1 /**************************************************************************** 2 **************************************************************************** 3 *** 4 *** This header was automatically generated from a Linux kernel header 5 *** of the same name, to make information necessary for userspace to 6 *** call into the kernel available to libc. It contains only constants, 7 *** structures, and macros generated from the original header, and thus, 8 *** contains no copyrightable information. 9 *** 10 *** To edit the content of this header, modify the corresponding 11 *** source file (e.g. under external/kernel-headers/original/) then 12 *** run bionic/libc/kernel/tools/update_all.py 13 *** 14 *** Any manual change here will be lost the next time this script will 15 *** be run. You've been warned! 16 *** 17 **************************************************************************** 18 ****************************************************************************/ 19 #ifndef _LINUX_NF_TABLES_H 20 #define _LINUX_NF_TABLES_H 21 #define NFT_NAME_MAXLEN 256 22 #define NFT_TABLE_MAXNAMELEN NFT_NAME_MAXLEN 23 #define NFT_CHAIN_MAXNAMELEN NFT_NAME_MAXLEN 24 #define NFT_SET_MAXNAMELEN NFT_NAME_MAXLEN 25 #define NFT_OBJ_MAXNAMELEN NFT_NAME_MAXLEN 26 #define NFT_USERDATA_MAXLEN 256 27 #define NFT_OSF_MAXGENRELEN 16 28 enum nft_registers { 29 NFT_REG_VERDICT, 30 NFT_REG_1, 31 NFT_REG_2, 32 NFT_REG_3, 33 NFT_REG_4, 34 __NFT_REG_MAX, 35 NFT_REG32_00 = 8, 36 NFT_REG32_01, 37 NFT_REG32_02, 38 NFT_REG32_03, 39 NFT_REG32_04, 40 NFT_REG32_05, 41 NFT_REG32_06, 42 NFT_REG32_07, 43 NFT_REG32_08, 44 NFT_REG32_09, 45 NFT_REG32_10, 46 NFT_REG32_11, 47 NFT_REG32_12, 48 NFT_REG32_13, 49 NFT_REG32_14, 50 NFT_REG32_15, 51 }; 52 #define NFT_REG_MAX (__NFT_REG_MAX - 1) 53 #define NFT_REG_SIZE 16 54 #define NFT_REG32_SIZE 4 55 enum nft_verdicts { 56 NFT_CONTINUE = - 1, 57 NFT_BREAK = - 2, 58 NFT_JUMP = - 3, 59 NFT_GOTO = - 4, 60 NFT_RETURN = - 5, 61 }; 62 enum nf_tables_msg_types { 63 NFT_MSG_NEWTABLE, 64 NFT_MSG_GETTABLE, 65 NFT_MSG_DELTABLE, 66 NFT_MSG_NEWCHAIN, 67 NFT_MSG_GETCHAIN, 68 NFT_MSG_DELCHAIN, 69 NFT_MSG_NEWRULE, 70 NFT_MSG_GETRULE, 71 NFT_MSG_DELRULE, 72 NFT_MSG_NEWSET, 73 NFT_MSG_GETSET, 74 NFT_MSG_DELSET, 75 NFT_MSG_NEWSETELEM, 76 NFT_MSG_GETSETELEM, 77 NFT_MSG_DELSETELEM, 78 NFT_MSG_NEWGEN, 79 NFT_MSG_GETGEN, 80 NFT_MSG_TRACE, 81 NFT_MSG_NEWOBJ, 82 NFT_MSG_GETOBJ, 83 NFT_MSG_DELOBJ, 84 NFT_MSG_GETOBJ_RESET, 85 NFT_MSG_NEWFLOWTABLE, 86 NFT_MSG_GETFLOWTABLE, 87 NFT_MSG_DELFLOWTABLE, 88 NFT_MSG_MAX, 89 }; 90 enum nft_list_attributes { 91 NFTA_LIST_UNPEC, 92 NFTA_LIST_ELEM, 93 __NFTA_LIST_MAX 94 }; 95 #define NFTA_LIST_MAX (__NFTA_LIST_MAX - 1) 96 enum nft_hook_attributes { 97 NFTA_HOOK_UNSPEC, 98 NFTA_HOOK_HOOKNUM, 99 NFTA_HOOK_PRIORITY, 100 NFTA_HOOK_DEV, 101 __NFTA_HOOK_MAX 102 }; 103 #define NFTA_HOOK_MAX (__NFTA_HOOK_MAX - 1) 104 enum nft_table_flags { 105 NFT_TABLE_F_DORMANT = 0x1, 106 }; 107 enum nft_table_attributes { 108 NFTA_TABLE_UNSPEC, 109 NFTA_TABLE_NAME, 