diff options
author | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2008-04-14 06:49:38 +0000 |
---|---|---|
committer | /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> | 2008-04-14 06:49:38 +0000 |
commit | c72bcba955fa21bdd6f43daa0d01768969cc2ca4 (patch) | |
tree | ed71bef42050e949bf38c443d1cfb1e175100197 /include/linux/netfilter/xt_SECMARK.h | |
parent | f4fa3048621dd3a71cfafdb1a6dcb16443540962 (diff) |
[PATCH 2/8] Add all necessary header files - compilation fix for various cases
Allow iptables to compile without a kernel source tree. This
implies fixing build for older kernels, such as 2.6.17 which
lack xt_SECMARK.h.
Diffstat (limited to 'include/linux/netfilter/xt_SECMARK.h')
-rw-r--r-- | include/linux/netfilter/xt_SECMARK.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h new file mode 100644 index 0000000..c53fbff --- /dev/null +++ b/include/linux/netfilter/xt_SECMARK.h @@ -0,0 +1,26 @@ +#ifndef _XT_SECMARK_H_target +#define _XT_SECMARK_H_target + +/* + * This is intended for use by various security subsystems (but not + * at the same time). + * + * 'mode' refers to the specific security subsystem which the + * packets are being marked for. + */ +#define SECMARK_MODE_SEL 0x01 /* SELinux */ +#define SECMARK_SELCTX_MAX 256 + +struct xt_secmark_target_selinux_info { + u_int32_t selsid; + char selctx[SECMARK_SELCTX_MAX]; +}; + +struct xt_secmark_target_info { + u_int8_t mode; + union { + struct xt_secmark_target_selinux_info sel; + } u; +}; + +#endif /*_XT_SECMARK_H_target */ |