patch-2.4.4 linux/include/linux/netfilter_ipv4/ip_conntrack_core.h
Next file: linux/include/linux/netfilter_ipv4/ip_conntrack_ftp.h
Previous file: linux/include/linux/netfilter_ipv4/ip_conntrack.h
Back to the patch index
Back to the overall index
- Lines: 21
- Date:
Fri Apr 27 14:15:01 2001
- Orig file:
v2.4.3/linux/include/linux/netfilter_ipv4/ip_conntrack_core.h
- Orig date:
Mon Dec 11 13:31:23 2000
diff -u --recursive --new-file v2.4.3/linux/include/linux/netfilter_ipv4/ip_conntrack_core.h linux/include/linux/netfilter_ipv4/ip_conntrack_core.h
@@ -33,10 +33,17 @@
ip_conntrack_find_get(const struct ip_conntrack_tuple *tuple,
const struct ip_conntrack *ignored_conntrack);
-/* Confirm a connection */
-void ip_conntrack_confirm(struct ip_conntrack *ct);
+extern int __ip_conntrack_confirm(struct nf_ct_info *nfct);
+
+/* Confirm a connection: returns NF_DROP if packet must be dropped. */
+static inline int ip_conntrack_confirm(struct sk_buff *skb)
+{
+ if (skb->nfct
+ && !is_confirmed((struct ip_conntrack *)skb->nfct->master))
+ return __ip_conntrack_confirm(skb->nfct);
+ return NF_ACCEPT;
+}
-extern unsigned int ip_conntrack_htable_size;
extern struct list_head *ip_conntrack_hash;
extern struct list_head expect_list;
DECLARE_RWLOCK_EXTERN(ip_conntrack_lock);
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)