Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 9b1ee0b2cb8bffdbb3003b1d5205f3ae0592c15a / . / include / linux / netfilter_ipv6 / ip6_tables.h
blob: 610208b18c05819dc4cfecc0554574269157f90f [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
2 * 25-Jul-1998 Major changes to allow for ip chain table
3 *
4 * 3-Jan-2000 Named tables to allow packet selection for different uses.
5 */
6
7/*
8 * Format of an IP6 firewall descriptor
9 *
10 * src, dst, src_mask, dst_mask are always stored in network byte order.
11 * flags are stored in host byte order (of course).
12 * Port numbers are stored in HOST byte order.
13 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]14#ifndef _IP6_TABLES_H
15#define _IP6_TABLES_H
16
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]17#include <linux/if.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]18#include <linux/in6.h>
19#include <linux/ipv6.h>
20#include <linux/skbuff.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]21
22#include <linux/init.h>
David Howellsff1e1752012-10-09 09:49:01 +0100[diff] [blame]23#include <uapi/linux/netfilter_ipv6/ip6_tables.h>
24
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]25extern void ip6t_init(void) __init;
26
Jan Engelhardte3eaa992009-06-17 22:14:54 +0200[diff] [blame]27extern void *ip6t_alloc_initial_table(const struct xt_table *);
Alexey Dobriyan336b5172008-01-31 04:03:45 -0800[diff] [blame]28extern struct xt_table *ip6t_register_table(struct net *net,
Jan Engelhardt35aad0f2009-08-24 14:56:30 +0200[diff] [blame]29 const struct xt_table *table,
Alexey Dobriyan44d34e72008-01-31 04:02:44 -0800[diff] [blame]30 const struct ip6t_replace *repl);
Alexey Dobriyanf54e9362010-01-18 08:25:47 +0100[diff] [blame]31extern void ip6t_unregister_table(struct net *net, struct xt_table *table);
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]32extern unsigned int ip6t_do_table(struct sk_buff *skb,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]33 unsigned int hook,
34 const struct net_device *in,
35 const struct net_device *out,
Jan Engelhardte60a13e2007-02-07 15:12:33 -0800[diff] [blame]36 struct xt_table *table);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]37
38/* Check for an extension */
Pablo Neira Ayuso95ad2f82012-04-06 18:12:54 +0200[diff] [blame]39static inline int
40ip6t_ext_hdr(u8 nexthdr)
41{ return (nexthdr == IPPROTO_HOPOPTS) ||
42 (nexthdr == IPPROTO_ROUTING) ||
43 (nexthdr == IPPROTO_FRAGMENT) ||
44 (nexthdr == IPPROTO_ESP) ||
45 (nexthdr == IPPROTO_AH) ||
46 (nexthdr == IPPROTO_NONE) ||
47 (nexthdr == IPPROTO_DSTOPTS);
48}
49
Patrick McHardy3bc3fe52007-12-17 21:50:37 -0800[diff] [blame]50#ifdef CONFIG_COMPAT
51#include <net/compat.h>
52
Eric Dumazetd94d9fe2009-11-04 09:50:58 -0800[diff] [blame]53struct compat_ip6t_entry {
Patrick McHardy3bc3fe52007-12-17 21:50:37 -0800[diff] [blame]54 struct ip6t_ip6 ipv6;
55 compat_uint_t nfcache;
Ben Hutchings7ff30c42011-08-24 18:44:57 +0000[diff] [blame]56 __u16 target_offset;
57 __u16 next_offset;
Patrick McHardy3bc3fe52007-12-17 21:50:37 -0800[diff] [blame]58 compat_uint_t comefrom;
59 struct compat_xt_counters counters;
60 unsigned char elems[0];
61};
62
Jan Engelhardt87a2e70d2010-10-13 16:11:22 +0200[diff] [blame]63static inline struct xt_entry_target *
Patrick McHardy3bc3fe52007-12-17 21:50:37 -0800[diff] [blame]64compat_ip6t_get_target(struct compat_ip6t_entry *e)
65{
66 return (void *)e + e->target_offset;
67}
68
Patrick McHardy3bc3fe52007-12-17 21:50:37 -0800[diff] [blame]69#endif /* CONFIG_COMPAT */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]70#endif /* _IP6_TABLES_H */