netfilter.h revision e0bba47e550420e371c97425cc6d39909a6e059b
1f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#ifndef __LINUX_NETFILTER_H 2f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define __LINUX_NETFILTER_H 3f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 4ca7cd666949b68bf41a32de38ee38e332e89863bJan Engelhardt 5f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy/* Responses from hook functions. */ 6f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_DROP 0 7f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_ACCEPT 1 8f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_STOLEN 2 9f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_QUEUE 3 10f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_REPEAT 4 11f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_STOP 5 12f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_MAX_VERDICT NF_STOP 13f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 14f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy/* we overload the higher bits for encoding auxiliary data such as the queue 15f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy * number. Not nice, but better than additional function arguments. */ 16f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_VERDICT_MASK 0x0000ffff 17f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_VERDICT_BITS 16 18f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 19f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_VERDICT_QMASK 0xffff0000 20f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NF_VERDICT_QBITS 16 21f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 22ca7cd666949b68bf41a32de38ee38e332e89863bJan Engelhardt#define NF_QUEUE_NR(x) ((((x) << NF_VERDICT_BITS) & NF_VERDICT_QMASK) | NF_QUEUE) 23f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 24f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy/* only for userspace compatibility */ 25f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy/* Generic cache responses from hook functions. 26f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy <= 0x2000 is used for protocol-flags. */ 27f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NFC_UNKNOWN 0x4000 28f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#define NFC_ALTERED 0x8000 29f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 30f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardyenum nf_inet_hooks { 31f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_PRE_ROUTING, 32f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_LOCAL_IN, 33f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_FORWARD, 34f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_LOCAL_OUT, 35f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_POST_ROUTING, 36f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy NF_INET_NUMHOOKS 37f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy}; 38f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 39f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardyunion nf_inet_addr { 40ca7cd666949b68bf41a32de38ee38e332e89863bJan Engelhardt __u32 all[4]; 41e0bba47e550420e371c97425cc6d39909a6e059bPatrick McHardy __be32 ip; 42e0bba47e550420e371c97425cc6d39909a6e059bPatrick McHardy __be32 ip6[4]; 43f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy struct in_addr in; 44f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy struct in6_addr in6; 45f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy}; 46f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy 47f2565b7a45c51d318706ffd0e372ba4e23cd2d32Patrick McHardy#endif /*__LINUX_NETFILTER_H*/ 48