summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/linux/netfilter.h32
-rw-r--r--include/net/netfilter/nf_queue.h32
-rw-r--r--net/ipv4/netfilter.c1
-rw-r--r--net/ipv4/netfilter/ip_queue.c1
-rw-r--r--net/ipv6/netfilter.c1
-rw-r--r--net/ipv6/netfilter/ip6_queue.c1
-rw-r--r--net/netfilter/nf_queue.c1
-rw-r--r--net/netfilter/nfnetlink_queue.c1
8 files changed, 40 insertions, 30 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 1ba60112ab83..5fe4ef401cc8 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -101,19 +101,6 @@ struct nf_sockopt_ops
struct module *owner;
};
-/* Each queued (to userspace) skbuff has one of these. */
-struct nf_info
-{
- /* The ops struct which sent us to userspace. */
- struct nf_hook_ops *elem;
-
- /* If we're sent to userspace, this keeps housekeeping info */
- int pf;
- unsigned int hook;
- struct net_device *indev, *outdev;
- int (*okfn)(struct sk_buff *);
-};
-
/* Function to register/unregister hook points. */
int nf_register_hook(struct nf_hook_ops *reg);
void nf_unregister_hook(struct nf_hook_ops *reg);
@@ -274,21 +261,6 @@ int compat_nf_setsockopt(struct sock *sk, int pf, int optval,
int compat_nf_getsockopt(struct sock *sk, int pf, int optval,
char __user *opt, int *len);
-/* Packet queuing */
-struct nf_queue_handler {
- int (*outfn)(struct sk_buff *skb, struct nf_info *info,
- unsigned int queuenum);
- char *name;
-};
-extern int nf_register_queue_handler(int pf,
- const struct nf_queue_handler *qh);
-extern int nf_unregister_queue_handler(int pf,
- const struct nf_queue_handler *qh);
-extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
-extern void nf_reinject(struct sk_buff *skb,
- struct nf_info *info,
- unsigned int verdict);
-
/* FIXME: Before cache is ever used, this must be implemented for real. */
extern void nf_invalidate_cache(int pf);
@@ -298,6 +270,8 @@ extern void nf_invalidate_cache(int pf);
extern int skb_make_writable(struct sk_buff *skb, unsigned int writable_len);
struct flowi;
+struct nf_info;
+
struct nf_afinfo {
unsigned short family;
__sum16 (*checksum)(struct sk_buff *skb, unsigned int hook,
@@ -334,8 +308,6 @@ nf_checksum(struct sk_buff *skb, unsigned int hook, unsigned int dataoff,
extern int nf_register_afinfo(struct nf_afinfo *afinfo);
extern void nf_unregister_afinfo(struct nf_afinfo *afinfo);
-#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
-
#include <net/flow.h>
extern void (*ip_nat_decode_session)(struct sk_buff *, struct flowi *);
diff --git a/include/net/netfilter/nf_queue.h b/include/net/netfilter/nf_queue.h
new file mode 100644
index 000000000000..8c6b382fd865
--- /dev/null
+++ b/include/net/netfilter/nf_queue.h
@@ -0,0 +1,32 @@
+#ifndef _NF_QUEUE_H
+#define _NF_QUEUE_H
+
+/* Each queued (to userspace) skbuff has one of these. */
+struct nf_info {
+ struct nf_hook_ops *elem;
+ int pf;
+ unsigned int hook;
+ struct net_device *indev;
+ struct net_device *outdev;
+ int (*okfn)(struct sk_buff *);
+};
+
+#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
+
+/* Packet queuing */
+struct nf_queue_handler {
+ int (*outfn)(struct sk_buff *skb,
+ struct nf_info *info,
+ unsigned int queuenum);
+ char *name;
+};
+
+extern int nf_register_queue_handler(int pf,
+ const struct nf_queue_handler *qh);
+extern int nf_unregister_queue_handler(int pf,
+ const struct nf_queue_handler *qh);
+extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
+extern void nf_reinject(struct sk_buff *skb, struct nf_info *info,
+ unsigned int verdict);
+
+#endif /* _NF_QUEUE_H */
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index 599d448ef57e..f7166084a5ab 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -7,6 +7,7 @@
#include <net/route.h>
#include <net/xfrm.h>
#include <net/ip.h>
+#include <net/netfilter/nf_queue.h>
/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */
int ip_route_me_harder(struct sk_buff *skb, unsigned addr_type)
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index 08e7f8b4e951..2966fbddce8b 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -28,6 +28,7 @@
#include <net/net_namespace.h>
#include <net/sock.h>
#include <net/route.h>
+#include <net/netfilter/nf_queue.h>
#define IPQ_QMAX_DEFAULT 1024
#define IPQ_PROC_FS_NAME "ip_queue"
diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index 281f732e3c97..55ea9c6ec744 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -8,6 +8,7 @@
#include <net/ip6_route.h>
#include <net/xfrm.h>
#include <net/ip6_checksum.h>
+#include <net/netfilter/nf_queue.h>
int ip6_route_me_harder(struct sk_buff *skb)
{
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 5a9ca0d4fb2f..7ff9915750a3 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -29,6 +29,7 @@
#include <net/sock.h>
#include <net/ipv6.h>
#include <net/ip6_route.h>
+#include <net/netfilter/nf_queue.h>
#include <linux/netfilter_ipv4/ip_queue.h>
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter_ipv6/ip6_tables.h>
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index c098ccbbbcee..bd71f433b85e 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -7,6 +7,7 @@
#include <linux/seq_file.h>
#include <linux/rcupdate.h>
#include <net/protocol.h>
+#include <net/netfilter/nf_queue.h>
#include "nf_internals.h"
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 94ec1c263d03..3a09f021065a 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -27,6 +27,7 @@
#include <linux/netfilter/nfnetlink_queue.h>
#include <linux/list.h>
#include <net/sock.h>
+#include <net/netfilter/nf_queue.h>
#include <asm/atomic.h>