1#![no_std]
8#![warn(missing_docs)]
9
10extern crate fakealloc as alloc;
11
12mod actions;
13mod api;
14mod conntrack;
15mod context;
16mod logic;
17mod matchers;
18mod packets;
19mod state;
20
21use logic::nat::NatConfig;
22
23pub type ConntrackConnection<I, A, BT> = conntrack::Connection<I, NatConfig<I, A>, BT>;
25
26pub use actions::MarkAction;
27pub use api::FilterApi;
28pub use conntrack::{
29 ConnectionDirection, Table, TransportProtocol, Tuple,
30 WeakConnection as WeakConntrackConnection, WeakConnectionError,
31};
32pub use context::{
33 FilterBindingsContext, FilterBindingsTypes, FilterContext, FilterIpContext, NatContext,
34 SocketEgressFilterResult, SocketOpsFilter, SocketOpsFilterBindingContext,
35};
36pub use logic::{
37 FilterHandler, FilterImpl, FilterTimerId, IngressVerdict, ProofOfEgressCheck, Verdict,
38};
39pub use matchers::{
40 AddressMatcher, AddressMatcherType, InterfaceMatcher, InterfaceProperties, PacketMatcher,
41 PortMatcher, TransportProtocolMatcher,
42};
43pub use packets::{
44 FilterIpExt, ForwardedPacket, IcmpMessage, IpPacket, MaybeTransportPacket,
45 MaybeTransportPacketMut, RawIpBody, TransportPacketSerializer, TxPacket,
46};
47pub use state::validation::{ValidRoutines, ValidationError};
48pub use state::{
49 Action, FilterIpMetadata, FilterMarkMetadata, Hook, IpRoutines, NatRoutines, Routine, Routines,
50 Rule, State, TransparentProxy, UninstalledRoutine,
51};
52
53#[cfg(any(test, feature = "testutils"))]
55pub mod testutil {
56 pub use crate::logic::testutil::NoopImpl;
57
58 #[cfg(test)]
59 pub(crate) trait TestIpExt:
60 crate::context::testutil::TestIpExt + crate::packets::testutil::internal::TestIpExt
61 {
62 }
63
64 #[cfg(test)]
65 impl<I> TestIpExt for I where
66 I: crate::context::testutil::TestIpExt + crate::packets::testutil::internal::TestIpExt
67 {
68 }
69}