1 #ifndef _IP_SET_H 2 #define _IP_SET_H 3 4 /* Copyright (C) 2000-2002 Joakim Axelsson <gozem (at) linux.nu> 5 * Patrick Schaaf <bof (at) bof.de> 6 * Martin Josefsson <gandalf (at) wlug.westbo.se> 7 * Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec (at) blackhole.kfki.hu> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License version 2 as 11 * published by the Free Software Foundation. 12 */ 13 14 /* The protocol version */ 15 #define IPSET_PROTOCOL 6 16 17 /* The max length of strings including NUL: set and type identifiers */ 18 #define IPSET_MAXNAMELEN 32 19 20 /* Message types and commands */ 21 enum ipset_cmd { 22 IPSET_CMD_NONE, 23 IPSET_CMD_PROTOCOL, /* 1: Return protocol version */ 24 IPSET_CMD_CREATE, /* 2: Create a new (empty) set */ 25 IPSET_CMD_DESTROY, /* 3: Destroy a (empty) set */ 26 IPSET_CMD_FLUSH, /* 4: Remove all elements from a set */ 27 IPSET_CMD_RENAME, /* 5: Rename a set */ 28 IPSET_CMD_SWAP, /* 6: Swap two sets */ 29 IPSET_CMD_LIST, /* 7: List sets */ 30 IPSET_CMD_SAVE, /* 8: Save sets */ 31 IPSET_CMD_ADD, /* 9: Add an element to a set */ 32 IPSET_CMD_DEL, /* 10: Delete an element from a set */ 33 IPSET_CMD_TEST, /* 11: Test an element in a set */ 34 IPSET_CMD_HEADER, /* 12: Get set header data only */ 35 IPSET_CMD_TYPE, /* 13: Get set type */ 36 IPSET_MSG_MAX, /* Netlink message commands */ 37 38 /* Commands in userspace: */ 39 IPSET_CMD_RESTORE = IPSET_MSG_MAX, /* 14: Enter restore mode */ 40 IPSET_CMD_HELP, /* 15: Get help */ 41 IPSET_CMD_VERSION, /* 16: Get program version */ 42 IPSET_CMD_QUIT, /* 17: Quit from interactive mode */ 43 44 IPSET_CMD_MAX, 45 46 IPSET_CMD_COMMIT = IPSET_CMD_MAX, /* 18: Commit buffered commands */ 47 }; 48 49 /* Attributes at command level */ 50 enum { 51 IPSET_ATTR_UNSPEC, 52 IPSET_ATTR_PROTOCOL, /* 1: Protocol version */ 53 IPSET_ATTR_SETNAME, /* 2: Name of the set */ 54 IPSET_ATTR_TYPENAME, /* 3: Typename */ 55 IPSET_ATTR_SETNAME2 = IPSET_ATTR_TYPENAME, /* Setname at rename/swap */ 56 IPSET_ATTR_REVISION, /* 4: Settype revision */ 57 IPSET_ATTR_FAMILY, /* 5: Settype family */ 58 IPSET_ATTR_FLAGS, /* 6: Flags at command level */ 59 IPSET_ATTR_DATA, /* 7: Nested attributes */ 60 IPSET_ATTR_ADT, /* 8: Multiple data containers */ 61 IPSET_ATTR_LINENO, /* 9: Restore lineno */ 62 IPSET_ATTR_PROTOCOL_MIN, /* 10: Minimal supported version number */ 63 IPSET_ATTR_REVISION_MIN = IPSET_ATTR_PROTOCOL_MIN, /* type rev min */ 64 __IPSET_ATTR_CMD_MAX, 65 }; 66 #define IPSET_ATTR_CMD_MAX (__IPSET_ATTR_CMD_MAX - 1) 67 68 /* CADT specific attributes */ 69 enum { 70 IPSET_ATTR_IP = IPSET_ATTR_UNSPEC + 1, 71 IPSET_ATTR_IP_FROM = IPSET_ATTR_IP, 72 IPSET_ATTR_IP_TO, /* 