110 NFTA_TABLE_FLAGS, 111 NFTA_TABLE_USE, 112 NFTA_TABLE_HANDLE, 113 NFTA_TABLE_PAD, 114 __NFTA_TABLE_MAX 115 }; 116 #define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1) 117 enum nft_chain_attributes { 118 NFTA_CHAIN_UNSPEC, 119 NFTA_CHAIN_TABLE, 120 NFTA_CHAIN_HANDLE, 121 NFTA_CHAIN_NAME, 122 NFTA_CHAIN_HOOK, 123 NFTA_CHAIN_POLICY, 124 NFTA_CHAIN_USE, 125 NFTA_CHAIN_TYPE, 126 NFTA_CHAIN_COUNTERS, 127 NFTA_CHAIN_PAD, 128 __NFTA_CHAIN_MAX 129 }; 130 #define NFTA_CHAIN_MAX (__NFTA_CHAIN_MAX - 1) 131 enum nft_rule_attributes { 132 NFTA_RULE_UNSPEC, 133 NFTA_RULE_TABLE, 134 NFTA_RULE_CHAIN, 135 NFTA_RULE_HANDLE, 136 NFTA_RULE_EXPRESSIONS, 137 NFTA_RULE_COMPAT, 138 NFTA_RULE_POSITION, 139 NFTA_RULE_USERDATA, 140 NFTA_RULE_PAD, 141 NFTA_RULE_ID, 142 __NFTA_RULE_MAX 143 }; 144 #define NFTA_RULE_MAX (__NFTA_RULE_MAX - 1) 145 enum nft_rule_compat_flags { 146 NFT_RULE_COMPAT_F_INV = (1 << 1), 147 NFT_RULE_COMPAT_F_MASK = NFT_RULE_COMPAT_F_INV, 148 }; 149 enum nft_rule_compat_attributes { 150 NFTA_RULE_COMPAT_UNSPEC, 151 NFTA_RULE_COMPAT_PROTO, 152 NFTA_RULE_COMPAT_FLAGS, 153 __NFTA_RULE_COMPAT_MAX 154 }; 155 #define NFTA_RULE_COMPAT_MAX (__NFTA_RULE_COMPAT_MAX - 1) 156 enum nft_set_flags { 157 NFT_SET_ANONYMOUS = 0x1, 158 NFT_SET_CONSTANT = 0x2, 159 NFT_SET_INTERVAL = 0x4, 160 NFT_SET_MAP = 0x8, 161 NFT_SET_TIMEOUT = 0x10, 162 NFT_SET_EVAL = 0x20, 163 NFT_SET_OBJECT = 0x40, 164 }; 165 enum nft_set_policies { 166 NFT_SET_POL_PERFORMANCE, 167 NFT_SET_POL_MEMORY, 168 }; 169 enum nft_set_desc_attributes { 170 NFTA_SET_DESC_UNSPEC, 171 NFTA_SET_DESC_SIZE, 172 __NFTA_SET_DESC_MAX 173 }; 174 #define NFTA_SET_DESC_MAX (__NFTA_SET_DESC_MAX - 1) 175 enum nft_set_attributes { 176 NFTA_SET_UNSPEC, 177 NFTA_SET_TABLE, 178 NFTA_SET_NAME, 179 NFTA_SET_FLAGS, 180 NFTA_SET_KEY_TYPE, 181 NFTA_SET_KEY_LEN, 182 NFTA_SET_DATA_TYPE, 183 NFTA_SET_DATA_LEN, 184 NFTA_SET_POLICY, 185 NFTA_SET_DESC, 186 NFTA_SET_ID, 187 NFTA_SET_TIMEOUT, 188 NFTA_SET_GC_INTERVAL, 189 NFTA_SET_USERDATA, 190 NFTA_SET_PAD, 191 NFTA_SET_OBJ_TYPE, 192 NFTA_SET_HANDLE, 193 __NFTA_SET_MAX 194 }; 195 #define NFTA_SET_MAX (__NFTA_SET_MAX - 1) 196 enum nft_set_elem_flags { 197 NFT_SET_ELEM_INTERVAL_END = 0x1, 198 }; 199 enum nft_set_elem_attributes { 200 NFTA_SET_ELEM_UNSPEC, 201 NFTA_SET_ELEM_KEY, 202 NFTA_SET_ELEM_DATA, 203 NFTA_SET_ELEM_FLAGS, 204 NFTA_SET_ELEM_TIMEOUT, 205 NFTA_SET_ELEM_EXPIRATION, 206 NFTA_SET_ELEM_USERDATA, 207 NFTA_SET_ELEM_EXPR, 208 NFTA_SET_ELEM_PAD, 209 NFTA_SET_ELEM_OBJREF, 210 __NFTA_SET_ELEM_MAX 211 }; 212 #define NFTA_SET_ELEM_MAX (__NFTA_SET_ELEM_MAX - 1) 213 enum nft_set_elem_list_attributes { 214 NFTA_SET_ELEM_LIST_UNSPEC, 215 NFTA_SET_ELEM_LIST_TABLE, 216 NFTA_SET_ELEM_LIST_SET, 217 NFTA_SET_ELEM_LIST_ELEMENTS, 218 NFTA_SET_ELEM_LIST_SET_ID, 219 __NFTA_SET_ELEM_LIST_MAX 220 }; 221 #define NFTA_SET_ELEM_LIST_MAX (__NFTA_SET_ELEM_LIST_MAX - 1) 222 enum nft_data_types { 223 NFT_DATA_VALUE, 224 NFT_DATA_VERDICT = 0xffffff00U, 225 }; 226 #define NFT_DATA_RESERVED_MASK 0xffffff00U 