1 #ifndef _NF_CONNTRACK_TCP_H 2 #define _NF_CONNTRACK_TCP_H 3 /* TCP tracking. */ 4 5 /* This is exposed to userspace (ctnetlink) */ 6 enum tcp_conntrack { 7 TCP_CONNTRACK_NONE, 8 TCP_CONNTRACK_SYN_SENT, 9 TCP_CONNTRACK_SYN_RECV, 10 TCP_CONNTRACK_ESTABLISHED, 11 TCP_CONNTRACK_FIN_WAIT, 12 TCP_CONNTRACK_CLOSE_WAIT, 13 TCP_CONNTRACK_LAST_ACK, 14 TCP_CONNTRACK_TIME_WAIT, 15 TCP_CONNTRACK_CLOSE, 16 TCP_CONNTRACK_LISTEN, 17 TCP_CONNTRACK_MAX, 18 TCP_CONNTRACK_IGNORE 19 }; 20 21 /* Window scaling is advertised by the sender */ 22 #define IP_CT_TCP_FLAG_WINDOW_SCALE 0x01 23 24 /* SACK is permitted by the sender */ 25 #define IP_CT_TCP_FLAG_SACK_PERM 0x02 26 27 /* This sender sent FIN first */ 28 #define IP_CT_TCP_FLAG_CLOSE_INIT 0x04 29 30 /* Be liberal in window checking */ 31 #define IP_CT_TCP_FLAG_BE_LIBERAL 0x08 32 33 /* Has unacknowledged data */ 34 #define IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED 0x10 35 36 struct nf_ct_tcp_flags { 37 u_int8_t flags; 38 u_int8_t mask; 39 }; 40 41 #ifdef __KERNEL__ 42 43 struct ip_ct_tcp_state { 44 u_int32_t td_end; /* max of seq + len */ 45 u_int32_t td_maxend; /* max of ack + max(win, 1) */ 46 u_int32_t td_maxwin; /* max(win) */ 47 u_int8_t td_scale; /* window scale factor */ 48 u_int8_t flags; /* per direction options */ 49 }; 50 51 struct ip_ct_tcp 52 { 53 struct ip_ct_tcp_state seen[2]; /* connection parameters per direction */ 54 u_int8_t state; /* state of the connection (enum tcp_conntrack) */ 55 /* For detecting stale connections */ 56 u_int8_t last_dir; /* Direction of the last packet (enum ip_conntrack_dir) */ 57 u_int8_t retrans; /* Number of retransmitted packets */ 58 u_int8_t last_index; /* Index of the last packet */ 59 u_int32_t last_seq; /* Last sequence number seen in dir */ 60 u_int32_t last_ack; /* Last sequence number seen in opposite dir */ 61 u_int32_t last_end; /* Last seq + len */ 62 u_int16_t last_win; /* Last window advertisement seen in dir */ 63 }; 64 65 #endif /* __KERNEL__ */ 66 67 #endif /* _NF_CONNTRACK_TCP_H */ 68