknum) in nf_nat_redirect_ipv6() argument
109 if (hooknum == NF_INET_LOCAL_OUT) { in nf_nat_redirect_ipv6()
|
| H A D | nfnetlink_hook.c | 165 u32 hooknum; in nfnl_hook_dump_one() local
203 if (ops->pf == NFPROTO_INET && ops->hooknum == NF_INET_INGRESS) in nfnl_hook_dump_one()
204 hooknum = NF_NETDEV_INGRESS; in nfnl_hook_dump_one()
206 hooknum = ops->hooknum; in nfnl_hook_dump_one()
208 ret = nla_put_be32(nlskb, NFNLA_HOOK_HOOKNUM, htonl(hooknum)); in nfnl_hook_dump_one()
352 u32 hooknum; in nfnl_hook_dump_start() local
354 hooknum = ntohl(nla_get_be32(nla[NFNLA_HOOK_HOOKNUM])); in nfnl_hook_dump_start()
355 if (hooknum > 255) in nfnl_hook_dump_start()
367 head = nfnl_hook_entries_head(family, hooknum, net, name); in nfnl_hook_dump_start()
379 ctx->hook = hooknum; in nfnl_hook_dump_start()
|
| H A D | xt_repldata.h | 20 unsigned int bytes = 0, hooknum = 0, i = 0; \
38 for (; hook_mask != 0; hook_mask >>= 1, ++hooknum) { \
41 tbl->repl.hook_entry[hooknum] = bytes; \
42 tbl->repl.underflow[hooknum] = bytes; \
|
| H A D | nf_bpf_link.c | 145 nf_link->hook_ops.pf, nf_link->hook_ops.hooknum, in bpf_nf_link_show_info()
155 info->netfilter.hooknum = nf_link->hook_ops.hooknum; in bpf_nf_link_fill_link_info()
184 if (attr->link_create.netfilter.hooknum >= NF_INET_NUMHOOKS) in bpf_nf_check_pf_and_hooks()
233 link->hook_ops.hooknum = attr->link_create.netfilter.hooknum; in bpf_nf_link_attach()
|
| H A D | nf_log_syslog.c | 111 unsigned int hooknum, const struct sk_buff *skb, in nf_log_dump_packet_common() argument
135 unsigned int hooknum, const struct sk_buff *skb, in nf_log_arp_packet() argument
151 nf_log_dump_packet_common(m, pf, hooknum, skb, in, out, loginfo, in nf_log_arp_packet()
832 unsigned int hooknum, const struct sk_buff *skb, in nf_log_ip_packet() argument
848 nf_log_dump_packet_common(m, pf, hooknum, skb, in, in nf_log_ip_packet()
867 unsigned int hooknum, const struct sk_buff *skb, in nf_log_ip6_packet() argument
883 nf_log_dump_packet_common(m, pf, hooknum, skb, in, out, in nf_log_ip6_packet()
902 unsigned int hooknum, in nf_log_unknown_packet() argument
919 nf_log_dump_packet_common(m, pf, hooknum, skb, in, out, loginfo, in nf_log_unknown_packet()
928 unsigned int hooknum, in nf_log_netdev_packet() argument
[all …]
|
| H A D | nf_nat_core.c | 871 nf_nat_alloc_null_binding(struct nf_conn *ct, unsigned int hooknum) in nf_nat_inet_fn()
873 return __nf_nat_alloc_null_binding(ct, HOOK2MANIP(hooknum));
880 unsigned int hooknum, in nf_nat_proto_remove()
883 enum nf_nat_manip_type mtype = HOOK2MANIP(hooknum); in nf_nat_proto_remove()
1200 unsigned int hooknum = ops->hooknum;
1210 if (orig_nat_ops[i].hooknum == hooknum) {
1211 hooknum = i;
1255 priv = nat_ops[hooknum] in nf_nat_cleanup()