227 enum nft_data_attributes { 228 NFTA_DATA_UNSPEC, 229 NFTA_DATA_VALUE, 230 NFTA_DATA_VERDICT, 231 __NFTA_DATA_MAX 232 }; 233 #define NFTA_DATA_MAX (__NFTA_DATA_MAX - 1) 234 #define NFT_DATA_VALUE_MAXLEN 64 235 enum nft_verdict_attributes { 236 NFTA_VERDICT_UNSPEC, 237 NFTA_VERDICT_CODE, 238 NFTA_VERDICT_CHAIN, 239 __NFTA_VERDICT_MAX 240 }; 241 #define NFTA_VERDICT_MAX (__NFTA_VERDICT_MAX - 1) 242 enum nft_expr_attributes { 243 NFTA_EXPR_UNSPEC, 244 NFTA_EXPR_NAME, 245 NFTA_EXPR_DATA, 246 __NFTA_EXPR_MAX 247 }; 248 #define NFTA_EXPR_MAX (__NFTA_EXPR_MAX - 1) 249 enum nft_immediate_attributes { 250 NFTA_IMMEDIATE_UNSPEC, 251 NFTA_IMMEDIATE_DREG, 252 NFTA_IMMEDIATE_DATA, 253 __NFTA_IMMEDIATE_MAX 254 }; 255 #define NFTA_IMMEDIATE_MAX (__NFTA_IMMEDIATE_MAX - 1) 256 enum nft_bitwise_attributes { 257 NFTA_BITWISE_UNSPEC, 258 NFTA_BITWISE_SREG, 259 NFTA_BITWISE_DREG, 260 NFTA_BITWISE_LEN, 261 NFTA_BITWISE_MASK, 262 NFTA_BITWISE_XOR, 263 __NFTA_BITWISE_MAX 264 }; 265 #define NFTA_BITWISE_MAX (__NFTA_BITWISE_MAX - 1) 266 enum nft_byteorder_ops { 267 NFT_BYTEORDER_NTOH, 268 NFT_BYTEORDER_HTON, 269 }; 270 enum nft_byteorder_attributes { 271 NFTA_BYTEORDER_UNSPEC, 272 NFTA_BYTEORDER_SREG, 273 NFTA_BYTEORDER_DREG, 274 NFTA_BYTEORDER_OP, 275 NFTA_BYTEORDER_LEN, 276 NFTA_BYTEORDER_SIZE, 277 __NFTA_BYTEORDER_MAX 278 }; 279 #define NFTA_BYTEORDER_MAX (__NFTA_BYTEORDER_MAX - 1) 280 enum nft_cmp_ops { 281 NFT_CMP_EQ, 282 NFT_CMP_NEQ, 283 NFT_CMP_LT, 284 NFT_CMP_LTE, 285 NFT_CMP_GT, 286 NFT_CMP_GTE, 287 }; 288 enum nft_cmp_attributes { 289 NFTA_CMP_UNSPEC, 290 NFTA_CMP_SREG, 291 NFTA_CMP_OP, 292 NFTA_CMP_DATA, 293 __NFTA_CMP_MAX 294 }; 295 #define NFTA_CMP_MAX (__NFTA_CMP_MAX - 1) 296 enum nft_range_ops { 297 NFT_RANGE_EQ, 298 NFT_RANGE_NEQ, 299 }; 300 enum nft_range_attributes { 301 NFTA_RANGE_UNSPEC, 302 NFTA_RANGE_SREG, 303 NFTA_RANGE_OP, 304 NFTA_RANGE_FROM_DATA, 305 NFTA_RANGE_TO_DATA, 306 __NFTA_RANGE_MAX 307 }; 308 #define NFTA_RANGE_MAX (__NFTA_RANGE_MAX - 1) 309 enum nft_lookup_flags { 310 NFT_LOOKUP_F_INV = (1 << 0), 311 }; 312 enum nft_lookup_attributes { 313 NFTA_LOOKUP_UNSPEC, 314 NFTA_LOOKUP_SET, 315 NFTA_LOOKUP_SREG, 316 NFTA_LOOKUP_DREG, 317 NFTA_LOOKUP_SET_ID, 318 NFTA_LOOKUP_FLAGS, 319 __NFTA_LOOKUP_MAX 320 }; 321 #define NFTA_LOOKUP_MAX (__NFTA_LOOKUP_MAX - 1) 322 enum nft_dynset_ops { 323 NFT_DYNSET_OP_ADD, 324 NFT_DYNSET_OP_UPDATE, 325 }; 326 enum nft_dynset_flags { 327 NFT_DYNSET_F_INV = (1 << 0), 328 }; 329 enum nft_dynset_attributes { 330 NFTA_DYNSET_UNSPEC, 331 NFTA_DYNSET_SET_NAME, 332 NFTA_DYNSET_SET_ID, 333 NFTA_DYNSET_OP, 334 NFTA_DYNSET_SREG_KEY, 335 NFTA_DYNSET_SREG_DATA, 336 NFTA_DYNSET_TIMEOUT, 337 NFTA_DYNSET_EXPR, 338 NFTA_DYNSET_PAD, 339 NFTA_DYNSET_FLAGS, 340 __NFTA_DYNSET_MAX, 341 }; 342 #define NFTA_DYNSET_MAX (__NFTA_DYNSET_MAX - 1) 343 enum nft_payload_bases { 344 NFT_PAYLOAD_LL_HEADER, 345 NFT_PAYLOAD_NETWORK_HEADER, 346 NFT_PAYLOAD_TRANSPORT_HEADER, 347 }; 348 enum nft_payload_csum_types { 349 NFT_PAYLOAD_CSUM_NONE, 350 