diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-26 12:35:54 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-31 12:49:57 +0100 |
commit | 8bfcdf6671b1c8006c52c3eaf9fd1b5dfcf41c3d (patch) | |
tree | 8943ef4d637d755cc53b7013d7c39d2a1a367601 /include | |
parent | netfilter: nf_reject_ipv4: split nf_send_reset() in smaller functions (diff) | |
download | linux-8bfcdf6671b1c8006c52c3eaf9fd1b5dfcf41c3d.tar.xz linux-8bfcdf6671b1c8006c52c3eaf9fd1b5dfcf41c3d.zip |
netfilter: nf_reject_ipv6: split nf_send_reset6() in smaller functions
That can be reused by the reject bridge expression to build the reject
packet. The new functions are:
* nf_reject_ip6_tcphdr_get(): to sanitize and to obtain the TCP header.
* nf_reject_ip6hdr_put(): to build the IPv6 header.
* nf_reject_ip6_tcphdr_put(): to build the TCP header.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/netfilter/ipv6/nf_reject.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/include/net/netfilter/ipv6/nf_reject.h b/include/net/netfilter/ipv6/nf_reject.h index 48e18810a9be..23216d48abf9 100644 --- a/include/net/netfilter/ipv6/nf_reject.h +++ b/include/net/netfilter/ipv6/nf_reject.h @@ -15,4 +15,14 @@ nf_send_unreach6(struct net *net, struct sk_buff *skb_in, unsigned char code, void nf_send_reset6(struct net *net, struct sk_buff *oldskb, int hook); +const struct tcphdr *nf_reject_ip6_tcphdr_get(struct sk_buff *oldskb, + struct tcphdr *otcph, + unsigned int *otcplen, int hook); +struct ipv6hdr *nf_reject_ip6hdr_put(struct sk_buff *nskb, + const struct sk_buff *oldskb, + __be16 protocol, int hoplimit); +void nf_reject_ip6_tcphdr_put(struct sk_buff *nskb, + const struct sk_buff *oldskb, + const struct tcphdr *oth, unsigned int otcplen); + #endif /* _IPV6_NF_REJECT_H */ |