github.com/vishvananda/netlink@v1.3.0/nl/conntrack_linux.go (about) 1 package nl 2 3 import "unsafe" 4 5 // Track the message sizes for the correct serialization/deserialization 6 const ( 7 SizeofNfgenmsg = 4 8 SizeofNfattr = 4 9 SizeofNfConntrack = 376 10 SizeofNfctTupleHead = 52 11 ) 12 13 var L4ProtoMap = map[uint8]string{ 14 6: "tcp", 15 17: "udp", 16 } 17 18 // From https://git.netfilter.org/libnetfilter_conntrack/tree/include/libnetfilter_conntrack/libnetfilter_conntrack_tcp.h 19 // enum tcp_state { 20 // TCP_CONNTRACK_NONE, 21 // TCP_CONNTRACK_SYN_SENT, 22 // TCP_CONNTRACK_SYN_RECV, 23 // TCP_CONNTRACK_ESTABLISHED, 24 // TCP_CONNTRACK_FIN_WAIT, 25 // TCP_CONNTRACK_CLOSE_WAIT, 26 // TCP_CONNTRACK_LAST_ACK, 27 // TCP_CONNTRACK_TIME_WAIT, 28 // TCP_CONNTRACK_CLOSE, 29 // TCP_CONNTRACK_LISTEN, /* obsolete */ 30 // #define TCP_CONNTRACK_SYN_SENT2 TCP_CONNTRACK_LISTEN 31 // TCP_CONNTRACK_MAX, 32 // TCP_CONNTRACK_IGNORE 33 // }; 34 const ( 35 TCP_CONNTRACK_NONE = 0 36 TCP_CONNTRACK_SYN_SENT = 1 37 TCP_CONNTRACK_SYN_RECV = 2 38 TCP_CONNTRACK_ESTABLISHED = 3 39 TCP_CONNTRACK_FIN_WAIT = 4 40 TCP_CONNTRACK_CLOSE_WAIT = 5 41 TCP_CONNTRACK_LAST_ACK = 6 42 TCP_CONNTRACK_TIME_WAIT = 7 43 TCP_CONNTRACK_CLOSE = 8 44 TCP_CONNTRACK_LISTEN = 9 45 TCP_CONNTRACK_SYN_SENT2 = 9 46 TCP_CONNTRACK_MAX = 10 47 TCP_CONNTRACK_IGNORE = 11 48 ) 49 50 // All the following constants are coming from: 51 // https://github.com/torvalds/linux/blob/master/include/uapi/linux/netfilter/nfnetlink_conntrack.h 52 53 // enum cntl_msg_types { 54 // IPCTNL_MSG_CT_NEW, 55 // IPCTNL_MSG_CT_GET, 56 // IPCTNL_MSG_CT_DELETE, 57 // IPCTNL_MSG_CT_GET_CTRZERO, 58 // IPCTNL_MSG_CT_GET_STATS_CPU, 59 // IPCTNL_MSG_CT_GET_STATS, 60 // IPCTNL_MSG_CT_GET_DYING, 61 // IPCTNL_MSG_CT_GET_UNCONFIRMED, 62 // 63 // IPCTNL_MSG_MAX 64 // }; 65 const ( 66 IPCTNL_MSG_CT_NEW = 0 67 IPCTNL_MSG_CT_GET = 1 68 IPCTNL_MSG_CT_DELETE = 2 69 ) 70 71 // #define NFNETLINK_V0 0 72 const ( 73 NFNETLINK_V0 = 0 74 ) 75 76 const ( 77 NLA_F_NESTED uint16 = (1 << 15) // #define NLA_F_NESTED (1 << 15) 78 NLA_F_NET_BYTEORDER uint16 = (1 << 14) // #define NLA_F_NESTED (1 << 14) 79 NLA_TYPE_MASK = ^(NLA_F_NESTED | NLA_F_NET_BYTEORDER) 80 NLA_ALIGNTO uint16 = 