| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642 |
- # SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)
- ---
- name: conntrack
- protocol: netlink-raw
- protonum: 12
- doc: >-
- Netfilter connection tracking subsystem over nfnetlink
- definitions:
- -
- name: nfgenmsg
- type: struct
- members:
- -
- name: nfgen-family
- type: u8
- -
- name: version
- type: u8
- -
- name: res-id
- byte-order: big-endian
- type: u16
- -
- name: nf-ct-tcp-flags-mask
- type: struct
- members:
- -
- name: flags
- type: u8
- enum: nf-ct-tcp-flags
- enum-as-flags: true
- -
- name: mask
- type: u8
- enum: nf-ct-tcp-flags
- enum-as-flags: true
- -
- name: nf-ct-tcp-flags
- type: flags
- entries:
- - window-scale
- - sack-perm
- - close-init
- - be-liberal
- - unacked
- - maxack
- - challenge-ack
- - simultaneous-open
- -
- name: nf-ct-tcp-state
- type: enum
- entries:
- - none
- - syn-sent
- - syn-recv
- - established
- - fin-wait
- - close-wait
- - last-ack
- - time-wait
- - close
- - syn-sent2
- - max
- - ignore
- - retrans
- - unack
- - timeout-max
- -
- name: nf-ct-sctp-state
- type: enum
- entries:
- - none
- - cloned
- - cookie-wait
- - cookie-echoed
- - established
- - shutdown-sent
- - shutdown-received
- - shutdown-ack-sent
- - shutdown-heartbeat-sent
- -
- name: nf-ct-status
- type: flags
- entries:
- - expected
- - seen-reply
- - assured
- - confirmed
- - src-nat
- - dst-nat
- - seq-adj
- - src-nat-done
- - dst-nat-done
- - dying
- - fixed-timeout
- - template
- - nat-clash
- - helper
- - offload
- - hw-offload
- attribute-sets:
- -
- name: counter-attrs
- attributes:
- -
- name: packets
- type: u64
- byte-order: big-endian
- -
- name: bytes
- type: u64
- byte-order: big-endian
- -
- name: packets-old
- type: u32
- -
- name: bytes-old
- type: u32
- -
- name: pad
- type: pad
- -
- name: tuple-proto-attrs
- attributes:
- -
- name: proto-num
- type: u8
- doc: l4 protocol number
- -
- name: proto-src-port
- type: u16
- byte-order: big-endian
- doc: l4 source port
- -
- name: proto-dst-port
- type: u16
- byte-order: big-endian
- doc: l4 source port
- -
- name: proto-icmp-id
- type: u16
- byte-order: big-endian
- doc: l4 icmp id
- -
- name: proto-icmp-type
- type: u8
- -
- name: proto-icmp-code
- type: u8
- -
- name: proto-icmpv6-id
- type: u16
- byte-order: big-endian
- doc: l4 icmp id
- -
- name: proto-icmpv6-type
- type: u8
- -
- name: proto-icmpv6-code
- type: u8
- -
- name: tuple-ip-attrs
- attributes:
- -
- name: ip-v4-src
- type: u32
- byte-order: big-endian
- display-hint: ipv4
- doc: ipv4 source address
- -
- name: ip-v4-dst
- type: u32
- byte-order: big-endian
- display-hint: ipv4
- doc: ipv4 destination address
- -
- name: ip-v6-src
- type: binary
- checks:
- min-len: 16
- byte-order: big-endian
- display-hint: ipv6
- doc: ipv6 source address
- -
- name: ip-v6-dst
- type: binary
- checks:
- min-len: 16
- byte-order: big-endian
- display-hint: ipv6
- doc: ipv6 destination address
- -
- name: tuple-attrs
- attributes:
- -
- name: tuple-ip
- type: nest
- nested-attributes: tuple-ip-attrs
- doc: conntrack l3 information
- -
- name: tuple-proto
- type: nest
- nested-attributes: tuple-proto-attrs
- doc: conntrack l4 information
- -
- name: tuple-zone
- type: u16
- byte-order: big-endian
- doc: conntrack zone id
- -
- name: protoinfo-tcp-attrs
- attributes:
- -