2 */ 73 IPSET_ATTR_CIDR, /* 3 */ 74 IPSET_ATTR_PORT, /* 4 */ 75 IPSET_ATTR_PORT_FROM = IPSET_ATTR_PORT, 76 IPSET_ATTR_PORT_TO, /* 5 */ 77 IPSET_ATTR_TIMEOUT, /* 6 */ 78 IPSET_ATTR_PROTO, /* 7 */ 79 IPSET_ATTR_CADT_FLAGS, /* 8 */ 80 IPSET_ATTR_CADT_LINENO = IPSET_ATTR_LINENO, /* 9 */ 81 /* Reserve empty slots */ 82 IPSET_ATTR_CADT_MAX = 16, 83 /* Create-only specific attributes */ 84 IPSET_ATTR_GC, 85 IPSET_ATTR_HASHSIZE, 86 IPSET_ATTR_MAXELEM, 87 IPSET_ATTR_NETMASK, 88 IPSET_ATTR_PROBES, 89 IPSET_ATTR_RESIZE, 90 IPSET_ATTR_SIZE, 91 /* Kernel-only */ 92 IPSET_ATTR_ELEMENTS, 93 IPSET_ATTR_REFERENCES, 94 IPSET_ATTR_MEMSIZE, 95 96 __IPSET_ATTR_CREATE_MAX, 97 }; 98 #define IPSET_ATTR_CREATE_MAX (__IPSET_ATTR_CREATE_MAX - 1) 99 100 /* ADT specific attributes */ 101 enum { 102 IPSET_ATTR_ETHER = IPSET_ATTR_CADT_MAX + 1, 103 IPSET_ATTR_NAME, 104 IPSET_ATTR_NAMEREF, 105 IPSET_ATTR_IP2, 106 IPSET_ATTR_CIDR2, 107 IPSET_ATTR_IP2_TO, 108 IPSET_ATTR_IFACE, 109 __IPSET_ATTR_ADT_MAX, 110 }; 111 #define IPSET_ATTR_ADT_MAX (__IPSET_ATTR_ADT_MAX - 1) 112 113 /* IP specific attributes */ 114 enum { 115 IPSET_ATTR_IPADDR_IPV4 = IPSET_ATTR_UNSPEC + 1, 116 IPSET_ATTR_IPADDR_IPV6, 117 __IPSET_ATTR_IPADDR_MAX, 118 }; 119 #define IPSET_ATTR_IPADDR_MAX (__IPSET_ATTR_IPADDR_MAX - 1) 120 121 /* Error codes */ 122 enum ipset_errno { 123 IPSET_ERR_PRIVATE = 4096, 124 IPSET_ERR_PROTOCOL, 125 IPSET_ERR_FIND_TYPE, 126 IPSET_ERR_MAX_SETS, 127 IPSET_ERR_BUSY, 128 IPSET_ERR_EXIST_SETNAME2, 129 IPSET_ERR_TYPE_MISMATCH, 130 IPSET_ERR_EXIST, 131 IPSET_ERR_INVALID_CIDR, 132 IPSET_ERR_INVALID_NETMASK, 133 IPSET_ERR_INVALID_FAMILY, 134 IPSET_ERR_TIMEOUT, 135 IPSET_ERR_REFERENCED, 136 IPSET_ERR_IPADDR_IPV4, 137 IPSET_ERR_IPADDR_IPV6, 138 139 /* Type specific error codes */ 140 IPSET_ERR_TYPE_SPECIFIC = 4352, 141 }; 142 143 /* Flags at command level */ 144 enum ipset_cmd_flags { 145 IPSET_FLAG_BIT_EXIST = 0, 146 IPSET_FLAG_EXIST = (1 << IPSET_FLAG_BIT_EXIST), 147 IPSET_FLAG_BIT_LIST_SETNAME = 1, 148 IPSET_FLAG_LIST_SETNAME = (1 << IPSET_FLAG_BIT_LIST_SETNAME), 149 IPSET_FLAG_BIT_LIST_HEADER = 2, 150 IPSET_FLAG_LIST_HEADER = (1 << IPSET_FLAG_BIT_LIST_HEADER), 151 }; 152 153 /* Flags at CADT attribute level */ 154 enum ipset_cadt_flags { 155 IPSET_FLAG_BIT_BEFORE = 0, 156 IPSET_FLAG_BEFORE = (1 << IPSET_FLAG_BIT_BEFORE), 157 IPSET_FLAG_BIT_PHYSDEV = 1, 158 IPSET_FLAG_PHYSDEV = (1 << IPSET_FLAG_BIT_PHYSDEV), 159 }; 160 161 /* Commands with settype-specific attributes */ 162 enum ipset_adt { 163 IPSET_ADD, 164 IPSET_DEL, 165 IPSET_TEST, 166 IPSET_ADT_MAX, 167 IPSET_CREATE = IPSET_ADT_MAX, 168 IPSET_CADT_MAX, 169 }; 170 171 172 #endif /*_IP_SET_H */ 173
