x_tables.h revision ca7cd666949b68bf41a32de38ee38e332e89863b
1#ifndef _X_TABLES_H 2#define _X_TABLES_H 3 4#define XT_FUNCTION_MAXNAMELEN 30 5#define XT_TABLE_MAXNAMELEN 32 6 7struct xt_entry_match 8{ 9 union { 10 struct { 11 u_int16_t match_size; 12 13 /* Used by userspace */ 14 char name[XT_FUNCTION_MAXNAMELEN-1]; 15 16 u_int8_t revision; 17 } user; 18 struct { 19 u_int16_t match_size; 20 21 /* Used inside the kernel */ 22 struct xt_match *match; 23 } kernel; 24 25 /* Total length */ 26 u_int16_t match_size; 27 } u; 28 29 unsigned char data[0]; 30}; 31 32struct xt_entry_target 33{ 34 union { 35 struct { 36 u_int16_t target_size; 37 38 /* Used by userspace */ 39 char name[XT_FUNCTION_MAXNAMELEN-1]; 40 41 u_int8_t revision; 42 } user; 43 struct { 44 u_int16_t target_size; 45 46 /* Used inside the kernel */ 47 struct xt_target *target; 48 } kernel; 49 50 /* Total length */ 51 u_int16_t target_size; 52 } u; 53 54 unsigned char data[0]; 55}; 56 57#define XT_TARGET_INIT(__name, __size) \ 58{ \ 59 .target.u.user = { \ 60 .target_size = XT_ALIGN(__size), \ 61 .name = __name, \ 62 }, \ 63} 64 65struct xt_standard_target 66{ 67 struct xt_entry_target target; 68 int verdict; 69}; 70 71/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 72 * kernel supports, if >= revision. */ 73struct xt_get_revision 74{ 75 char name[XT_FUNCTION_MAXNAMELEN-1]; 76 77 u_int8_t revision; 78}; 79 80/* CONTINUE verdict for targets */ 81#define XT_CONTINUE 0xFFFFFFFF 82 83/* For standard target */ 84#define XT_RETURN (-NF_REPEAT - 1) 85 86/* this is a dummy structure to find out the alignment requirement for a struct 87 * containing all the fundamental data types that are used in ipt_entry, 88 * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 89 * personal pleasure to remove it -HW 90 */ 91struct _xt_align 92{ 93 u_int8_t u8; 94 u_int16_t u16; 95 u_int32_t u32; 96 u_int64_t u64; 97}; 98 99#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 100 & ~(__alignof__(struct _xt_align)-1)) 101 102/* Standard return verdict, or do jump. */ 103#define XT_STANDARD_TARGET "" 104/* Error verdict. */ 105#define XT_ERROR_TARGET "ERROR" 106 107#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 108#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 109 110struct xt_counters 111{ 112 u_int64_t pcnt, bcnt; /* Packet and byte counters */ 113}; 114 115/* The argument to IPT_SO_ADD_COUNTERS. */ 116struct xt_counters_info 117{ 118 /* Which table. */ 119 char name[XT_TABLE_MAXNAMELEN]; 120 121 unsigned int num_counters; 122 123 /* The counters (actually `number' of these). */ 124 struct xt_counters counters[0]; 125}; 126 127#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 128 129/* fn returns 0 to continue iteration */ 130#define XT_MATCH_ITERATE(type, e, fn, args...) \ 131({ \ 132 unsigned int __i; \ 133 int __ret = 0; \ 134 struct xt_entry_match *__m; \ 135 \ 136 for (__i = sizeof(type); \ 137 __i < (e)->target_offset; \ 138 __i += __m->u.match_size) { \ 139 __m = (void *)e + __i; \ 140 \ 141 __ret = fn(__m , ## args); \ 142 if (__ret != 0) \ 143 break; \ 144 } \ 145 __ret; \ 146}) 147 148/* fn returns 0 to continue iteration */ 149#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 150({ \ 151 unsigned int __i, __n; \ 152 int __ret = 0; \ 153 type *__entry; \ 154 \ 155 for (__i = 0, __n = 0; __i < (size); \ 156 __i += __entry->next_offset, __n++) { \ 157 __entry = (void *)(entries) + __i; \ 158 if (__n < n) \ 159 continue; \ 160 \ 161 __ret = fn(__entry , ## args); \ 162 if (__ret != 0) \ 163 break; \ 164 } \ 165 __ret; \ 166}) 167 168/* fn returns 0 to continue iteration */ 169#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 170 XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 171 172 173#endif /* _X_TABLES_H */ 174