From 2c3c1048746a4622d8c89a29670120dc8fab93c4 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 20:49:45 +0200
Subject: Adding upstream version 6.1.76.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 include/net/netfilter/br_netfilter.h | 77 ++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 include/net/netfilter/br_netfilter.h

(limited to 'include/net/netfilter/br_netfilter.h')

diff --git a/include/net/netfilter/br_netfilter.h b/include/net/netfilter/br_netfilter.h
new file mode 100644
index 000000000..371696ec1
--- /dev/null
+++ b/include/net/netfilter/br_netfilter.h
@@ -0,0 +1,77 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _BR_NETFILTER_H_
+#define _BR_NETFILTER_H_
+
+#include <linux/netfilter.h>
+
+#include "../../../net/bridge/br_private.h"
+
+static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
+{
+#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
+	struct nf_bridge_info *b = skb_ext_add(skb, SKB_EXT_BRIDGE_NF);
+
+	if (b)
+		memset(b, 0, sizeof(*b));
+
+	return b;
+#else
+	return NULL;
+#endif
+}
+
+void nf_bridge_update_protocol(struct sk_buff *skb);
+
+int br_nf_hook_thresh(unsigned int hook, struct net *net, struct sock *sk,
+		      struct sk_buff *skb, struct net_device *indev,
+		      struct net_device *outdev,
+		      int (*okfn)(struct net *, struct sock *,
+				  struct sk_buff *));
+
+unsigned int nf_bridge_encap_header_len(const struct sk_buff *skb);
+
+static inline void nf_bridge_push_encap_header(struct sk_buff *skb)
+{
+	unsigned int len = nf_bridge_encap_header_len(skb);
+
+	skb_push(skb, len);
+	skb->network_header -= len;
+}
+
+int br_nf_pre_routing_finish_bridge(struct net *net, struct sock *sk, struct sk_buff *skb);
+
+static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
+{
+#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
+	struct net_bridge_port *port;
+
+	port = br_port_get_rcu(dev);
+	return port ? &port->br->fake_rtable : NULL;
+#else
+	return NULL;
+#endif
+}
+
+struct net_device *setup_pre_routing(struct sk_buff *skb,
+				     const struct net *net);
+
+#if IS_ENABLED(CONFIG_IPV6)
+int br_validate_ipv6(struct net *net, struct sk_buff *skb);
+unsigned int br_nf_pre_routing_ipv6(void *priv,
+				    struct sk_buff *skb,
+				    const struct nf_hook_state *state);
+#else
+static inline int br_validate_ipv6(struct net *net, struct sk_buff *skb)
+{
+	return -1;
+}
+
+static inline unsigned int
+br_nf_pre_routing_ipv6(void *priv, struct sk_buff *skb,
+		       const struct nf_hook_state *state)
+{
+	return NF_ACCEPT;
+}
+#endif
+
+#endif /* _BR_NETFILTER_H_ */
-- 
cgit v1.2.3