diff options
| author | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2015-08-05 17:04:01 -0300 |
|---|---|---|
| committer | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2015-08-05 17:04:01 -0300 |
| commit | 57f0f512b273f60d52568b8c6b77e17f5636edc0 (patch) | |
| tree | 5e910f0e82173f4ef4f51111366a3f1299037a7b /include/linux/netfilter_ipv6 | |
Initial import
Diffstat (limited to 'include/linux/netfilter_ipv6')
| -rw-r--r-- | include/linux/netfilter_ipv6/ip6_tables.h | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h new file mode 100644 index 000000000..b40d2b635 --- /dev/null +++ b/include/linux/netfilter_ipv6/ip6_tables.h @@ -0,0 +1,69 @@ +/* + * 25-Jul-1998 Major changes to allow for ip chain table + * + * 3-Jan-2000 Named tables to allow packet selection for different uses. + */ + +/* + * Format of an IP6 firewall descriptor + * + * src, dst, src_mask, dst_mask are always stored in network byte order. + * flags are stored in host byte order (of course). + * Port numbers are stored in HOST byte order. + */ +#ifndef _IP6_TABLES_H +#define _IP6_TABLES_H + +#include <linux/if.h> +#include <linux/in6.h> +#include <linux/ipv6.h> +#include <linux/skbuff.h> + +#include <linux/init.h> +#include <uapi/linux/netfilter_ipv6/ip6_tables.h> + +extern void ip6t_init(void) __init; + +extern void *ip6t_alloc_initial_table(const struct xt_table *); +extern struct xt_table *ip6t_register_table(struct net *net, + const struct xt_table *table, + const struct ip6t_replace *repl); +extern void ip6t_unregister_table(struct net *net, struct xt_table *table); +extern unsigned int ip6t_do_table(struct sk_buff *skb, + unsigned int hook, + const struct nf_hook_state *state, + struct xt_table *table); + +/* Check for an extension */ +static inline int +ip6t_ext_hdr(u8 nexthdr) +{ return (nexthdr == IPPROTO_HOPOPTS) || + (nexthdr == IPPROTO_ROUTING) || + (nexthdr == IPPROTO_FRAGMENT) || + (nexthdr == IPPROTO_ESP) || + (nexthdr == IPPROTO_AH) || + (nexthdr == IPPROTO_NONE) || + (nexthdr == IPPROTO_DSTOPTS); +} + +#ifdef CONFIG_COMPAT +#include <net/compat.h> + +struct compat_ip6t_entry { + struct ip6t_ip6 ipv6; + compat_uint_t nfcache; + __u16 target_offset; + __u16 next_offset; + compat_uint_t comefrom; + struct compat_xt_counters counters; + unsigned char elems[0]; +}; + +static inline struct xt_entry_target * +compat_ip6t_get_target(struct compat_ip6t_entry *e) +{ + return (void *)e + e->target_offset; +} + +#endif /* CONFIG_COMPAT */ +#endif /* _IP6_TABLES_H */ |