130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#ifndef _UAPI_X_TABLES_H 230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define _UAPI_X_TABLES_H 330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#include <linux/kernel.h> 430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#include <linux/types.h> 530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_FUNCTION_MAXNAMELEN 30 730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_EXTENSION_MAXNAMELEN 29 830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_TABLE_MAXNAMELEN 32 930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 1030692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_entry_match { 1130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng union { 1230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct { 1330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 match_size; 1430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 1530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Used by userspace */ 1630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng char name[XT_EXTENSION_MAXNAMELEN]; 1730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u8 revision; 1830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } user; 1930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct { 2030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 match_size; 2130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 2230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Used inside the kernel */ 2330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_match *match; 2430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } kernel; 2530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 2630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Total length */ 2730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 match_size; 2830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } u; 2930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 3030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng unsigned char data[0]; 3130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 3230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 3330692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_entry_target { 3430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng union { 3530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct { 3630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 target_size; 3730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 3830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Used by userspace */ 3930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng char name[XT_EXTENSION_MAXNAMELEN]; 4030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u8 revision; 4130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } user; 4230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct { 4330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 target_size; 4430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 4530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Used inside the kernel */ 4630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_target *target; 4730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } kernel; 4830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 4930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Total length */ 5030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 target_size; 5130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } u; 5230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 5330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng unsigned char data[0]; 5430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 5530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 5630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_TARGET_INIT(__name, __size) \ 5730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng{ \ 5830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng .target.u.user = { \ 5930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng .target_size = XT_ALIGN(__size), \ 6030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng .name = __name, \ 6130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng }, \ 6230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng} 6330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 6430692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_standard_target { 6530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_entry_target target; 6630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng int verdict; 6730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 6830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 6930692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_error_target { 7030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_entry_target target; 7130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng char errorname[XT_FUNCTION_MAXNAMELEN]; 7230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 7330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 7430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 7530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng * kernel supports, if >= revision. */ 7630692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_get_revision { 7730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng char name[XT_EXTENSION_MAXNAMELEN]; 7830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u8 revision; 7930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 8030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 8130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* CONTINUE verdict for targets */ 8230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_CONTINUE 0xFFFFFFFF 8330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 8430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* For standard target */ 8530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_RETURN (-NF_REPEAT - 1) 8630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 8730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* this is a dummy structure to find out the alignment requirement for a struct 8830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng * containing all the fundamental data types that are used in ipt_entry, 8930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 9030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng * personal pleasure to remove it -HW 9130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng */ 9230692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct _xt_align { 9330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u8 u8; 9430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u16 u16; 9530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u32 u32; 9630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u64 u64; 9730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 9830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 9930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_ALIGN(s) __ALIGN_KERNEL((s), __alignof__(struct _xt_align)) 10030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 10130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* Standard return verdict, or do jump. */ 10230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_STANDARD_TARGET "" 10330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* Error verdict. */ 10430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_ERROR_TARGET "ERROR" 10530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 10630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 10730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 10830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 10930692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_counters { 11030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __u64 pcnt, bcnt; /* Packet and byte counters */ 11130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 11230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 11330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* The argument to IPT_SO_ADD_COUNTERS. */ 11430692c65c4174412c90e79489e98ab85c1a7412fBen Chengstruct xt_counters_info { 11530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* Which table. */ 11630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng char name[XT_TABLE_MAXNAMELEN]; 11730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 11830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng unsigned int num_counters; 11930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 12030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng /* The counters (actually `number' of these). */ 12130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_counters counters[0]; 12230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}; 12330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 12430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 12530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 12630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#ifndef __KERNEL__ 12730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* fn returns 0 to continue iteration */ 12830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_MATCH_ITERATE(type, e, fn, args...) \ 12930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng({ \ 13030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng unsigned int __i; \ 13130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng int __ret = 0; \ 13230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng struct xt_entry_match *__m; \ 13330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng \ 13430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng for (__i = sizeof(type); \ 13530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __i < (e)->target_offset; \ 13630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __i += __m->u.match_size) { \ 13730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __m = (void *)e + __i; \ 13830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng \ 13930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __ret = fn(__m , ## args); \ 14030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng if (__ret != 0) \ 14130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng break; \ 14230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } \ 14330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __ret; \ 14430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}) 14530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 14630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* fn returns 0 to continue iteration */ 14730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 14830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng({ \ 14930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng unsigned int __i, __n; \ 15030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng int __ret = 0; \ 15130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng type *__entry; \ 15230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng \ 15330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng for (__i = 0, __n = 0; __i < (size); \ 15430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __i += __entry->next_offset, __n++) { \ 15530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __entry = (void *)(entries) + __i; \ 15630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng if (__n < n) \ 15730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng continue; \ 15830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng \ 15930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __ret = fn(__entry , ## args); \ 16030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng if (__ret != 0) \ 16130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng break; \ 16230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng } \ 16330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng __ret; \ 16430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng}) 16530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 16630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* fn returns 0 to continue iteration */ 16730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 16830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 16930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 17030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#endif /* !__KERNEL__ */ 17130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 17230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* pos is normally a struct ipt_entry/ip6t_entry/etc. */ 17330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define xt_entry_foreach(pos, ehead, esize) \ 17430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng for ((pos) = (typeof(pos))(ehead); \ 17530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (pos) < (typeof(pos))((char *)(ehead) + (esize)); \ 17630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset)) 17730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 17830692c65c4174412c90e79489e98ab85c1a7412fBen Cheng/* can only be xt_entry_match, so no use of typeof here */ 17930692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#define xt_ematch_foreach(pos, entry) \ 18030692c65c4174412c90e79489e98ab85c1a7412fBen Cheng for ((pos) = (struct xt_entry_match *)entry->elems; \ 18130692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (pos) < (struct xt_entry_match *)((char *)(entry) + \ 18230692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (entry)->target_offset); \ 18330692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (pos) = (struct xt_entry_match *)((char *)(pos) + \ 18430692c65c4174412c90e79489e98ab85c1a7412fBen Cheng (pos)->u.match_size)) 18530692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 18630692c65c4174412c90e79489e98ab85c1a7412fBen Cheng 18730692c65c4174412c90e79489e98ab85c1a7412fBen Cheng#endif /* _UAPI_X_TABLES_H */ 188