1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _NF_CONNTRACK_SYNPROXY_H
3 #define _NF_CONNTRACK_SYNPROXY_H
4 
5 #include <net/netfilter/nf_conntrack_seqadj.h>
6 #include <net/netns/generic.h>
7 
8 struct nf_conn_synproxy {
9 	u32	isn;
10 	u32	its;
11 	u32	tsoff;
12 };
13 
nfct_synproxy(const struct nf_conn * ct)14 static inline struct nf_conn_synproxy *nfct_synproxy(const struct nf_conn *ct)
15 {
16 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
17 	return nf_ct_ext_find(ct, NF_CT_EXT_SYNPROXY);
18 #else
19 	return NULL;
20 #endif
21 }
22 
nfct_synproxy_ext_add(struct nf_conn * ct)23 static inline struct nf_conn_synproxy *nfct_synproxy_ext_add(struct nf_conn *ct)
24 {
25 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
26 	return nf_ct_ext_add(ct, NF_CT_EXT_SYNPROXY, GFP_ATOMIC);
27 #else
28 	return NULL;
29 #endif
30 }
31 
nf_ct_add_synproxy(struct nf_conn * ct,const struct nf_conn * tmpl)32 static inline bool nf_ct_add_synproxy(struct nf_conn *ct,
33 				      const struct nf_conn *tmpl)
34 {
35 #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
36 	if (tmpl && nfct_synproxy(tmpl)) {
37 		if (!nfct_seqadj_ext_add(ct))
38 			return false;
39 
40 		if (!nfct_synproxy_ext_add(ct))
41 			return false;
42 	}
43 #endif
44 
45 	return true;
46 }
47 
48 #endif /* _NF_CONNTRACK_SYNPROXY_H */
49