x_tables.h revision dcfb7a77f8709125e97c313cb8ab6ec4d87468f4
1#ifndef _X_TABLES_H 2#define _X_TABLES_H 3 4#include <linux/types.h> 5 6#define XT_FUNCTION_MAXNAMELEN 30 7#define XT_TABLE_MAXNAMELEN 32 8 9struct xt_entry_match 10{ 11 union { 12 struct { 13 __u16 match_size; 14 15 /* Used by userspace */ 16 char name[XT_FUNCTION_MAXNAMELEN-1]; 17 18 __u8 revision; 19 } user; 20 struct { 21 __u16 match_size; 22 23 /* Used inside the kernel */ 24 struct xt_match *match; 25 } kernel; 26 27 /* Total length */ 28 __u16 match_size; 29 } u; 30 31 unsigned char data[0]; 32}; 33 34struct xt_entry_target 35{ 36 union { 37 struct { 38 __u16 target_size; 39 40 /* Used by userspace */ 41 char name[XT_FUNCTION_MAXNAMELEN-1]; 42 43 __u8 revision; 44 } user; 45 struct { 46 __u16 target_size; 47 48 /* Used inside the kernel */ 49 struct xt_target *target; 50 } kernel; 51 52 /* Total length */ 53 __u16 target_size; 54 } u; 55 56 unsigned char data[0]; 57}; 58 59#define XT_TARGET_INIT(__name, __size) \ 60{ \ 61 .target.u.user = { \ 62 .target_size = XT_ALIGN(__size), \ 63 .name = __name, \ 64 }, \ 65} 66 67struct xt_standard_target 68{ 69 struct xt_entry_target target; 70 int verdict; 71}; 72 73/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 74 * kernel supports, if >= revision. */ 75struct xt_get_revision 76{ 77 char name[XT_FUNCTION_MAXNAMELEN-1]; 78 79 __u8 revision; 80}; 81 82/* CONTINUE verdict for targets */ 83#define XT_CONTINUE 0xFFFFFFFF 84 85/* For standard target */ 86#define XT_RETURN (-NF_REPEAT - 1) 87 88/* this is a dummy structure to find out the alignment requirement for a struct 89 * containing all the fundamental data types that are used in ipt_entry, 90 * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 91 * personal pleasure to remove it -HW 92 */ 93struct _xt_align 94{ 95 __u8 u8; 96 __u16 u16; 97 __u32 u32; 98 __u64 u64; 99}; 100 101#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 102 & ~(__alignof__(struct _xt_align)-1)) 103 104/* Standard return verdict, or do jump. */ 105#define XT_STANDARD_TARGET "" 106/* Error verdict. */ 107#define XT_ERROR_TARGET "ERROR" 108 109#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 110#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 111 112struct xt_counters 113{ 114 __u64 pcnt, bcnt; /* Packet and byte counters */ 115}; 116 117/* The argument to IPT_SO_ADD_COUNTERS. */ 118struct xt_counters_info 119{ 120 /* Which table. */ 121 char name[XT_TABLE_MAXNAMELEN]; 122 123 unsigned int num_counters; 124 125 /* The counters (actually `number' of these). */ 126 struct xt_counters counters[0]; 127}; 128 129#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 130 131/* fn returns 0 to continue iteration */ 132#define XT_MATCH_ITERATE(type, e, fn, args...) \ 133({ \ 134 unsigned int __i; \ 135 int __ret = 0; \ 136 struct xt_entry_match *__m; \ 137 \ 138 for (__i = sizeof(type); \ 139 __i < (e)->target_offset; \ 140 __i += __m->u.match_size) { \ 141 __m = (void *)e + __i; \ 142 \ 143 __ret = fn(__m , ## args); \ 144 if (__ret != 0) \ 145 break; \ 146 } \ 147 __ret; \ 148}) 149 150/* fn returns 0 to continue iteration */ 151#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 152({ \ 153 unsigned int __i, __n; \ 154 int __ret = 0; \ 155 type *__entry; \ 156 \ 157 for (__i = 0, __n = 0; __i < (size); \ 158 __i += __entry->next_offset, __n++) { \ 159 __entry = (void *)(entries) + __i; \ 160 if (__n < n) \ 161 continue; \ 162 \ 163 __ret = fn(__entry , ## args); \ 164 if (__ret != 0) \ 165 break; \ 166 } \ 167 __ret; \ 168}) 169 170/* fn returns 0 to continue iteration */ 171#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 172 XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 173 174 175#endif /* _X_TABLES_H */ 176