755 nf_nat_alloc_null_binding(struct nf_conn * ct,unsigned int hooknum) nf_nat_alloc_null_binding() argument
764 nf_nat_packet(struct nf_conn * ct,enum ip_conntrack_info ctinfo,unsigned int hooknum,struct sk_buff * skb) nf_nat_packet() argument
1084 unsigned int hooknum = ops->hooknum; nf_nat_register_fn() local
1160 int hooknum = ops->hooknum; nf_nat_unregister_fn() local
[all...] |
| H A D | nf_conntrack_proto.c | 239 .hooknum = NF_INET_PRE_ROUTING,
245 .hooknum = NF_INET_LOCAL_OUT,
251 .hooknum = NF_INET_POST_ROUTING,
257 .hooknum = NF_INET_LOCAL_IN,
396 .hooknum = NF_INET_PRE_ROUTING,
402 .hooknum = NF_INET_LOCAL_OUT,
408 .hooknum = NF_INET_POST_ROUTING,
414 .hooknum = NF_INET_LOCAL_IN,
|
| H A D | nf_nat_proto.c | 562 unsigned int hooknum) in nf_nat_icmp_reply_translation() argument
569 enum nf_nat_manip_type manip = HOOK2MANIP(hooknum); in nf_nat_icmp_reply_translation()
578 if (nf_ip_checksum(skb, hooknum, hdrlen, IPPROTO_ICMP)) in nf_nat_icmp_reply_translation()
833 .hooknum = NF_INET_PRE_ROUTING,
840 .hooknum = NF_INET_POST_ROUTING,
847 .hooknum = NF_INET_LOCAL_OUT,
854 .hooknum = NF_INET_LOCAL_IN,
876 unsigned int hooknum, in nf_nat_icmpv6_reply_translation() argument
884 enum nf_nat_manip_type manip = HOOK2MANIP(hooknum); in nf_nat_icmpv6_reply_translation()
892 if (nf_ip6_checksum(skb, hooknum, hdrlen, IPPROTO_ICMPV6)) in nf_nat_icmpv6_reply_translation()
[all …]
|
| /linux/include/net/netfilter/ |
| H A D | nf_nat.h | 19 #define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \ argument
20 (hooknum) != NF_INET_LOCAL_IN)
44 unsigned int hooknum);
57 static inline bool nf_nat_oif_changed(unsigned int hooknum, in nf_nat_oif_changed() argument
63 return nat && nat->masq_index && hooknum == NF_INET_POST_ROUTING && in nf_nat_oif_changed()
77 unsigned int hooknum, struct sk_buff *skb);
88 unsigned int hooknum);
92 unsigned int hooknum, unsigned int hdrlen);
|
| H A D | nf_log.h | 41 unsigned int hooknum,
79 unsigned int hooknum,
89 unsigned int hooknum,
|
| H A D | nf_nat_redirect.h | 10 unsigned int hooknum);
13 unsigned int hooknum);
|
| /linux/net/netfilter/ipvs/ |
| H A D | ip_vs_core.c | 697 static inline enum ip_defrag_users ip_vs_defrag_user(unsigned int hooknum) in ip_vs_defrag_user() argument
699 if (NF_INET_LOCAL_IN == hooknum) in ip_vs_defrag_user()
701 if (NF_INET_FORWARD == hooknum) in ip_vs_defrag_user()
721 struct sk_buff *skb, unsigned int hooknum) in ip_vs_route_me_harder() argument
726 if (NF_INET_LOCAL_IN == hooknum) in ip_vs_route_me_harder()
861 unsigned int hooknum) in handle_response_icmp() argument
889 if (ip_vs_route_me_harder(cp->ipvs, af, skb, hooknum)) in handle_response_icmp()
