x_tables.h revision ab322673298bd0b8927cdd9d11f3d36af5941b93
1#ifndef _X_TABLES_H 2#define _X_TABLES_H 3 4#include <linux/types.h> 5 6#define XT_FUNCTION_MAXNAMELEN 30 7#define XT_TABLE_MAXNAMELEN 32 8 9struct xt_entry_match { 10 union { 11 struct { 12 __u16 match_size; 13 14 /* Used by userspace */ 15 char name[XT_FUNCTION_MAXNAMELEN-1]; 16 17 __u8 revision; 18 } user; 19 struct { 20 __u16 match_size; 21 22 /* Used inside the kernel */ 23 struct xt_match *match; 24 } kernel; 25 26 /* Total length */ 27 __u16 match_size; 28 } u; 29 30 unsigned char data[0]; 31}; 32 33struct xt_entry_target { 34 union { 35 struct { 36 __u16 target_size; 37 38 /* Used by userspace */ 39 char name[XT_FUNCTION_MAXNAMELEN-1]; 40 41 __u8 revision; 42 } user; 43 struct { 44 __u16 target_size; 45 46 /* Used inside the kernel */ 47 struct xt_target *target; 48 } kernel; 49 50 /* Total length */ 51 __u16 target_size; 52 } u; 53 54 unsigned char data[0]; 55}; 56 57#define XT_TARGET_INIT(__name, __size) \ 58{ \ 59 .target.u.user = { \ 60 .target_size = XT_ALIGN(__size), \ 61 .name = __name, \ 62 }, \ 63} 64 65struct xt_standard_target { 66 struct xt_entry_target target; 67 int verdict; 68}; 69 70/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 71 * kernel supports, if >= revision. */ 72struct xt_get_revision { 73 char name[XT_FUNCTION_MAXNAMELEN-1]; 74 75 __u8 revision; 76}; 77 78/* CONTINUE verdict for targets */ 79#define XT_CONTINUE 0xFFFFFFFF 80 81/* For standard target */ 82#define XT_RETURN (-NF_REPEAT - 1) 83 84/* this is a dummy structure to find out the alignment requirement for a struct 85 * containing all the fundamental data types that are used in ipt_entry, 86 * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 87 * personal pleasure to remove it -HW 88 */ 89struct _xt_align { 90 __u8 u8; 91 __u16 u16; 92 __u32 u32; 93 __u64 u64; 94}; 95 96#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 97 & ~(__alignof__(struct _xt_align)-1)) 98 99/* Standard return verdict, or do jump. */ 100#define XT_STANDARD_TARGET "" 101/* Error verdict. */ 102#define XT_ERROR_TARGET "ERROR" 103 104#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 105#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 106 107struct xt_counters { 108 __u64 pcnt, bcnt; /* Packet and byte counters */ 109}; 110 111/* The argument to IPT_SO_ADD_COUNTERS. */ 112struct xt_counters_info { 113 /* Which table. */ 114 char name[XT_TABLE_MAXNAMELEN]; 115 116 unsigned int num_counters; 117 118 /* The counters (actually `number' of these). */ 119 struct xt_counters counters[0]; 120}; 121 122#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 123 124/* fn returns 0 to continue iteration */ 125#define XT_MATCH_ITERATE(type, e, fn, args...) \ 126({ \ 127 unsigned int __i; \ 128 int __ret = 0; \ 129 struct xt_entry_match *__m; \ 130 \ 131 for (__i = sizeof(type); \ 132 __i < (e)->target_offset; \ 133 __i += __m->u.match_size) { \ 134 __m = (void *)e + __i; \ 135 \ 136 __ret = fn(__m , ## args); \ 137 if (__ret != 0) \ 138 break; \ 139 } \ 140 __ret; \ 141}) 142 143/* fn returns 0 to continue iteration */ 144#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 145({ \ 146 unsigned int __i, __n; \ 147 int __ret = 0; \ 148 type *__entry; \ 149 \ 150 for (__i = 0, __n = 0; __i < (size); \ 151 __i += __entry->next_offset, __n++) { \ 152 __entry = (void *)(entries) + __i; \ 153 if (__n < n) \ 154 continue; \ 155 \ 156 __ret = fn(__entry , ## args); \ 157 if (__ret != 0) \ 158 break; \ 159 } \ 160 __ret; \ 161}) 162 163/* fn returns 0 to continue iteration */ 164#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 165 XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 166 167 168#endif /* _X_TABLES_H */ 169