NFT_PAYLOAD_CSUM_INET, 351 }; 352 enum nft_payload_csum_flags { 353 NFT_PAYLOAD_L4CSUM_PSEUDOHDR = (1 << 0), 354 }; 355 enum nft_payload_attributes { 356 NFTA_PAYLOAD_UNSPEC, 357 NFTA_PAYLOAD_DREG, 358 NFTA_PAYLOAD_BASE, 359 NFTA_PAYLOAD_OFFSET, 360 NFTA_PAYLOAD_LEN, 361 NFTA_PAYLOAD_SREG, 362 NFTA_PAYLOAD_CSUM_TYPE, 363 NFTA_PAYLOAD_CSUM_OFFSET, 364 NFTA_PAYLOAD_CSUM_FLAGS, 365 __NFTA_PAYLOAD_MAX 366 }; 367 #define NFTA_PAYLOAD_MAX (__NFTA_PAYLOAD_MAX - 1) 368 enum nft_exthdr_flags { 369 NFT_EXTHDR_F_PRESENT = (1 << 0), 370 }; 371 enum nft_exthdr_op { 372 NFT_EXTHDR_OP_IPV6, 373 NFT_EXTHDR_OP_TCPOPT, 374 __NFT_EXTHDR_OP_MAX 375 }; 376 #define NFT_EXTHDR_OP_MAX (__NFT_EXTHDR_OP_MAX - 1) 377 enum nft_exthdr_attributes { 378 NFTA_EXTHDR_UNSPEC, 379 NFTA_EXTHDR_DREG, 380 NFTA_EXTHDR_TYPE, 381 NFTA_EXTHDR_OFFSET, 382 NFTA_EXTHDR_LEN, 383 NFTA_EXTHDR_FLAGS, 384 NFTA_EXTHDR_OP, 385 NFTA_EXTHDR_SREG, 386 __NFTA_EXTHDR_MAX 387 }; 388 #define NFTA_EXTHDR_MAX (__NFTA_EXTHDR_MAX - 1) 389 enum nft_meta_keys { 390 NFT_META_LEN, 391 NFT_META_PROTOCOL, 392 NFT_META_PRIORITY, 393 NFT_META_MARK, 394 NFT_META_IIF, 395 NFT_META_OIF, 396 NFT_META_IIFNAME, 397 NFT_META_OIFNAME, 398 NFT_META_IIFTYPE, 399 NFT_META_OIFTYPE, 400 NFT_META_SKUID, 401 NFT_META_SKGID, 402 NFT_META_NFTRACE, 403 NFT_META_RTCLASSID, 404 NFT_META_SECMARK, 405 NFT_META_NFPROTO, 406 NFT_META_L4PROTO, 407 NFT_META_BRI_IIFNAME, 408 NFT_META_BRI_OIFNAME, 409 NFT_META_PKTTYPE, 410 NFT_META_CPU, 411 NFT_META_IIFGROUP, 412 NFT_META_OIFGROUP, 413 NFT_META_CGROUP, 414 NFT_META_PRANDOM, 415 NFT_META_SECPATH, 416 }; 417 enum nft_rt_keys { 418 NFT_RT_CLASSID, 419 NFT_RT_NEXTHOP4, 420 NFT_RT_NEXTHOP6, 421 NFT_RT_TCPMSS, 422 NFT_RT_XFRM, 423 __NFT_RT_MAX 424 }; 425 #define NFT_RT_MAX (__NFT_RT_MAX - 1) 426 enum nft_hash_types { 427 NFT_HASH_JENKINS, 428 NFT_HASH_SYM, 429 }; 430 enum nft_hash_attributes { 431 NFTA_HASH_UNSPEC, 432 NFTA_HASH_SREG, 433 NFTA_HASH_DREG, 434 NFTA_HASH_LEN, 435 NFTA_HASH_MODULUS, 436 NFTA_HASH_SEED, 437 NFTA_HASH_OFFSET, 438 NFTA_HASH_TYPE, 439 NFTA_HASH_SET_NAME, 440 NFTA_HASH_SET_ID, 441 __NFTA_HASH_MAX, 442 }; 443 #define NFTA_HASH_MAX (__NFTA_HASH_MAX - 1) 444 enum nft_meta_attributes { 445 NFTA_META_UNSPEC, 446 NFTA_META_DREG, 447 NFTA_META_KEY, 448 NFTA_META_SREG, 449 __NFTA_META_MAX 450 }; 451 #define NFTA_META_MAX (__NFTA_META_MAX - 1) 452 enum nft_rt_attributes { 453 NFTA_RT_UNSPEC, 454 NFTA_RT_DREG, 455 NFTA_RT_KEY, 456 __NFTA_RT_MAX 457 }; 458 #define NFTA_RT_MAX (__NFTA_RT_MAX - 1) 459 enum nft_socket_attributes { 460 NFTA_SOCKET_UNSPEC, 461 NFTA_SOCKET_KEY, 462 NFTA_SOCKET_DREG, 463 __NFTA_SOCKET_MAX 464 }; 465 #define NFTA_SOCKET_MAX (__NFTA_SOCKET_MAX - 1) 466 enum nft_socket_keys { 467 NFT_SOCKET_TRANSPARENT, 468 NFT_SOCKET_MARK, 469 __NFT_SOCKET_MAX 470 }; 471 #define NFT_SOCKET_MAX (__NFT_SOCKET_MAX - 1) 472 enum nft_ct_keys { 473 NFT_CT_STATE, 474 NFT_CT_DIRECTION, 475 NFT_CT_STATUS, 476 NFT_CT_MARK, 477 NFT_CT_SECMARK, 478 NFT_CT_EXPIRATION, 479 NFT_CT_HELPER, 480 NFT_CT_L3PROTOCOL, 