struct nf_conntrack_tuple tuple; struct nf_conntrack_tuple_hash *h; struct nf_conn *ct; #ifdef A int i; struct conntrack_cache *cache; #endif if (!nf_ct_get_tuple(skb, skb_network_offset(skb), dataoff, l3num, protonum, &tuple, l3proto, l4proto)) { pr_debug("resolve_normal_ct...
enum ip_conntrack_info *ctinfo) { struct nf_conntrack_tuple tuple; struct nf_conntrack_tuple_hash *h; struct nf_conn *ct; #ifdef A int i; struct conntrack_cache *cache; #endif if (!nf_ct_get_tuple(skb, skb_network_offset(skb), dataoff, l3num, protonum, &tuple, l3proto, l4prot...
nf_ct_get_tuple(skb, skb_network_offset(skb), dataoff, l3num, protonum, &tuple, l3proto, l4proto)) { pr_debug("resolve_normal_ct: Can't get tuple\n"); return NULL; } #ifdef A cache = &__get_cpu_var(conntrack_cache); rcu_read_lock(); if (0 /* 优化3 */) { goto slow...
resolve_normal_ct函数首先会获取该数据包的五元组信息,然后通过这个信息计算出hash值,通过这个hash值在hash表中查找,如果没有找到则调用init_conntrack函数创建一个新的连接跟踪,要注意在创建连接跟踪的时候会同时创建两个方向的连接一个,一个是原始方向的称为IP_CT_DIR_ORIGINAL,另外一个是回复方向的称为IP_CT_DI...
voidnf_ct_free_hashtable(void*hash, unsignedintsize ) Definition at line1294of filenf_conntrack_core.c. boolnf_ct_get_tuplepr(conststructsk_buff*skb, unsignedintnhoff, u_int16_tl3num, structnf_conntrack_tuple*tuple ) Definition at line138of filenf_conntrack_core.c. ...
net / ipv4 / netfilter / nf_nat_pptp.c v6 v6.14 v6.13 v6.13.7 v6.13.6 v6.13.5 v6.13.4 v6.13.3 v6.13.2 v6.13.1 v6.13 v6.13-rc7 v6.13-rc6 v6.13-rc5 v6.13-rc4 v6.13-rc3 v6.13-rc2 v6.13-rc1 ...
protonum = protonum; tuple->dst.dir = IP_CT_DIR_ORIGINAL; return l4proto->pkt_to_tuple(skb, dataoff, net, tuple); } EXPORT_SYMBOL_GPL(nf_ct_get_tuple); bool nf_ct_get_tuplepr(const struct sk_buff *skb, unsigned int nhoff, u_int16_t l3num, struct net *net, struct nf_...
static inline structnf_conn*nf_ct_tuplehash_to_ctrack(const structnf_conntrack_tuple_hash*hash) static inline structnf_conn*nf_ct_get(const 313 static void__nf_conntrack_hash_insert(structnf_conn*ct, 314 unsigned int hash, 315 unsigned int repl_hash) ...
if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.ip == 0) return NF_ACCEPT; rt = skb_rtable(skb); nh = rt_nexthop(rt, ip_hdr(skb)->daddr); newsrc = inet_select_addr(out, nh, RT_SCOPE_UNIVERSE); if (!newsrc) { pr_info("%s ate my IP address\n", out->n...
nf_ct_invert_tuplepr(result, &ct->tuplehash[IP_CT_DIR_REPLY].tuple); result->dst = tuple->dst; @@ -446,11 +451,17 @@ nf_nat_setup_info(struct nf_conn *ct, } if (maniptype == NF_NAT_MANIP_SRC) { struct nf_nat_conn_key key = { .net = nf_ct_net(ct), .tuple = ...