052b9498ee
That can be reused by the reject bridge expression to build the reject packet. The new functions are: * nf_reject_ip_tcphdr_get(): to sanitize and to obtain the TCP header. * nf_reject_iphdr_put(): to build the IPv4 header. * nf_reject_ip_tcphdr_put(): to build the TCP header. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
24 lines
683 B
C
24 lines
683 B
C
#ifndef _IPV4_NF_REJECT_H
|
|
#define _IPV4_NF_REJECT_H
|
|
|
|
#include <linux/skbuff.h>
|
|
#include <net/ip.h>
|
|
#include <net/icmp.h>
|
|
|
|
static inline void nf_send_unreach(struct sk_buff *skb_in, int code)
|
|
{
|
|
icmp_send(skb_in, ICMP_DEST_UNREACH, code, 0);
|
|
}
|
|
|
|
void nf_send_reset(struct sk_buff *oldskb, int hook);
|
|
|
|
const struct tcphdr *nf_reject_ip_tcphdr_get(struct sk_buff *oldskb,
|
|
struct tcphdr *_oth, int hook);
|
|
struct iphdr *nf_reject_iphdr_put(struct sk_buff *nskb,
|
|
const struct sk_buff *oldskb,
|
|
__be16 protocol, int ttl);
|
|
void nf_reject_ip_tcphdr_put(struct sk_buff *nskb, const struct sk_buff *oldskb,
|
|
const struct tcphdr *oth);
|
|
|
|
#endif /* _IPV4_NF_REJECT_H */
|