rsmnl_linux/netfilter/
nfnetlink.rs

1use netlink;
2
3#[repr(u32)]
4#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
5pub enum Groups {
6    // NFNLGRP_
7    None = 0,
8    ConntrackNew,
9    ConntrackUpdate,
10    ConntrackDestroy,
11    ConntrackExpNew,
12    ConntrackExpUpdate,
13    ConntrackExpDestroy,
14    Nftables,
15    AcctQuota,
16    Nftrace,
17    _MAX,
18}
19pub const NFNLGRP_NONE: u32 = Groups::None as u32;
20pub const NFNLGRP_CONNTRACK_NEW: u32 = Groups::ConntrackNew as u32;
21pub const NFNLGRP_CONNTRACK_UPDATE: u32 = Groups::ConntrackUpdate as u32;
22pub const NFNLGRP_CONNTRACK_DESTROY: u32 = Groups::ConntrackDestroy as u32;
23pub const NFNLGRP_CONNTRACK_EXP_NEW: u32 = Groups::ConntrackExpNew as u32;
24pub const NFNLGRP_CONNTRACK_EXP_UPDATE: u32 = Groups::ConntrackExpUpdate as u32;
25pub const NFNLGRP_CONNTRACK_EXP_DESTROY: u32 = Groups::ConntrackExpDestroy as u32;
26pub const NFNLGRP_NFTABLES: u32 = Groups::Nftables as u32;
27pub const NFNLGRP_ACCT_QUOTA: u32 = Groups::AcctQuota as u32;
28pub const NFNLGRP_NFTRACE: u32 = Groups::Nftrace as u32;
29pub const __NFNLGRP_MAX: u32 = Groups::_MAX as u32;
30pub const NFNLGRP_MAX: u32 = __NFNLGRP_MAX - 1;
31
32// General form of address family dependent message.
33#[repr(C)]
34#[derive(Debug, Clone, Copy)]
35pub struct Nfgenmsg {
36    pub nfgen_family: u8, // AF_xxx
37    pub version: u8,      // nfnetlink version
38    pub res_id: u16,      // resource id
39}
40
41pub const NFNETLINK_V0: u8 = 0;
42
43// netfilter netlink message types are split in two pieces:
44// 8 bit subsystem, 8bit operation.
45pub const fn subsys_id(x: u16) -> u16 {
46    (x & 0xff00) >> 8
47}
48pub const fn msg_type(x: u16) -> u16 {
49    x & 0x00ff
50}
51
52// No enum here, otherwise __stringify() trick of MODULE_ALIAS_NFNL_SUBSYS()
53// won't work anymore
54pub const NFNL_SUBSYS_NONE: u16 = 0;
55pub const NFNL_SUBSYS_CTNETLINK: u16 = 1;
56pub const NFNL_SUBSYS_CTNETLINK_EXP: u16 = 2;
57pub const NFNL_SUBSYS_QUEUE: u16 = 3;
58pub const NFNL_SUBSYS_ULOG: u16 = 4;
59pub const NFNL_SUBSYS_OSF: u16 = 5;
60pub const NFNL_SUBSYS_IPSET: u16 = 6;
61pub const NFNL_SUBSYS_ACCT: u16 = 7;
62pub const NFNL_SUBSYS_CTNETLINK_TIMEOUT: u16 = 8;
63pub const NFNL_SUBSYS_CTHELPER: u16 = 9;
64pub const NFNL_SUBSYS_NFTABLES: u16 = 10;
65pub const NFNL_SUBSYS_NFT_COMPAT: u16 = 11;
66pub const NFNL_SUBSYS_COUNT: u16 = 12;
67
68// Reserved control nfnetlink messages
69pub const NFNL_MSG_BATCH_BEGIN: u16 = netlink::NLMSG_MIN_TYPE;
70pub const NFNL_MSG_BATCH_END: u16 = netlink::NLMSG_MIN_TYPE + 1;
71
72// enum nfnl_batch_attributes - nfnetlink batch netlink attributes
73// @NFNL_BATCH_GENID: generation ID for this changeset (NLA_U32)
74#[repr(u32)]
75#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)]
76enum NfnlBatchAttributes {
77    // NFNL_BATCH_
78    Unspec = 0,
79    Genid,
80    _MAX,
81}
82pub const NFNL_BATCH_UNSPEC: u32 = NfnlBatchAttributes::Unspec as u32;
83pub const NFNL_BATCH_GENID: u32 = NfnlBatchAttributes::Genid as u32;
84pub const __NFNL_BATCH_MAX: u32 = NfnlBatchAttributes::_MAX as u32;
85pub const NFNL_BATCH_MAX: u32 = __NFNL_BATCH_MAX - 1;