- name: tcp-state
- type: u8
- enum: nf-ct-tcp-state
- doc: tcp connection state
- -
- name: tcp-wscale-original
- type: u8
- doc: window scaling factor in original direction
- -
- name: tcp-wscale-reply
- type: u8
- doc: window scaling factor in reply direction
- -
- name: tcp-flags-original
- type: binary
- struct: nf-ct-tcp-flags-mask
- -
- name: tcp-flags-reply
- type: binary
- struct: nf-ct-tcp-flags-mask
- -
- name: protoinfo-dccp-attrs
- attributes:
- -
- name: dccp-state
- type: u8
- doc: dccp connection state
- -
- name: dccp-role
- type: u8
- -
- name: dccp-handshake-seq
- type: u64
- byte-order: big-endian
- -
- name: dccp-pad
- type: pad
- -
- name: protoinfo-sctp-attrs
- attributes:
- -
- name: sctp-state
- type: u8
- doc: sctp connection state
- enum: nf-ct-sctp-state
- -
- name: vtag-original
- type: u32
- byte-order: big-endian
- -
- name: vtag-reply
- type: u32
- byte-order: big-endian
- -
- name: protoinfo-attrs
- attributes:
- -
- name: protoinfo-tcp
- type: nest
- nested-attributes: protoinfo-tcp-attrs
- doc: conntrack tcp state information
- -
- name: protoinfo-dccp
- type: nest
- nested-attributes: protoinfo-dccp-attrs
- doc: conntrack dccp state information
- -
- name: protoinfo-sctp
- type: nest
- nested-attributes: protoinfo-sctp-attrs
- doc: conntrack sctp state information
- -
- name: help-attrs
- attributes:
- -
- name: help-name
- type: string
- doc: helper name
- -
- name: nat-proto-attrs
- attributes:
- -
- name: nat-port-min
- type: u16
- byte-order: big-endian
- -
- name: nat-port-max
- type: u16
- byte-order: big-endian
- -
- name: nat-attrs
- attributes:
- -
- name: nat-v4-minip
- type: u32
- byte-order: big-endian
- -
- name: nat-v4-maxip
- type: u32
- byte-order: big-endian
- -
- name: nat-v6-minip
- type: binary
- -
- name: nat-v6-maxip
- type: binary
- -
- name: nat-proto
- type: nest
- nested-attributes: nat-proto-attrs
- -
- name: seqadj-attrs
- attributes:
- -
- name: correction-pos
- type: u32
- byte-order: big-endian
- -
- name: offset-before
- type: u32
- byte-order: big-endian
- -
- name: offset-after
- type: u32
- byte-order: big-endian
- -
- name: secctx-attrs
- attributes:
- -
- name: secctx-name
- type: string
- -
- name: synproxy-attrs
- attributes:
- -
- name: isn
- type: u32
- byte-order: big-endian
- -
- name: its
- type: u32
- byte-order: big-endian
- -
- name: tsoff
- type: u32
- byte-order: big-endian
- -
- name: conntrack-attrs
- attributes:
- -
- name: tuple-orig
- type: nest
- nested-attributes: tuple-attrs
- doc: conntrack l3+l4 protocol information, original direction
- -
- name: tuple-reply
- type: nest
- nested-attributes: tuple-attrs
- doc: conntrack l3+l4 protocol information, reply direction
- -
- name: status
- type: u32
- byte-order: big-endian
- enum: nf-ct-status
- enum-as-flags: true
- doc: conntrack flag bits
- -
- name: protoinfo
- type: nest
- nested-attributes: protoinfo-attrs
- -
- name: help
- type: nest
- nested-attributes: help-attrs
- -
- name: nat-src
- type: nest
- nested-attributes: nat-attrs
- -
- name: timeout
- type: u32
- byte-order: big-endian
- -
- name: mark
- type: u32
- byte-order: big-endian
- -
- name: counters-orig
- type: nest
- nested-attributes: counter-attrs
- -
- name: counters-reply
- type: nest
- nested-attributes: counter-attrs
- -
- name: use
- type: u32
