net/ipv4/netfilter.c
Source file repositories/reference/linux-study-clean/net/ipv4/netfilter.c
File Facts
- System
- Linux kernel
- Corpus path
net/ipv4/netfilter.c- Extension
.c- Size
- 2802 bytes
- Lines
- 101
- Domain
- Networking Core
- Bucket
- Sockets, Protocols, Packet Path, And Network Policy
- Inferred role
- Networking Core: exported/initcall integration point
- Status
- integration implementation candidate
Why This File Exists
Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Exports symbols or registers init work; inspect boot/module ordering and who consumes the exported contract.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/kernel.hlinux/netfilter.hlinux/netfilter_ipv4.hlinux/ip.hlinux/skbuff.hlinux/gfp.hlinux/export.hnet/flow.hnet/route.hnet/xfrm.hnet/ip.hnet/netfilter/nf_queue.h
Detected Declarations
function Russellfunction xfrm_decode_sessionfunction nf_ip_routeexport ip_route_me_harderexport nf_ip_route
Annotated Snippet
xfrm_decode_session(net, skb, flowi4_to_flowi(&fl4), AF_INET) == 0) {
struct dst_entry *dst = skb_dst(skb);
/* ignore return value from skb_dstref_steal, xfrm_lookup takes
* care of dropping the refcnt if needed.
*/
skb_dstref_steal(skb);
dst = xfrm_lookup(net, dst, flowi4_to_flowi(&fl4), sk, 0);
if (IS_ERR(dst))
return PTR_ERR(dst);
skb_dst_set(skb, dst);
}
#endif
/* Change in oif may mean change in hh_len. */
hh_len = skb_dst_dev(skb)->hard_header_len;
if (skb_headroom(skb) < hh_len &&
pskb_expand_head(skb, HH_DATA_ALIGN(hh_len - skb_headroom(skb)),
0, GFP_ATOMIC))
return -ENOMEM;
return 0;
}
EXPORT_SYMBOL(ip_route_me_harder);
int nf_ip_route(struct net *net, struct dst_entry **dst, struct flowi *fl,
bool strict __always_unused)
{
struct rtable *rt = ip_route_output_key(net, &fl->u.ip4);
if (IS_ERR(rt))
return PTR_ERR(rt);
*dst = &rt->dst;
return 0;
}
EXPORT_SYMBOL_GPL(nf_ip_route);
Annotation
- Immediate include surface: `linux/kernel.h`, `linux/netfilter.h`, `linux/netfilter_ipv4.h`, `linux/ip.h`, `linux/skbuff.h`, `linux/gfp.h`, `linux/export.h`, `net/flow.h`.
- Detected declarations: `function Russell`, `function xfrm_decode_session`, `function nf_ip_route`, `export ip_route_me_harder`, `export nf_ip_route`.
- Atlas domain: Networking Core / Sockets, Protocols, Packet Path, And Network Policy.
- Implementation status: integration implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.