1#ifndef _NFNETLINK_QUEUE_H 2#define _NFNETLINK_QUEUE_H 3 4#include <linux/types.h> 5#include <linux/netfilter/nfnetlink.h> 6 7#ifndef __aligned_be64 8#define __aligned_be64 u_int64_t __attribute__((aligned(8))) 9#endif 10 11enum nfqnl_msg_types { 12 NFQNL_MSG_PACKET, /* packet from kernel to userspace */ 13 NFQNL_MSG_VERDICT, /* verdict from userspace to kernel */ 14 NFQNL_MSG_CONFIG, /* connect to a particular queue */ 15 NFQNL_MSG_VERDICT_BATCH, /* batchv from userspace to kernel */ 16 17 NFQNL_MSG_MAX 18}; 19 20struct nfqnl_msg_packet_hdr { 21 __be32 packet_id; /* unique ID of packet in queue */ 22 __be16 hw_protocol; /* hw protocol (network order) */ 23 __u8 hook; /* netfilter hook */ 24} __attribute__ ((packed)); 25 26struct nfqnl_msg_packet_hw { 27 __be16 hw_addrlen; 28 __u16 _pad; 29 __u8 hw_addr[8]; 30}; 31 32struct nfqnl_msg_packet_timestamp { 33 __aligned_be64 sec; 34 __aligned_be64 usec; 35}; 36 37enum nfqnl_attr_type { 38 NFQA_UNSPEC, 39 NFQA_PACKET_HDR, 40 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */ 41 NFQA_MARK, /* __u32 nfmark */ 42 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */ 43 NFQA_IFINDEX_INDEV, /* __u32 ifindex */ 44 NFQA_IFINDEX_OUTDEV, /* __u32 ifindex */ 45 NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */ 46 NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */ 47 NFQA_HWADDR, /* nfqnl_msg_packet_hw */ 48 NFQA_PAYLOAD, /* opaque data payload */ 49 NFQA_CT, /* nf_conntrack_netlink.h */ 50 NFQA_CT_INFO, /* enum ip_conntrack_info */ 51 NFQA_CAP_LEN, /* __u32 length of captured packet */ 52 53 __NFQA_MAX 54}; 55#define NFQA_MAX (__NFQA_MAX - 1) 56 57struct nfqnl_msg_verdict_hdr { 58 __be32 verdict; 59 __be32 id; 60}; 61 62 63enum nfqnl_msg_config_cmds { 64 NFQNL_CFG_CMD_NONE, 65 NFQNL_CFG_CMD_BIND, 66 NFQNL_CFG_CMD_UNBIND, 67 NFQNL_CFG_CMD_PF_BIND, 68 NFQNL_CFG_CMD_PF_UNBIND, 69}; 70 71struct nfqnl_msg_config_cmd { 72 __u8 command; /* nfqnl_msg_config_cmds */ 73 __u8 _pad; 74 __be16 pf; /* AF_xxx for PF_[UN]BIND */ 75}; 76 77enum nfqnl_config_mode { 78 NFQNL_COPY_NONE, 79 NFQNL_COPY_META, 80 NFQNL_COPY_PACKET, 81}; 82 83struct nfqnl_msg_config_params { 84 __be32 copy_range; 85 __u8 copy_mode; /* enum nfqnl_config_mode */ 86} __attribute__ ((packed)); 87 88 89enum nfqnl_attr_config { 90 NFQA_CFG_UNSPEC, 91 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */ 92 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */ 93 NFQA_CFG_QUEUE_MAXLEN, /* __u32 */ 94 NFQA_CFG_MASK, /* identify which flags to change */ 95 NFQA_CFG_FLAGS, /* value of these flags (__u32) */ 96 __NFQA_CFG_MAX 97}; 98#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1) 99 100/* Flags for NFQA_CFG_FLAGS */ 101#define NFQA_CFG_F_FAIL_OPEN (1 << 0) 102#define NFQA_CFG_F_CONNTRACK (1 << 1) 103#define NFQA_CFG_F_MAX (1 << 2) 104 105#endif /* _NFNETLINK_QUEUE_H */ 106