1 /**************************************************************************** 2 **************************************************************************** 3 *** 4 *** This header was automatically generated from a Linux kernel header 5 *** of the same name, to make information necessary for userspace to 6 *** call into the kernel available to libc. It contains only constants, 7 *** structures, and macros generated from the original header, and thus, 8 *** contains no copyrightable information. 9 *** 10 **************************************************************************** 11 ****************************************************************************/ 12 #ifndef _IPTABLES_H 13 #define _IPTABLES_H 14 15 #include <linux/compiler.h> 16 #include <linux/netfilter_ipv4.h> 17 18 #include <linux/netfilter/x_tables.h> 19 20 #define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN 21 #define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN 22 #define ipt_match xt_match 23 #define ipt_target xt_target 24 #define ipt_table xt_table 25 #define ipt_get_revision xt_get_revision 26 27 struct ipt_ip { 28 29 struct in_addr src, dst; 30 31 struct in_addr smsk, dmsk; 32 char iniface[IFNAMSIZ], outiface[IFNAMSIZ]; 33 unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ]; 34 35 u_int16_t proto; 36 37 u_int8_t flags; 38 39 u_int8_t invflags; 40 }; 41 42 #define ipt_entry_match xt_entry_match 43 #define ipt_entry_target xt_entry_target 44 #define ipt_standard_target xt_standard_target 45 46 #define ipt_counters xt_counters 47 48 #define IPT_F_FRAG 0x01 49 #define IPT_F_GOTO 0x02 50 #define IPT_F_MASK 0x03 51 52 #define IPT_INV_VIA_IN 0x01 53 #define IPT_INV_VIA_OUT 0x02 54 #define IPT_INV_TOS 0x04 55 #define IPT_INV_SRCIP 0x08 56 #define IPT_INV_DSTIP 0x10 57 #define IPT_INV_FRAG 0x20 58 #define IPT_INV_PROTO XT_INV_PROTO 59 #define IPT_INV_MASK 0x7F 60 61 struct ipt_entry 62 { 63 struct ipt_ip ip; 64 65 unsigned int nfcache; 66 67 u_int16_t target_offset; 68 69 u_int16_t next_offset; 70 71 unsigned int comefrom; 72 73 struct xt_counters counters; 74 75 unsigned char elems[0]; 76 }; 77 78 #define IPT_BASE_CTL XT_BASE_CTL 79 80 #define IPT_SO_SET_REPLACE XT_SO_SET_REPLACE 81 #define IPT_SO_SET_ADD_COUNTERS XT_SO_SET_ADD_COUNTERS 82 #define IPT_SO_SET_MAX XT_SO_SET_MAX 83 84 #define IPT_SO_GET_INFO XT_SO_GET_INFO 85 #define IPT_SO_GET_ENTRIES XT_SO_GET_ENTRIES 86 #define IPT_SO_GET_REVISION_MATCH XT_SO_GET_REVISION_MATCH 87 #define IPT_SO_GET_REVISION_TARGET XT_SO_GET_REVISION_TARGET 88 #define IPT_SO_GET_MAX XT_SO_GET_REVISION_TARGET 89 90 #define IPT_CONTINUE XT_CONTINUE 91 #define IPT_RETURN XT_RETURN 92 93 #include <linux/netfilter/xt_tcpudp.h> 94 #define ipt_udp xt_udp 95 #define ipt_tcp xt_tcp 96 97 #define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT 98 #define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT 99 #define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS 100 #define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION 101 #define IPT_TCP_INV_MASK XT_TCP_INV_MASK 102 103 #define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT 104 #define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT 105 #define IPT_UDP_INV_MASK XT_UDP_INV_MASK 106 107 struct ipt_icmp 108 { 109 u_int8_t type; 110 u_int8_t code[2]; 111 u_int8_t invflags; 112 }; 113 114 #define IPT_ICMP_INV 0x01 115 116 struct ipt_getinfo 117 { 118 119 char name[IPT_TABLE_MAXNAMELEN]; 120 121 unsigned int valid_hooks; 122 123 unsigned int hook_entry[NF_IP_NUMHOOKS]; 124 125 unsigned int underflow[NF_IP_NUMHOOKS]; 126 127 unsigned int num_entries; 128 129 unsigned int size; 130 }; 131 132 struct ipt_replace 133 { 134 135 char name[IPT_TABLE_MAXNAMELEN]; 136 137 unsigned int valid_hooks; 138 139 unsigned int num_entries; 140 141 unsigned int size; 142 143 unsigned int hook_entry[NF_IP_NUMHOOKS]; 144 145 unsigned int underflow[NF_IP_NUMHOOKS]; 146 147 unsigned int num_counters; 148 149 struct xt_counters __user *counters; 150 151 struct ipt_entry entries[0]; 152 }; 153 154 #define ipt_counters_info xt_counters_info 155 156 struct ipt_get_entries 157 { 158 159 char name[IPT_TABLE_MAXNAMELEN]; 160 161 unsigned int size; 162 163 struct ipt_entry entrytable[0]; 164 }; 165 166 #define IPT_STANDARD_TARGET XT_STANDARD_TARGET 167 168 #define IPT_ERROR_TARGET XT_ERROR_TARGET 169 170 static __inline__ struct ipt_entry_target * 171 ipt_get_target(struct ipt_entry *e) 172 { 173 return (void *)e + e->target_offset; 174 } 175 176 #define IPT_MATCH_ITERATE(e, fn, args...) ({ unsigned int __i; int __ret = 0; struct ipt_entry_match *__match; for (__i = sizeof(struct ipt_entry); __i < (e)->target_offset; __i += __match->u.match_size) { __match = (void *)(e) + __i; __ret = fn(__match , ## args); if (__ret != 0) break; } __ret; }) 177 178 #define IPT_ENTRY_ITERATE(entries, size, fn, args...) ({ unsigned int __i; int __ret = 0; struct ipt_entry *__entry; for (__i = 0; __i < (size); __i += __entry->next_offset) { __entry = (void *)(entries) + __i; __ret = fn(__entry , ## args); if (__ret != 0) break; } __ret; }) 179 180 #endif 181