481 NFT_CT_SRC, 482 NFT_CT_DST, 483 NFT_CT_PROTOCOL, 484 NFT_CT_PROTO_SRC, 485 NFT_CT_PROTO_DST, 486 NFT_CT_LABELS, 487 NFT_CT_PKTS, 488 NFT_CT_BYTES, 489 NFT_CT_AVGPKT, 490 NFT_CT_ZONE, 491 NFT_CT_EVENTMASK, 492 NFT_CT_SRC_IP, 493 NFT_CT_DST_IP, 494 NFT_CT_SRC_IP6, 495 NFT_CT_DST_IP6, 496 NFT_CT_TIMEOUT, 497 __NFT_CT_MAX 498 }; 499 #define NFT_CT_MAX (__NFT_CT_MAX - 1) 500 enum nft_ct_attributes { 501 NFTA_CT_UNSPEC, 502 NFTA_CT_DREG, 503 NFTA_CT_KEY, 504 NFTA_CT_DIRECTION, 505 NFTA_CT_SREG, 506 __NFTA_CT_MAX 507 }; 508 #define NFTA_CT_MAX (__NFTA_CT_MAX - 1) 509 enum nft_offload_attributes { 510 NFTA_FLOW_UNSPEC, 511 NFTA_FLOW_TABLE_NAME, 512 __NFTA_FLOW_MAX, 513 }; 514 #define NFTA_FLOW_MAX (__NFTA_FLOW_MAX - 1) 515 enum nft_limit_type { 516 NFT_LIMIT_PKTS, 517 NFT_LIMIT_PKT_BYTES 518 }; 519 enum nft_limit_flags { 520 NFT_LIMIT_F_INV = (1 << 0), 521 }; 522 enum nft_limit_attributes { 523 NFTA_LIMIT_UNSPEC, 524 NFTA_LIMIT_RATE, 525 NFTA_LIMIT_UNIT, 526 NFTA_LIMIT_BURST, 527 NFTA_LIMIT_TYPE, 528 NFTA_LIMIT_FLAGS, 529 NFTA_LIMIT_PAD, 530 __NFTA_LIMIT_MAX 531 }; 532 #define NFTA_LIMIT_MAX (__NFTA_LIMIT_MAX - 1) 533 enum nft_connlimit_flags { 534 NFT_CONNLIMIT_F_INV = (1 << 0), 535 }; 536 enum nft_connlimit_attributes { 537 NFTA_CONNLIMIT_UNSPEC, 538 NFTA_CONNLIMIT_COUNT, 539 NFTA_CONNLIMIT_FLAGS, 540 __NFTA_CONNLIMIT_MAX 541 }; 542 #define NFTA_CONNLIMIT_MAX (__NFTA_CONNLIMIT_MAX - 1) 543 enum nft_counter_attributes { 544 NFTA_COUNTER_UNSPEC, 545 NFTA_COUNTER_BYTES, 546 NFTA_COUNTER_PACKETS, 547 NFTA_COUNTER_PAD, 548 __NFTA_COUNTER_MAX 549 }; 550 #define NFTA_COUNTER_MAX (__NFTA_COUNTER_MAX - 1) 551 enum nft_log_attributes { 552 NFTA_LOG_UNSPEC, 553 NFTA_LOG_GROUP, 554 NFTA_LOG_PREFIX, 555 NFTA_LOG_SNAPLEN, 556 NFTA_LOG_QTHRESHOLD, 557 NFTA_LOG_LEVEL, 558 NFTA_LOG_FLAGS, 559 __NFTA_LOG_MAX 560 }; 561 #define NFTA_LOG_MAX (__NFTA_LOG_MAX - 1) 562 enum nft_log_level { 563 NFT_LOGLEVEL_EMERG, 564 NFT_LOGLEVEL_ALERT, 565 NFT_LOGLEVEL_CRIT, 566 NFT_LOGLEVEL_ERR, 567 NFT_LOGLEVEL_WARNING, 568 NFT_LOGLEVEL_NOTICE, 569 NFT_LOGLEVEL_INFO, 570 NFT_LOGLEVEL_DEBUG, 571 NFT_LOGLEVEL_AUDIT, 572 __NFT_LOGLEVEL_MAX 573 }; 574 #define NFT_LOGLEVEL_MAX (__NFT_LOGLEVEL_MAX + 1) 575 enum nft_queue_attributes { 576 NFTA_QUEUE_UNSPEC, 577 NFTA_QUEUE_NUM, 578 NFTA_QUEUE_TOTAL, 579 NFTA_QUEUE_FLAGS, 580 NFTA_QUEUE_SREG_QNUM, 581 __NFTA_QUEUE_MAX 582 }; 583 #define NFTA_QUEUE_MAX (__NFTA_QUEUE_MAX - 1) 584 #define NFT_QUEUE_FLAG_BYPASS 0x01 585 #define NFT_QUEUE_FLAG_CPU_FANOUT 0x02 586 #define NFT_QUEUE_FLAG_MASK 0x03 587 enum nft_quota_flags { 588 NFT_QUOTA_F_INV = (1 << 0), 589 NFT_QUOTA_F_DEPLETED = (1 << 1), 590 }; 591 enum nft_quota_attributes { 592 NFTA_QUOTA_UNSPEC, 593 NFTA_QUOTA_BYTES, 594 NFTA_QUOTA_FLAGS, 595 NFTA_QUOTA_PAD, 596 NFTA_QUOTA_CONSUMED, 597 __NFTA_QUOTA_MAX 598 }; 599 #define NFTA_QUOTA_MAX (__NFTA_QUOTA_MAX - 1) 600 enum nft_secmark_attributes { 601 NFTA_SECMARK_UNSPEC, 602 NFTA_SECMARK_CTX, 603 __NFTA_SECMARK_MAX, 604 }; 605 #define NFTA_SECMARK_MAX (__NFTA_SECMARK_MAX - 1) 606 #define NFT_SECMARK_CTX_MAXLEN 256 607 enum nft_reject_types { 608 NFT_REJECT_ICMP_UNREACH, 609 NFT_REJECT_TCP_RST, 610 NFT_REJECT_ICMPX_UNREACH, 611 }; 612 enum nft_reject_inet_code { 613 NFT_REJECT_ICMPX_NO_ROUTE = 0, 614 NFT_REJECT_ICMPX_PORT_UNREACH, 615 NFT_REJECT_ICMPX_HOST_UNREACH, 616 NFT_REJECT_ICMPX_ADMIN_PROHIBITED, 617 __NFT_REJECT_ICMPX_MAX 618 }; 619 #define NFT_REJECT_ICMPX_MAX (__NFT_REJECT_ICMPX_MAX - 1) 620 enum nft_reject_attributes { 621 NFTA_REJECT_UNSPEC, 622 NFTA_REJECT_TYPE, 623 NFTA_REJECT_ICMP_CODE, 624 __NFTA_REJECT_MAX 625 }; 626 #define NFTA_REJECT_MAX (__NFTA_REJECT_MAX - 1) 627 enum nft_nat_types { 628 NFT_NAT_SNAT, 629 NFT_NAT_DNAT, 630 }; 631 enum nft_nat_attributes { 632 NFTA_NAT_UNSPEC, 633 NFTA_NAT_TYPE, 634 NFTA_NAT_FAMILY, 635 NFTA_NAT_REG_ADDR_MIN, 636 NFTA_NAT_REG_ADDR_MAX, 637 NFTA_NAT_REG_PROTO_MIN, 638 NFTA_NAT_REG_PROTO_MAX, 639 NFTA_NAT_FLAGS, 640 __NFTA_NAT_MAX 641 }; 642 #define NFTA_NAT_MAX (__NFTA_NAT_MAX - 1) 643 enum nft_tproxy_attributes { 644 NFTA_TPROXY_UNSPEC, 645 NFTA_TPROXY_FAMILY, 646 NFTA_TPROXY_REG_ADDR, 647 NFTA_TPROXY_REG_PORT, 648 __NFTA_TPROXY_MAX 649 }; 650 #define NFTA_TPROXY_MAX (__NFTA_TPROXY_MAX - 1) 651 enum nft_masq_attributes { 652 NFTA_MASQ_UNSPEC, 653 NFTA_MASQ_FLAGS, 654 NFTA_MASQ_REG_PROTO_MIN, 655 NFTA_MASQ_REG_PROTO_MAX, 656 __NFTA_MASQ_MAX 657 }; 658 #define NFTA_MASQ_MAX (__NFTA_MASQ_MAX - 1) 659 enum nft_redir_attributes { 660 NFTA_REDIR_UNSPEC, 661 NFTA_REDIR_REG_PROTO_MIN, 662 NFTA_REDIR_REG_PROTO_MAX, 663 NFTA_REDIR_FLAGS, 664 __NFTA_REDIR_MAX 665 }; 666 #define NFTA_REDIR_MAX (__NFTA_REDIR_MAX - 1) 667 enum nft_dup_attributes { 668 NFTA_DUP_UNSPEC, 669 NFTA_DUP_SREG_ADDR, 670 NFTA_DUP_SREG_DEV, 671 __NFTA_DUP_MAX 672 }; 673 #define NFTA_DUP_MAX (__NFTA_DUP_MAX - 1) 674 enum nft_fwd_attributes { 675 NFTA_FWD_UNSPEC, 676 NFTA_FWD_SREG_DEV, 677 NFTA_FWD_SREG_ADDR, 678 NFTA_FWD_NFPROTO, 679 __NFTA_FWD_MAX 680 }; 681 #define NFTA_FWD_MAX (__NFTA_FWD_MAX - 1) 682 enum nft_objref_attributes { 683 NFTA_OBJREF_UNSPEC, 684 NFTA_OBJREF_IMM_TYPE, 685 NFTA_OBJREF_IMM_NAME, 686 NFTA_OBJREF_SET_SREG, 687 NFTA_OBJREF_SET_NAME, 688 NFTA_OBJREF_SET_ID, 689 __NFTA_OBJREF_MAX 690 }; 691 #define NFTA_OBJREF_MAX (__NFTA_OBJREF_MAX - 1) 692 enum nft_gen_attributes { 693 NFTA_GEN_UNSPEC, 694 NFTA_GEN_ID, 695 NFTA_GEN_PROC_PID, 696 NFTA_GEN_PROC_NAME, 697 __NFTA_GEN_MAX 698 }; 699 #define NFTA_GEN_MAX (__NFTA_GEN_MAX - 1) 700 enum nft_fib_attributes { 701 NFTA_FIB_UNSPEC, 702 NFTA_FIB_DREG, 703 NFTA_FIB_RESULT, 704 NFTA_FIB_FLAGS, 705 __NFTA_FIB_MAX 706 }; 707 #define NFTA_FIB_MAX (__NFTA_FIB_MAX - 1) 708 enum nft_fib_result { 709 NFT_FIB_RESULT_UNSPEC, 710 NFT_FIB_RESULT_OIF, 711 NFT_FIB_RESULT_OIFNAME, 712 NFT_FIB_RESULT_ADDRTYPE, 713 __NFT_FIB_RESULT_MAX 714 }; 715 #define NFT_FIB_RESULT_MAX (__NFT_FIB_RESULT_MAX - 1) 716 enum nft_fib_flags { 717 NFTA_FIB_F_SADDR = 1 << 0, 718 NFTA_FIB_F_DADDR = 1 << 1, 719 NFTA_FIB_F_MARK = 1 << 2, 720 NFTA_FIB_F_IIF = 1 << 