155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* 255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * ebtables 355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * 455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Authors: 555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Bart De Schuymer <bdschuym@pandora.be> 655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * 755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * ebtables.c,v 2.0, April, 2002 855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * 955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * This code is stongly inspired on the iptables code which is 1055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Copyright (C) 1999 Paul `Rusty' Russell & Michael J. Neuling 1155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells */ 1255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 1355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#ifndef _UAPI__LINUX_BRIDGE_EFF_H 1455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define _UAPI__LINUX_BRIDGE_EFF_H 1555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#include <linux/if.h> 1655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#include <linux/netfilter_bridge.h> 1755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#include <linux/if_ether.h> 1855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 1955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_TABLE_MAXNAMELEN 32 2055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_CHAIN_MAXNAMELEN EBT_TABLE_MAXNAMELEN 2155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_FUNCTION_MAXNAMELEN EBT_TABLE_MAXNAMELEN 2255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 2355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* verdicts >0 are "branches" */ 2455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ACCEPT -1 2555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_DROP -2 2655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_CONTINUE -3 2755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_RETURN -4 2855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define NUM_STANDARD_TARGETS 4 2955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* ebtables target modules store the verdict inside an int. We can 3055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * reclaim a part of this int for backwards compatible extensions. 3155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * The 4 lsb are more than enough to store the verdict. */ 3255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_VERDICT_BITS 0x0000000F 3355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 3455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct xt_match; 3555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct xt_target; 3655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 3755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_counter { 3855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells uint64_t pcnt; 3955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells uint64_t bcnt; 4055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 4155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 4255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_replace { 4355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_TABLE_MAXNAMELEN]; 4455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int valid_hooks; 4555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* nr of rules in the table */ 4655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int nentries; 4755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* total size of the entries */ 4855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int entries_size; 4955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* start of the chains */ 5055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entries __user *hook_entry[NF_BR_NUMHOOKS]; 5155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* nr of counters userspace expects back */ 5255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int num_counters; 5355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* where the kernel will put the old counters */ 5455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_counter __user *counters; 5555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char __user *entries; 5655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 5755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 5855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_replace_kernel { 5955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_TABLE_MAXNAMELEN]; 6055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int valid_hooks; 6155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* nr of rules in the table */ 6255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int nentries; 6355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* total size of the entries */ 6455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int entries_size; 6555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* start of the chains */ 6655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entries *hook_entry[NF_BR_NUMHOOKS]; 6755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* nr of counters userspace expects back */ 6855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int num_counters; 6955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* where the kernel will put the old counters */ 7055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_counter *counters; 7155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char *entries; 7255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 7355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 7455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_entries { 7555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* this field is always set to zero 7655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * See EBT_ENTRY_OR_ENTRIES. 7755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Must be same size as ebt_entry.bitmask */ 7855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int distinguisher; 7955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* the chain name */ 8055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_CHAIN_MAXNAMELEN]; 8155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* counter offset for this chain */ 8255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int counter_offset; 8355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* one standard (accept, drop, return) per hook */ 8455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells int policy; 8555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* nr. of entries */ 8655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int nentries; 8755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* entry list */ 8855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); 8955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 9055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 9155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* used for the bitmask of struct ebt_entry */ 9255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 9355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* This is a hack to make a difference between an ebt_entry struct and an 9455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * ebt_entries struct when traversing the entries from start to end. 9555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Using this simplifies the code a lot, while still being able to use 9655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * ebt_entries. 9755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * Contrary, iptables doesn't use something like ebt_entries and therefore uses 9855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * different techniques for naming the policy and such. So, iptables doesn't 9955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * need a hack like this. 10055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells */ 10155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ENTRY_OR_ENTRIES 0x01 10255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* these are the normal masks */ 10355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_NOPROTO 0x02 10455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_802_3 0x04 10555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SOURCEMAC 0x08 10655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_DESTMAC 0x10 10755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_F_MASK (EBT_NOPROTO | EBT_802_3 | EBT_SOURCEMAC | EBT_DESTMAC \ 10855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells | EBT_ENTRY_OR_ENTRIES) 10955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 11055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_IPROTO 0x01 11155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_IIN 0x02 11255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_IOUT 0x04 11355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ISOURCE 0x8 11455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_IDEST 0x10 11555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ILOGICALIN 0x20 11655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ILOGICALOUT 0x40 11755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_INV_MASK (EBT_IPROTO | EBT_IIN | EBT_IOUT | EBT_ILOGICALIN \ 11855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells | EBT_ILOGICALOUT | EBT_ISOURCE | EBT_IDEST) 11955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 12055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_entry_match { 12155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells union { 12255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_FUNCTION_MAXNAMELEN]; 12355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct xt_match *match; 12455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } u; 12555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* size of data */ 12655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int match_size; 12755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); 12855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 12955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 13055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_entry_watcher { 13155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells union { 13255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_FUNCTION_MAXNAMELEN]; 13355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct xt_target *watcher; 13455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } u; 13555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* size of data */ 13655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int watcher_size; 13755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); 13855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 13955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 14055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_entry_target { 14155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells union { 14255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char name[EBT_FUNCTION_MAXNAMELEN]; 14355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct xt_target *target; 14455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } u; 14555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* size of data */ 14655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int target_size; 14755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); 14855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 14955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 15055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_STANDARD_TARGET "standard" 15155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_standard_target { 15255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entry_target target; 15355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells int verdict; 15455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 15555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 15655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* one entry */ 15755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howellsstruct ebt_entry { 15855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* this needs to be the first field */ 15955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int bitmask; 16055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int invflags; 16155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __be16 ethproto; 16255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* the physical in-dev */ 16355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char in[IFNAMSIZ]; 16455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* the logical in-dev */ 16555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char logical_in[IFNAMSIZ]; 16655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* the physical out-dev */ 16755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char out[IFNAMSIZ]; 16855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* the logical out-dev */ 16955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells char logical_out[IFNAMSIZ]; 17055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char sourcemac[ETH_ALEN]; 17155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char sourcemsk[ETH_ALEN]; 17255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char destmac[ETH_ALEN]; 17355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char destmsk[ETH_ALEN]; 17455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* sizeof ebt_entry + matches */ 17555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int watchers_offset; 17655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* sizeof ebt_entry + matches + watchers */ 17755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int target_offset; 17855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells /* sizeof ebt_entry + matches + watchers + target */ 17955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int next_offset; 18055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned char elems[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); 18155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}; 18255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 18355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* {g,s}etsockopt numbers */ 18455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_BASE_CTL 128 18555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 18655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_SET_ENTRIES (EBT_BASE_CTL) 18755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_SET_COUNTERS (EBT_SO_SET_ENTRIES+1) 18855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_SET_MAX (EBT_SO_SET_COUNTERS+1) 18955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 19055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_GET_INFO (EBT_BASE_CTL) 19155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_GET_ENTRIES (EBT_SO_GET_INFO+1) 19255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_GET_INIT_INFO (EBT_SO_GET_ENTRIES+1) 19355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_GET_INIT_ENTRIES (EBT_SO_GET_INIT_INFO+1) 19455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_SO_GET_MAX (EBT_SO_GET_INIT_ENTRIES+1) 19555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 19655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 19755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells/* blatently stolen from ip_tables.h 19855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells * fn returns 0 to continue iteration */ 19955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_MATCH_ITERATE(e, fn, args...) \ 20055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells({ \ 20155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int __i; \ 20255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells int __ret = 0; \ 20355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entry_match *__match; \ 20455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells \ 20555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells for (__i = sizeof(struct ebt_entry); \ 20655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i < (e)->watchers_offset; \ 20755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i += __match->match_size + \ 20855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells sizeof(struct ebt_entry_match)) { \ 20955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __match = (void *)(e) + __i; \ 21055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells \ 21155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = fn(__match , ## args); \ 21255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret != 0) \ 21355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells break; \ 21455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 21555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret == 0) { \ 21655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__i != (e)->watchers_offset) \ 21755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = -EINVAL; \ 21855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 21955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret; \ 22055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}) 22155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 22255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_WATCHER_ITERATE(e, fn, args...) \ 22355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells({ \ 22455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int __i; \ 22555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells int __ret = 0; \ 22655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entry_watcher *__watcher; \ 22755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells \ 22855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells for (__i = e->watchers_offset; \ 22955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i < (e)->target_offset; \ 23055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i += __watcher->watcher_size + \ 23155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells sizeof(struct ebt_entry_watcher)) { \ 23255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __watcher = (void *)(e) + __i; \ 23355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells \ 23455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = fn(__watcher , ## args); \ 23555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret != 0) \ 23655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells break; \ 23755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 23855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret == 0) { \ 23955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__i != (e)->target_offset) \ 24055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = -EINVAL; \ 24155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 24255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret; \ 24355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}) 24455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 24555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#define EBT_ENTRY_ITERATE(entries, size, fn, args...) \ 24655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells({ \ 24755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells unsigned int __i; \ 24855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells int __ret = 0; \ 24955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells struct ebt_entry *__entry; \ 25055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells \ 25155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells for (__i = 0; __i < (size);) { \ 25255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __entry = (void *)(entries) + __i; \ 25355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = fn(__entry , ## args); \ 25455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret != 0) \ 25555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells break; \ 25655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__entry->bitmask != 0) \ 25755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i += __entry->next_offset; \ 25855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells else \ 25955c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __i += sizeof(struct ebt_entries); \ 26055c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 26155c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__ret == 0) { \ 26255c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells if (__i != (size)) \ 26355c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret = -EINVAL; \ 26455c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells } \ 26555c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells __ret; \ 26655c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells}) 26755c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells 26855c5cd3cc179eb87faa9cc2d9741047dd1642aafDavid Howells#endif /* _UAPI__LINUX_BRIDGE_EFF_H */ 269