Home | History | Annotate | Download | only in netfilter 
      1 #ifndef _X_TABLES_H
      2 #define _X_TABLES_H
      3 
      4 #define XT_FUNCTION_MAXNAMELEN 30
      5 #define XT_TABLE_MAXNAMELEN 32
      6 
      7 struct xt_entry_match
      8 {
      9 	union {
     10 		struct {
     11 			u_int16_t match_size;
     12 
     13 			/* Used by userspace */
     14 			char name[XT_FUNCTION_MAXNAMELEN-1];
     15 
     16 			u_int8_t revision;
     17 		} user;
     18 		struct {
     19 			u_int16_t match_size;
     20 
     21 			/* Used inside the kernel */
     22 			struct xt_match *match;
     23 		} kernel;
     24 
     25 		/* Total length */
     26 		u_int16_t match_size;
     27 	} u;
     28 
     29 	unsigned char data[0];
     30 };
     31 
     32 struct xt_entry_target
     33 {
     34 	union {
     35 		struct {
     36 			u_int16_t target_size;
     37 
     38 			/* Used by userspace */
     39 			char name[XT_FUNCTION_MAXNAMELEN-1];
     40 
     41 			u_int8_t revision;
     42 		} user;
     43 		struct {
     44 			u_int16_t target_size;
     45 
     46 			/* Used inside the kernel */
     47 			struct xt_target *target;
     48 		} kernel;
     49 
     50 		/* Total length */
     51 		u_int16_t target_size;
     52 	} u;
     53 
     54 	unsigned char data[0];
     55 };
     56 
     57 #define XT_TARGET_INIT(__name, __size)					       \
     58 {									       \
     59 	.target.u.user = {						       \
     60 		.target_size	= XT_ALIGN(__size),			       \
     61 		.name		= __name,				       \
     62 	},								       \
     63 }
     64 
     65 struct xt_standard_target
     66 {
     67 	struct xt_entry_target target;
     68 	int verdict;
     69 };
     70 
     71 /* The argument to IPT_SO_GET_REVISION_*.  Returns highest revision
     72  * kernel supports, if >= revision. */
     73 struct xt_get_revision
     74 {
     75 	char name[XT_FUNCTION_MAXNAMELEN-1];
     76 
     77 	u_int8_t revision;
     78 };
     79 
     80 /* CONTINUE verdict for targets */
     81 #define XT_CONTINUE 0xFFFFFFFF
     82 
     83 /* For standard target */
     84 #define XT_RETURN (-NF_REPEAT - 1)
     85 
     86 /* this is a dummy structure to find out the alignment requirement for a struct
     87  * containing all the fundamental data types that are used in ipt_entry,
     88  * ip6t_entry and arpt_entry.  This sucks, and it is a hack.  It will be my
     89  * personal pleasure to remove it -HW
     90  */
     91 struct _xt_align
     92 {
     93 	u_int8_t u8;
     94 	u_int16_t u16;
     95 	u_int32_t u32;
     96 	u_int64_t u64;
     97 };
     98 
     99 #define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) 	\
    100 			& ~(__alignof__(struct _xt_align)-1))
    101 
    102 /* Standard return verdict, or do jump. */
    103 #define XT_STANDARD_TARGET ""
    104 /* Error verdict. */
    105 #define XT_ERROR_TARGET "ERROR"
    106 
    107 #define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0)
    108 #define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0)
    109 
    110 struct xt_counters
    111 {
    112 	u_int64_t pcnt, bcnt;			/* Packet and byte counters */
    113 };
    114 
    115 /* The argument to IPT_SO_ADD_COUNTERS. */
    116 struct xt_counters_info
    117 {
    118 	/* Which table. */
    119 	char name[XT_TABLE_MAXNAMELEN];
    120 
    121 	unsigned int num_counters;
    122 
    123 	/* The counters (actually `number' of these). */
    124 	struct xt_counters counters[0];
    125 };
    126 
    127 #define XT_INV_PROTO		0x40	/* Invert the sense of PROTO. */
    128 
    129 
    130 #endif /* _X_TABLES_H */
    131