3, 721 NFTA_FIB_F_OIF = 1 << 4, 722 NFTA_FIB_F_PRESENT = 1 << 5, 723 }; 724 enum nft_ct_helper_attributes { 725 NFTA_CT_HELPER_UNSPEC, 726 NFTA_CT_HELPER_NAME, 727 NFTA_CT_HELPER_L3PROTO, 728 NFTA_CT_HELPER_L4PROTO, 729 __NFTA_CT_HELPER_MAX, 730 }; 731 #define NFTA_CT_HELPER_MAX (__NFTA_CT_HELPER_MAX - 1) 732 enum nft_ct_timeout_timeout_attributes { 733 NFTA_CT_TIMEOUT_UNSPEC, 734 NFTA_CT_TIMEOUT_L3PROTO, 735 NFTA_CT_TIMEOUT_L4PROTO, 736 NFTA_CT_TIMEOUT_DATA, 737 __NFTA_CT_TIMEOUT_MAX, 738 }; 739 #define NFTA_CT_TIMEOUT_MAX (__NFTA_CT_TIMEOUT_MAX - 1) 740 #define NFT_OBJECT_UNSPEC 0 741 #define NFT_OBJECT_COUNTER 1 742 #define NFT_OBJECT_QUOTA 2 743 #define NFT_OBJECT_CT_HELPER 3 744 #define NFT_OBJECT_LIMIT 4 745 #define NFT_OBJECT_CONNLIMIT 5 746 #define NFT_OBJECT_TUNNEL 6 747 #define NFT_OBJECT_CT_TIMEOUT 7 748 #define NFT_OBJECT_SECMARK 8 749 #define __NFT_OBJECT_MAX 9 750 #define NFT_OBJECT_MAX (__NFT_OBJECT_MAX - 1) 751 enum nft_object_attributes { 752 NFTA_OBJ_UNSPEC, 753 NFTA_OBJ_TABLE, 754 NFTA_OBJ_NAME, 755 NFTA_OBJ_TYPE, 756 NFTA_OBJ_DATA, 757 NFTA_OBJ_USE, 758 NFTA_OBJ_HANDLE, 759 NFTA_OBJ_PAD, 760 __NFTA_OBJ_MAX 761 }; 762 #define NFTA_OBJ_MAX (__NFTA_OBJ_MAX - 1) 763 enum nft_flowtable_attributes { 764 NFTA_FLOWTABLE_UNSPEC, 765 NFTA_FLOWTABLE_TABLE, 766 NFTA_FLOWTABLE_NAME, 767 NFTA_FLOWTABLE_HOOK, 768 NFTA_FLOWTABLE_USE, 769 NFTA_FLOWTABLE_HANDLE, 770 NFTA_FLOWTABLE_PAD, 771 __NFTA_FLOWTABLE_MAX 772 }; 773 #define NFTA_FLOWTABLE_MAX (__NFTA_FLOWTABLE_MAX - 1) 774 enum nft_flowtable_hook_attributes { 775 NFTA_FLOWTABLE_HOOK_UNSPEC, 776 NFTA_FLOWTABLE_HOOK_NUM, 777 NFTA_FLOWTABLE_HOOK_PRIORITY, 778 NFTA_FLOWTABLE_HOOK_DEVS, 779 __NFTA_FLOWTABLE_HOOK_MAX 780 }; 781 #define NFTA_FLOWTABLE_HOOK_MAX (__NFTA_FLOWTABLE_HOOK_MAX - 1) 782 enum nft_osf_attributes { 783 NFTA_OSF_UNSPEC, 784 NFTA_OSF_DREG, 785 NFTA_OSF_TTL, 786 __NFTA_OSF_MAX, 787 }; 788 #define NFTA_OSF_MAX (__NFTA_OSF_MAX - 1) 789 enum nft_devices_attributes { 790 NFTA_DEVICE_UNSPEC, 791 NFTA_DEVICE_NAME, 792 __NFTA_DEVICE_MAX 793 }; 794 #define NFTA_DEVICE_MAX (__NFTA_DEVICE_MAX - 1) 795 enum nft_xfrm_attributes { 796 NFTA_XFRM_UNSPEC, 797 NFTA_XFRM_DREG, 798 NFTA_XFRM_KEY, 799 NFTA_XFRM_DIR, 800 NFTA_XFRM_SPNUM, 801 __NFTA_XFRM_MAX 802 }; 803 #define NFTA_XFRM_MAX (__NFTA_XFRM_MAX - 1) 804 enum nft_xfrm_keys { 805 NFT_XFRM_KEY_UNSPEC, 806 NFT_XFRM_KEY_DADDR_IP4, 807 NFT_XFRM_KEY_DADDR_IP6, 808 NFT_XFRM_KEY_SADDR_IP4, 809 NFT_XFRM_KEY_SADDR_IP6, 810 NFT_XFRM_KEY_REQID, 811 NFT_XFRM_KEY_SPI, 812 __NFT_XFRM_KEY_MAX, 813 }; 814 #define NFT_XFRM_KEY_MAX (__NFT_XFRM_KEY_MAX - 1) 815 enum nft_trace_attributes { 816 NFTA_TRACE_UNSPEC, 817 NFTA_TRACE_TABLE, 818 NFTA_TRACE_CHAIN, 819 NFTA_TRACE_RULE_HANDLE, 820 NFTA_TRACE_TYPE, 821 NFTA_TRACE_VERDICT, 822 NFTA_TRACE_ID, 823 NFTA_TRACE_LL_HEADER, 824 NFTA_TRACE_NETWORK_HEADER, 825 NFTA_TRACE_TRANSPORT_HEADER, 826 NFTA_TRACE_IIF, 827 NFTA_TRACE_IIFTYPE, 828 NFTA_TRACE_OIF, 829 NFTA_TRACE_OIFTYPE, 830 NFTA_TRACE_MARK, 831 NFTA_TRACE_NFPROTO, 