1#ifndef _XT_SET_H 2#define _XT_SET_H 3 4#include <linux/types.h> 5#include <linux/netfilter/ipset/ip_set.h> 6 7/* Revision 0 interface: backward compatible with netfilter/iptables */ 8 9/* 10 * Option flags for kernel operations (xt_set_info_v0) 11 */ 12#define IPSET_SRC 0x01 /* Source match/add */ 13#define IPSET_DST 0x02 /* Destination match/add */ 14#define IPSET_MATCH_INV 0x04 /* Inverse matching */ 15 16struct xt_set_info_v0 { 17 ip_set_id_t index; 18 union { 19 __u32 flags[IPSET_DIM_MAX + 1]; 20 struct { 21 __u32 __flags[IPSET_DIM_MAX]; 22 __u8 dim; 23 __u8 flags; 24 } compat; 25 } u; 26}; 27 28/* match and target infos */ 29struct xt_set_info_match_v0 { 30 struct xt_set_info_v0 match_set; 31}; 32 33struct xt_set_info_target_v0 { 34 struct xt_set_info_v0 add_set; 35 struct xt_set_info_v0 del_set; 36}; 37 38/* Revision 1 match and target */ 39 40struct xt_set_info { 41 ip_set_id_t index; 42 __u8 dim; 43 __u8 flags; 44}; 45 46/* match and target infos */ 47struct xt_set_info_match_v1 { 48 struct xt_set_info match_set; 49}; 50 51struct xt_set_info_target_v1 { 52 struct xt_set_info add_set; 53 struct xt_set_info del_set; 54}; 55 56/* Revision 2 target */ 57 58struct xt_set_info_target_v2 { 59 struct xt_set_info add_set; 60 struct xt_set_info del_set; 61 __u32 flags; 62 __u32 timeout; 63}; 64 65/* Revision 3 match */ 66 67struct xt_set_info_match_v3 { 68 struct xt_set_info match_set; 69 struct ip_set_counter_match packets; 70 struct ip_set_counter_match bytes; 71 __u32 flags; 72}; 73 74#endif /*_XT_SET_H*/ 75