1d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAI#ifndef _XT_HASHLIMIT_H 2d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAI#define _XT_HASHLIMIT_H 3a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 4350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt#include <linux/types.h> 5350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt 6a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte/* timings are in milliseconds. */ 7d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAI#define XT_HASHLIMIT_SCALE 10000 8a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490 9abdef13f36b63758f8775eb86febd96bf062df6fFlorian Westphal seconds, or one packet every 59 hours. */ 10abdef13f36b63758f8775eb86febd96bf062df6fFlorian Westphal 11abdef13f36b63758f8775eb86febd96bf062df6fFlorian Westphal/* packet length accounting is done in 16-byte steps */ 12abdef13f36b63758f8775eb86febd96bf062df6fFlorian Westphal#define XT_HASHLIMIT_BYTE_SHIFT 4 13a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 14a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte/* details of this structure hidden by the implementation */ 15d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAIstruct xt_hashlimit_htable; 16a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 179a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardtenum { 189a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt XT_HASHLIMIT_HASH_DIP = 1 << 0, 199a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt XT_HASHLIMIT_HASH_DPT = 1 << 1, 209a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt XT_HASHLIMIT_HASH_SIP = 1 << 2, 219a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt XT_HASHLIMIT_HASH_SPT = 1 << 3, 229a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt XT_HASHLIMIT_INVERT = 1 << 4, 23abdef13f36b63758f8775eb86febd96bf062df6fFlorian Westphal XT_HASHLIMIT_BYTES = 1 << 5, 249a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt}; 25a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 26a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Weltestruct hashlimit_cfg { 27350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 28350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 avg; /* Average secs between packets * scale */ 29350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 burst; /* Period multiplier for upper limit. */ 30a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 31a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte /* user specified */ 32350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 size; /* how many buckets */ 33350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 max; /* max number of entries */ 34350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 gc_interval; /* gc interval */ 35350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 expire; /* when do entries expire? */ 36a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte}; 37a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 38d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAIstruct xt_hashlimit_info { 39a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte char name [IFNAMSIZ]; /* name */ 40a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte struct hashlimit_cfg cfg; 41a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte 42a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte /* Used internally by the kernel */ 439a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt struct xt_hashlimit_htable *hinfo; 44a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte union { 45a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte void *ptr; 46d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAI struct xt_hashlimit_info *master; 47a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte } u; 48a5374b239be6d8afdcd7fdd54b9483ffa1d5444dHarald Welte}; 499a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 509a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardtstruct hashlimit_cfg1 { 51350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 52350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 avg; /* Average secs between packets * scale */ 53350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 burst; /* Period multiplier for upper limit. */ 549a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 559a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt /* user specified */ 56350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 size; /* how many buckets */ 57350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 max; /* max number of entries */ 58350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 gc_interval; /* gc interval */ 59350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u32 expire; /* when do entries expire? */ 609a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 61350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt __u8 srcmask, dstmask; 629a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt}; 639a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 649a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardtstruct xt_hashlimit_mtinfo1 { 659a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt char name[IFNAMSIZ]; 669a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt struct hashlimit_cfg1 cfg; 679a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 689a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt /* Used internally by the kernel */ 699a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt struct xt_hashlimit_htable *hinfo __attribute__((aligned(8))); 709a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt}; 719a8c77fc8df3155747c34dcea79b7834a2a9a40aJan Engelhardt 72d62a9db1295608ef98394b830703389973346716Yasuyuki KOZAKAI#endif /*_XT_HASHLIMIT_H*/ 73