832 NFTA_TRACE_POLICY, 833 NFTA_TRACE_PAD, 834 __NFTA_TRACE_MAX 835 }; 836 #define NFTA_TRACE_MAX (__NFTA_TRACE_MAX - 1) 837 enum nft_trace_types { 838 NFT_TRACETYPE_UNSPEC, 839 NFT_TRACETYPE_POLICY, 840 NFT_TRACETYPE_RETURN, 841 NFT_TRACETYPE_RULE, 842 __NFT_TRACETYPE_MAX 843 }; 844 #define NFT_TRACETYPE_MAX (__NFT_TRACETYPE_MAX - 1) 845 enum nft_ng_attributes { 846 NFTA_NG_UNSPEC, 847 NFTA_NG_DREG, 848 NFTA_NG_MODULUS, 849 NFTA_NG_TYPE, 850 NFTA_NG_OFFSET, 851 NFTA_NG_SET_NAME, 852 NFTA_NG_SET_ID, 853 __NFTA_NG_MAX 854 }; 855 #define NFTA_NG_MAX (__NFTA_NG_MAX - 1) 856 enum nft_ng_types { 857 NFT_NG_INCREMENTAL, 858 NFT_NG_RANDOM, 859 __NFT_NG_MAX 860 }; 861 #define NFT_NG_MAX (__NFT_NG_MAX - 1) 862 enum nft_tunnel_key_ip_attributes { 863 NFTA_TUNNEL_KEY_IP_UNSPEC, 864 NFTA_TUNNEL_KEY_IP_SRC, 865 NFTA_TUNNEL_KEY_IP_DST, 866 __NFTA_TUNNEL_KEY_IP_MAX 867 }; 868 #define NFTA_TUNNEL_KEY_IP_MAX (__NFTA_TUNNEL_KEY_IP_MAX - 1) 869 enum nft_tunnel_ip6_attributes { 870 NFTA_TUNNEL_KEY_IP6_UNSPEC, 871 NFTA_TUNNEL_KEY_IP6_SRC, 872 NFTA_TUNNEL_KEY_IP6_DST, 873 NFTA_TUNNEL_KEY_IP6_FLOWLABEL, 874 __NFTA_TUNNEL_KEY_IP6_MAX 875 }; 876 #define NFTA_TUNNEL_KEY_IP6_MAX (__NFTA_TUNNEL_KEY_IP6_MAX - 1) 877 enum nft_tunnel_opts_attributes { 878 NFTA_TUNNEL_KEY_OPTS_UNSPEC, 879 NFTA_TUNNEL_KEY_OPTS_VXLAN, 880 NFTA_TUNNEL_KEY_OPTS_ERSPAN, 881 __NFTA_TUNNEL_KEY_OPTS_MAX 882 }; 883 #define NFTA_TUNNEL_KEY_OPTS_MAX (__NFTA_TUNNEL_KEY_OPTS_MAX - 1) 884 enum nft_tunnel_opts_vxlan_attributes { 885 NFTA_TUNNEL_KEY_VXLAN_UNSPEC, 886 NFTA_TUNNEL_KEY_VXLAN_GBP, 887 __NFTA_TUNNEL_KEY_VXLAN_MAX 888 }; 889 #define NFTA_TUNNEL_KEY_VXLAN_MAX (__NFTA_TUNNEL_KEY_VXLAN_MAX - 1) 890 enum nft_tunnel_opts_erspan_attributes { 891 NFTA_TUNNEL_KEY_ERSPAN_UNSPEC, 892 NFTA_TUNNEL_KEY_ERSPAN_VERSION, 893 NFTA_TUNNEL_KEY_ERSPAN_V1_INDEX, 894 NFTA_TUNNEL_KEY_ERSPAN_V2_HWID, 895 NFTA_TUNNEL_KEY_ERSPAN_V2_DIR, 896 __NFTA_TUNNEL_KEY_ERSPAN_MAX 897 }; 898 #define NFTA_TUNNEL_KEY_ERSPAN_MAX (__NFTA_TUNNEL_KEY_ERSPAN_MAX - 1) 899 enum nft_tunnel_flags { 900 NFT_TUNNEL_F_ZERO_CSUM_TX = (1 << 0), 901 NFT_TUNNEL_F_DONT_FRAGMENT = (1 << 1), 902 NFT_TUNNEL_F_SEQ_NUMBER = (1 << 2), 903 }; 904 #define NFT_TUNNEL_F_MASK (NFT_TUNNEL_F_ZERO_CSUM_TX | NFT_TUNNEL_F_DONT_FRAGMENT | NFT_TUNNEL_F_SEQ_NUMBER) 905 enum nft_tunnel_key_attributes { 906 NFTA_TUNNEL_KEY_UNSPEC, 907 NFTA_TUNNEL_KEY_ID, 908 NFTA_TUNNEL_KEY_IP, 909 NFTA_TUNNEL_KEY_IP6, 910 NFTA_TUNNEL_KEY_FLAGS, 911 NFTA_TUNNEL_KEY_TOS, 912 NFTA_TUNNEL_KEY_TTL, 913 NFTA_TUNNEL_KEY_SPORT, 914 NFTA_TUNNEL_KEY_DPORT, 915 NFTA_TUNNEL_KEY_OPTS, 916 __NFTA_TUNNEL_KEY_MAX 917 }; 918 #define NFTA_TUNNEL_KEY_MAX (__NFTA_TUNNEL_KEY_MAX - 1) 919 enum nft_tunnel_keys { 920 NFT_TUNNEL_PATH, 921 NFT_TUNNEL_ID, 922 __NFT_TUNNEL_MAX 923 }; 924 #define NFT_TUNNEL_MAX (__NFT_TUNNEL_MAX - 1) 925 enum nft_tunnel_attributes { 926 NFTA_TUNNEL_UNSPEC, 927 NFTA_TUNNEL_KEY, 928 NFTA_TUNNEL_DREG, 929 __NFTA_TUNNEL_MAX 930 }; 931 #define NFTA_TUNNEL_MAX (__NFTA_TUNNEL_MAX - 1) 932 #endif 933
