1#ifndef _XT_POLICY_H 2#define _XT_POLICY_H 3 4#include <linux/types.h> 5#include <linux/in.h> 6#include <linux/in6.h> 7 8#define XT_POLICY_MAX_ELEM 4 9 10enum xt_policy_flags { 11 XT_POLICY_MATCH_IN = 0x1, 12 XT_POLICY_MATCH_OUT = 0x2, 13 XT_POLICY_MATCH_NONE = 0x4, 14 XT_POLICY_MATCH_STRICT = 0x8, 15}; 16 17enum xt_policy_modes { 18 XT_POLICY_MODE_TRANSPORT, 19 XT_POLICY_MODE_TUNNEL 20}; 21 22struct xt_policy_spec { 23 __u8 saddr:1, 24 daddr:1, 25 proto:1, 26 mode:1, 27 spi:1, 28 reqid:1; 29}; 30 31#ifndef __KERNEL__ 32union xt_policy_addr { 33 struct in_addr a4; 34 struct in6_addr a6; 35}; 36#endif 37 38struct xt_policy_elem { 39 union { 40#ifdef __KERNEL__ 41 struct { 42 union nf_inet_addr saddr; 43 union nf_inet_addr smask; 44 union nf_inet_addr daddr; 45 union nf_inet_addr dmask; 46 }; 47#else 48 struct { 49 union xt_policy_addr saddr; 50 union xt_policy_addr smask; 51 union xt_policy_addr daddr; 52 union xt_policy_addr dmask; 53 }; 54#endif 55 }; 56 __be32 spi; 57 __u32 reqid; 58 __u8 proto; 59 __u8 mode; 60 61 struct xt_policy_spec match; 62 struct xt_policy_spec invert; 63}; 64 65struct xt_policy_info { 66 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM]; 67 __u16 flags; 68 __u16 len; 69}; 70 71#endif /* _XT_POLICY_H */ 72