- byte-order: big-endian
- -
- name: id
- type: u32
- byte-order: big-endian
- -
- name: nat-dst
- type: nest
- nested-attributes: nat-attrs
- -
- name: tuple-master
- type: nest
- nested-attributes: tuple-attrs
- -
- name: seq-adj-orig
- type: nest
- nested-attributes: seqadj-attrs
- -
- name: seq-adj-reply
- type: nest
- nested-attributes: seqadj-attrs
- -
- name: secmark
- type: binary
- doc: obsolete
- -
- name: zone
- type: u16
- byte-order: big-endian
- doc: conntrack zone id
- -
- name: secctx
- type: nest
- nested-attributes: secctx-attrs
- -
- name: timestamp
- type: u64
- byte-order: big-endian
- -
- name: mark-mask
- type: u32
- byte-order: big-endian
- -
- name: labels
- type: binary
- -
- name: labels-mask
- type: binary
- -
- name: synproxy
- type: nest
- nested-attributes: synproxy-attrs
- -
- name: filter
- type: nest
- nested-attributes: tuple-attrs
- -
- name: status-mask
- type: u32
- byte-order: big-endian
- enum: nf-ct-status
- enum-as-flags: true
- doc: conntrack flag bits to change
- -
- name: timestamp-event
- type: u64
- byte-order: big-endian
- -
- name: conntrack-stats-attrs
- attributes:
- -
- name: searched
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: found
- type: u32
- byte-order: big-endian
- -
- name: new
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: invalid
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: ignore
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: delete
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: delete-list
- type: u32
- byte-order: big-endian
- doc: obsolete
- -
- name: insert
- type: u32
- byte-order: big-endian
- -
- name: insert-failed
- type: u32
- byte-order: big-endian
- -
- name: drop
- type: u32
- byte-order: big-endian
- -
- name: early-drop
- type: u32
- byte-order: big-endian
- -
- name: error
- type: u32
- byte-order: big-endian
- -
- name: search-restart
- type: u32
- byte-order: big-endian
- -
- name: clash-resolve
- type: u32
- byte-order: big-endian
- -
- name: chain-toolong
- type: u32
- byte-order: big-endian
- operations:
- enum-model: directional
- list:
- -
- name: get
- doc: get / dump entries
- attribute-set: conntrack-attrs
- fixed-header: nfgenmsg
- do:
- request:
- value: 0x101
- attributes:
- - tuple-orig
- - tuple-reply
- - zone
- reply:
- value: 0x100
- attributes:
- - tuple-orig
- - tuple-reply
- - status
- - protoinfo
- - help
- - nat-src
- - nat-dst
- - timeout
- - mark
- - counters-orig
- - counters-reply
- - use
- - id
- - nat-dst
- - tuple-master
- - seq-adj-orig
- - seq-adj-reply
- - zone
- - secctx
- - labels
- - synproxy
- dump:
- request:
- value: 0x101
- attributes:
- - mark
- - filter
- - status
- - zone
- reply:
- value: 0x100
- attributes:
- - tuple-orig
- - tuple-reply
- - status
- - protoinfo
- - help
- - nat-src
- - nat-dst
- - timeout
- - mark
- - counters-orig
- - counters-reply
- - use
- - id
- - nat-dst
- - tuple-master
- - seq-adj-orig
- - seq-adj-reply
- - zone
- - secctx
- - labels
- - synproxy
- -
- name: get-stats
- doc: dump pcpu conntrack stats
- attribute-set: conntrack-stats-attrs
- fixed-header: nfgenmsg
- dump:
- request:
- value: 0x104
- reply:
- value: 0x104
- attributes:
- - searched
- - found
- - insert
- - insert-failed
- - drop
- - early-drop
- - error
- - search-restart
- - clash-resolve
- - chain-toolong
|