4 // #define NLA_ALIGNTO 4 81 ) 82 83 // enum ctattr_type { 84 // CTA_UNSPEC, 85 // CTA_TUPLE_ORIG, 86 // CTA_TUPLE_REPLY, 87 // CTA_STATUS, 88 // CTA_PROTOINFO, 89 // CTA_HELP, 90 // CTA_NAT_SRC, 91 // #define CTA_NAT CTA_NAT_SRC /* backwards compatibility */ 92 // CTA_TIMEOUT, 93 // CTA_MARK, 94 // CTA_COUNTERS_ORIG, 95 // CTA_COUNTERS_REPLY, 96 // CTA_USE, 97 // CTA_ID, 98 // CTA_NAT_DST, 99 // CTA_TUPLE_MASTER, 100 // CTA_SEQ_ADJ_ORIG, 101 // CTA_NAT_SEQ_ADJ_ORIG = CTA_SEQ_ADJ_ORIG, 102 // CTA_SEQ_ADJ_REPLY, 103 // CTA_NAT_SEQ_ADJ_REPLY = CTA_SEQ_ADJ_REPLY, 104 // CTA_SECMARK, /* obsolete */ 105 // CTA_ZONE, 106 // CTA_SECCTX, 107 // CTA_TIMESTAMP, 108 // CTA_MARK_MASK, 109 // CTA_LABELS, 110 // CTA_LABELS_MASK, 111 // __CTA_MAX 112 // }; 113 const ( 114 CTA_TUPLE_ORIG = 1 115 CTA_TUPLE_REPLY = 2 116 CTA_STATUS = 3 117 CTA_PROTOINFO = 4 118 CTA_TIMEOUT = 7 119 CTA_MARK = 8 120 CTA_COUNTERS_ORIG = 9 121 CTA_COUNTERS_REPLY = 10 122 CTA_USE = 11 123 CTA_ID = 12 124 CTA_ZONE = 18 125 CTA_TIMESTAMP = 20 126 CTA_LABELS = 22 127 CTA_LABELS_MASK = 23 128 ) 129 130 // enum ctattr_tuple { 131 // CTA_TUPLE_UNSPEC, 132 // CTA_TUPLE_IP, 133 // CTA_TUPLE_PROTO, 134 // CTA_TUPLE_ZONE, 135 // __CTA_TUPLE_MAX 136 // }; 137 // #define CTA_TUPLE_MAX (__CTA_TUPLE_MAX - 1) 138 const ( 139 CTA_TUPLE_IP = 1 140 CTA_TUPLE_PROTO = 2 141 ) 142 143 // enum ctattr_ip { 144 // CTA_IP_UNSPEC, 145 // CTA_IP_V4_SRC, 146 // CTA_IP_V4_DST, 147 // CTA_IP_V6_SRC, 148 // CTA_IP_V6_DST, 149 // __CTA_IP_MAX 150 // }; 151 // #define CTA_IP_MAX (__CTA_IP_MAX - 1) 152 const ( 153 CTA_IP_V4_SRC = 1 154 CTA_IP_V4_DST = 2 155 CTA_IP_V6_SRC = 3 156 CTA_IP_V6_DST = 4 157 ) 158 159 // enum ctattr_l4proto { 160 // CTA_PROTO_UNSPEC, 161 // CTA_PROTO_NUM, 162 // CTA_PROTO_SRC_PORT, 163 // CTA_PROTO_DST_PORT, 164 // CTA_PROTO_ICMP_ID, 165 // CTA_PROTO_ICMP_TYPE, 166 // CTA_PROTO_ICMP_CODE, 167 // CTA_PROTO_ICMPV6_ID, 168 // CTA_PROTO_ICMPV6_TYPE, 169 // CTA_PROTO_ICMPV6_CODE, 170 // __CTA_PROTO_MAX 171 // }; 172 // #define CTA_PROTO_MAX (__CTA_PROTO_MAX - 1) 173 const ( 174 CTA_PROTO_NUM = 1 175 CTA_PROTO_SRC_PORT = 2 176 CTA_PROTO_DST_PORT = 3 177 ) 178 179 // enum ctattr_protoinfo { 180 // CTA_PROTOINFO_UNSPEC, 181 // CTA_PROTOINFO_TCP, 182 // CTA_PROTOINFO_DCCP, 183 // CTA_PROTOINFO_SCTP, 184 // __CTA_PROTOINFO_MAX 185 // }; 186 // #define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1) 187 const ( 188 CTA_PROTOINFO_UNSPEC = 0 189 CTA_PROTOINFO_TCP = 1 190 CTA_PROTOINFO_DCCP = 2 191 CTA_PROTOINFO_SCTP = 3 192 ) 193 194 // enum ctattr_protoinfo_tcp { 195 // CTA_PROTOINFO_TCP_UNSPEC, 196 // CTA_PROTOINFO_TCP_STATE, 197 // CTA_PROTOINFO_TCP_WSCALE_ORIGINAL, 198 // CTA_PROTOINFO_TCP_WSCALE_REPLY, 199 // CTA_PROTOINFO_TCP_FLAGS_ORIGINAL, 200 // CTA_PROTOINFO_TCP_FLAGS_REPLY, 201 // __CTA_PROTOINFO_TCP_MAX 202 // }; 203 // #define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) 204 const ( 205 CTA_PROTOINFO_TCP_STATE = 1 206 CTA_PROTOINFO_TCP_WSCALE_ORIGINAL = 2 207 CTA_PROTOINFO_TCP_WSCALE_REPLY = 3 208 CTA_PROTOINFO_TCP_FLAGS_ORIGINAL = 4 209 CTA_PROTOINFO_TCP_FLAGS_REPLY = 5 210 ) 211 212 // enum ctattr_counters { 213 // CTA_COUNTERS_UNSPEC, 214 // CTA_COUNTERS_PACKETS, /* 64bit counters */ 215 // CTA_COUNTERS_BYTES, /* 64bit counters */ 216 // CTA_COUNTERS32_PACKETS, /* old 32bit counters, unused */ 217 // CTA_COUNTERS32_BYTES, /* old 32bit counters, unused */ 218 // CTA_COUNTERS_PAD, 219 // __CTA_COUNTERS_M 220 // }; 221 // #define CTA_COUNTERS_MAX (__CTA_COUNTERS_MAX - 1) 222 const ( 223 CTA_COUNTERS_PACKETS = 1 224 CTA_COUNTERS_BYTES = 2 225 ) 226 227 // enum CTA TIMESTAMP TLVs 228 // CTA_TIMESTAMP_START /* 64bit value */ 229 // CTA_TIMESTAMP_STOP /* 64bit value */ 230 const ( 231 CTA_TIMESTAMP_START = 1 232 CTA_TIMESTAMP_STOP = 2 233 ) 234 235 // /* General form of address family dependent message. 236 // */ 237 // struct nfgenmsg { 238 // __u8 nfgen_family; /* AF_xxx */ 239 // __u8 version; /* nfnetlink version */ 240 // __be16 res_id; /* resource id */ 241 // }; 242 type Nfgenmsg struct { 243 NfgenFamily uint8 244 Version uint8 245 ResId uint16 // big endian 246 } 247 248 func (msg *Nfgenmsg) Len() int { 249 return SizeofNfgenmsg 250 } 251 252 func DeserializeNfgenmsg(b []byte) *Nfgenmsg { 253 return (*Nfgenmsg)(unsafe.Pointer(&b[0:SizeofNfgenmsg][0])) 254 } 255 256 func (msg *Nfgenmsg) Serialize() []byte { 257 return (*(*[SizeofNfgenmsg]byte)(unsafe.Pointer(msg)))[:] 258 }