Home | History | Annotate | Download | only in netfilter_ipv4 
      1 /****************************************************************************
      2  ****************************************************************************
      3  ***
      4  ***   This header was automatically generated from a Linux kernel header
      5  ***   of the same name, to make information necessary for userspace to
      6  ***   call into the kernel available to libc.  It contains only constants,
      7  ***   structures, and macros generated from the original header, and thus,
      8  ***   contains no copyrightable information.
      9  ***
     10  ****************************************************************************
     11  ****************************************************************************/
     12 #ifndef _IPTABLES_H
     13 #define _IPTABLES_H
     14 
     15 #include <linux/compiler.h>
     16 #include <linux/netfilter_ipv4.h>
     17 
     18 #include <linux/netfilter/x_tables.h>
     19 
     20 #define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
     21 #define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
     22 #define ipt_match xt_match
     23 #define ipt_target xt_target
     24 #define ipt_table xt_table
     25 #define ipt_get_revision xt_get_revision
     26 
     27 struct ipt_ip {
     28 
     29  struct in_addr src, dst;
     30 
     31  struct in_addr smsk, dmsk;
     32  char iniface[IFNAMSIZ], outiface[IFNAMSIZ];
     33  unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ];
     34 
     35  u_int16_t proto;
     36 
     37  u_int8_t flags;
     38 
     39  u_int8_t invflags;
     40 };
     41 
     42 #define ipt_entry_match xt_entry_match
     43 #define ipt_entry_target xt_entry_target
     44 #define ipt_standard_target xt_standard_target
     45 
     46 #define ipt_counters xt_counters
     47 
     48 #define IPT_F_FRAG 0x01
     49 #define IPT_F_GOTO 0x02
     50 #define IPT_F_MASK 0x03
     51 
     52 #define IPT_INV_VIA_IN 0x01
     53 #define IPT_INV_VIA_OUT 0x02
     54 #define IPT_INV_TOS 0x04
     55 #define IPT_INV_SRCIP 0x08
     56 #define IPT_INV_DSTIP 0x10
     57 #define IPT_INV_FRAG 0x20
     58 #define IPT_INV_PROTO XT_INV_PROTO
     59 #define IPT_INV_MASK 0x7F
     60 
     61 struct ipt_entry
     62 {
     63  struct ipt_ip ip;
     64 
     65  unsigned int nfcache;
     66 
     67  u_int16_t target_offset;
     68 
     69  u_int16_t next_offset;
     70 
     71  unsigned int comefrom;
     72 
     73  struct xt_counters counters;
     74 
     75  unsigned char elems[0];
     76 };
     77 
     78 #define IPT_BASE_CTL XT_BASE_CTL
     79 
     80 #define IPT_SO_SET_REPLACE XT_SO_SET_REPLACE
     81 #define IPT_SO_SET_ADD_COUNTERS XT_SO_SET_ADD_COUNTERS
     82 #define IPT_SO_SET_MAX XT_SO_SET_MAX
     83 
     84 #define IPT_SO_GET_INFO XT_SO_GET_INFO
     85 #define IPT_SO_GET_ENTRIES XT_SO_GET_ENTRIES
     86 #define IPT_SO_GET_REVISION_MATCH XT_SO_GET_REVISION_MATCH
     87 #define IPT_SO_GET_REVISION_TARGET XT_SO_GET_REVISION_TARGET
     88 #define IPT_SO_GET_MAX XT_SO_GET_REVISION_TARGET
     89 
     90 #define IPT_CONTINUE XT_CONTINUE
     91 #define IPT_RETURN XT_RETURN
     92 
     93 #include <linux/netfilter/xt_tcpudp.h>
     94 #define ipt_udp xt_udp
     95 #define ipt_tcp xt_tcp
     96 
     97 #define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT
     98 #define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT
     99 #define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS
    100 #define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION
    101 #define IPT_TCP_INV_MASK XT_TCP_INV_MASK
    102 
    103 #define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT
    104 #define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT
    105 #define IPT_UDP_INV_MASK XT_UDP_INV_MASK
    106 
    107 struct ipt_icmp
    108 {
    109  u_int8_t type;
    110  u_int8_t code[2];
    111  u_int8_t invflags;
    112 };
    113 
    114 #define IPT_ICMP_INV 0x01
    115 
    116 struct ipt_getinfo
    117 {
    118 
    119  char name[IPT_TABLE_MAXNAMELEN];
    120 
    121  unsigned int valid_hooks;
    122 
    123  unsigned int hook_entry[NF_IP_NUMHOOKS];
    124 
    125  unsigned int underflow[NF_IP_NUMHOOKS];
    126 
    127  unsigned int num_entries;
    128 
    129  unsigned int size;
    130 };
    131 
    132 struct ipt_replace
    133 {
    134 
    135  char name[IPT_TABLE_MAXNAMELEN];
    136 
    137  unsigned int valid_hooks;
    138 
    139  unsigned int num_entries;
    140 
    141  unsigned int size;
    142 
    143  unsigned int hook_entry[NF_IP_NUMHOOKS];
    144 
    145  unsigned int underflow[NF_IP_NUMHOOKS];
    146 
    147  unsigned int num_counters;
    148 
    149  struct xt_counters __user *counters;
    150 
    151  struct ipt_entry entries[0];
    152 };
    153 
    154 #define ipt_counters_info xt_counters_info
    155 
    156 struct ipt_get_entries
    157 {
    158 
    159  char name[IPT_TABLE_MAXNAMELEN];
    160 
    161  unsigned int size;
    162 
    163  struct ipt_entry entrytable[0];
    164 };
    165 
    166 #define IPT_STANDARD_TARGET XT_STANDARD_TARGET
    167 
    168 #define IPT_ERROR_TARGET XT_ERROR_TARGET
    169 
    170 static __inline__ struct ipt_entry_target *
    171 ipt_get_target(struct ipt_entry *e)
    172 {
    173  return (void *)e + e->target_offset;
    174 }
    175 
    176 #define IPT_MATCH_ITERATE(e, fn, args...)  ({   unsigned int __i;   int __ret = 0;   struct ipt_entry_match *__match;     for (__i = sizeof(struct ipt_entry);   __i < (e)->target_offset;   __i += __match->u.match_size) {   __match = (void *)(e) + __i;     __ret = fn(__match , ## args);   if (__ret != 0)   break;   }   __ret;  })
    177 
    178 #define IPT_ENTRY_ITERATE(entries, size, fn, args...)  ({   unsigned int __i;   int __ret = 0;   struct ipt_entry *__entry;     for (__i = 0; __i < (size); __i += __entry->next_offset) {   __entry = (void *)(entries) + __i;     __ret = fn(__entry , ## args);   if (__ret != 0)   break;   }   __ret;  })
    179 
    180 #endif
    181