915 int *related, unsigned int hooknum) in ip_vs_out_icmp() argument
930 if (ip_vs_gather_frags(ipvs, skb, ip_vs_defrag_user(hooknum))) in ip_vs_out_icmp()
986 pp, ciph.len, ihl, hooknum); in ip_vs_out_icmp()
[all …]
|
| /linux/net/ipv6/netfilter/ |
| H A D | nf_defrag_ipv6_hooks.c | 31 static enum ip6_defrag_users nf_ct6_defrag_user(unsigned int hooknum, in nf_ct6_defrag_user() argument
46 if (hooknum == NF_INET_PRE_ROUTING) in nf_ct6_defrag_user()
80 .hooknum = NF_INET_PRE_ROUTING,
86 .hooknum = NF_INET_LOCAL_OUT,
|
| H A D | ip6table_nat.c | 38 .hooknum = NF_INET_PRE_ROUTING,
44 .hooknum = NF_INET_POST_ROUTING,
50 .hooknum = NF_INET_LOCAL_OUT,
56 .hooknum = NF_INET_LOCAL_IN,
|
| H A D | nf_dup_ipv6.c | 47 void nf_dup_ipv6(struct net *net, struct sk_buff *skb, unsigned int hooknum, in nf_dup_ipv6() argument
60 if (hooknum == NF_INET_PRE_ROUTING || in nf_dup_ipv6()
61 hooknum == NF_INET_LOCAL_IN) { in nf_dup_ipv6()
|
| H A D | nf_reject_ipv6.c | 393 unsigned char code, unsigned int hooknum) in reject6_csum_ok()
395 if (!reject6_csum_ok(skb_in, hooknum)) in reject6_csum_ok()
398 if (hooknum == NF_INET_LOCAL_OUT && skb_in->dev == NULL) in reject6_csum_ok()
401 if ((hooknum == NF_INET_PRE_ROUTING || hooknum == NF_INET_INGRESS) && in reject6_csum_ok()
404 nf_send_unreach6(struct net * net,struct sk_buff * skb_in,unsigned char code,unsigned int hooknum) nf_send_unreach6() argument
|
| /linux/net/ipv4/netfilter/ |
| H A D | iptable_nat.c | 36 .hooknum = NF_INET_PRE_ROUTING,
42 .hooknum = NF_INET_POST_ROUTING,
48 .hooknum = NF_INET_LOCAL_OUT,
54 .hooknum = NF_INET_LOCAL_IN,
|
| H A D | nf_defrag_ipv4.c | 41 static enum ip_defrag_users nf_ct_defrag_user(unsigned int hooknum, in nf_ct_defrag_user() argument
56 if (hooknum == NF_INET_PRE_ROUTING) in nf_ct_defrag_user()
97 .hooknum = NF_INET_PRE_ROUTING,
103 .hooknum = NF_INET_LOCAL_OUT,
|
| H A D | nf_dup_ipv4.c | 51 void nf_dup_ipv4(struct net *net, struct sk_buff *skb, unsigned int hooknum, in nf_dup_ipv4() argument
83 if (hooknum == NF_INET_PRE_ROUTING || in nf_dup_ipv4()
84 hooknum == NF_INET_LOCAL_IN) in nf_dup_ipv4()
|
| /linux/net/bridge/netfilter/ |
| H A D | ebtable_nat.c | 57 .hooknum = NF_BR_LOCAL_OUT,
63 .hooknum = NF_BR_POST_ROUTING,
69 .hooknum = NF_BR_PRE_ROUTING,
|
| H A D | ebtable_filter.c | 57 .hooknum = NF_BR_LOCAL_IN,
63 .hooknum = NF_BR_FORWARD,
69 .hooknum = NF_BR_LOCAL_OUT,
|
| /linux/tools/testing/selftests/bpf/prog_tests/ |
| H A D | netfilter_link_attach.c | 11 __u32 hooknum; member
22 { .pf = NFPROTO_IPV4, .hooknum = 42, .name = "invalid-hooknum", },
56 X(opts, hooknum, i); in test_netfilter_link_attach()
|
| /linux/security/smack/ |
| H A D | smack_netfilter.c | 42 .hooknum = NF_INET_LOCAL_OUT,
49 .hooknum = NF_INET_LOCAL_OUT,
|