diff options
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_FTOS.h | 16 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_TCPMSS.h | 10 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_TTL.h | 19 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_ULOG.h | 42 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_ah.h | 16 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_connlimit.h | 12 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_esp.h | 16 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_tcpmss.h | 9 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_ttl.h | 21 |
9 files changed, 161 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv4/ipt_FTOS.h b/include/linux/netfilter_ipv4/ipt_FTOS.h new file mode 100644 index 0000000..3b04559 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_FTOS.h @@ -0,0 +1,16 @@ +/* Set TOS field in header to any value + * + * (C) 2000 by Matthew G. Marsh <mgm@paktronix.com> + * + * This software is distributed under GNU GPL v2, 1991 + * + * ipt_FTOS.h borrowed heavily from ipt_TOS.h 11/09/2000 +*/ +#ifndef _IPT_FTOS_H +#define _IPT_FTOS_H + +struct ipt_FTOS_info { + u_int8_t ftos; +}; + +#endif /*_IPT_FTOS_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_TCPMSS.h b/include/linux/netfilter_ipv4/ipt_TCPMSS.h new file mode 100644 index 0000000..aadb395 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_TCPMSS.h @@ -0,0 +1,10 @@ +#ifndef _IPT_TCPMSS_H +#define _IPT_TCPMSS_H + +struct ipt_tcpmss_info { + u_int16_t mss; +}; + +#define IPT_TCPMSS_CLAMP_PMTU 0xffff + +#endif /*_IPT_TCPMSS_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_TTL.h b/include/linux/netfilter_ipv4/ipt_TTL.h new file mode 100644 index 0000000..f669b8c --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_TTL.h @@ -0,0 +1,19 @@ +/* TTL modification module for IP tables + * (C) 2000 by Harald Welte <laforge@gnumonks.org> */ + +#ifndef _IPT_TTL_H +#define _IPT_TTL_H + +enum { + IPT_TTL_SET = 0, + IPT_TTL_INC, + IPT_TTL_DEC +}; + +#define IPT_TTL_MAXMODE IPT_TTL_DEC + +struct ipt_TTL_info { + u_int8_t mode; + u_int8_t ttl; +}; +#endif diff --git a/include/linux/netfilter_ipv4/ipt_ULOG.h b/include/linux/netfilter_ipv4/ipt_ULOG.h new file mode 100644 index 0000000..10d7b0c --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_ULOG.h @@ -0,0 +1,42 @@ +/* Header file for IP tables userspace logging, Version 1.6 + * + * (C) 2000 by Harald Welte <laforge@gnumonks.org> + * + * Distributed under the terms of GNU GPL */ + +#ifndef _IPT_ULOG_H +#define _IPT_ULOG_H + +#define ULOG_MAC_LEN 80 +#define ULOG_PREFIX_LEN 32 + +#define ULOG_MAX_QLEN 50 +/* Why 50? Well... there is a limit imposed by the slab cache 131000 + * bytes. So the multipart netlink-message has to be < 131000 bytes. + * Assuming a standard ethernet-mtu of 1500, we could define this up + * to 80... but even 50 seems to be big enough. */ + +/* private data structure for each rule with a ULOG target */ +struct ipt_ulog_info { + unsigned int nl_group; + size_t copy_range; + size_t qthreshold; + char prefix[ULOG_PREFIX_LEN]; +}; + +/* Format of the ULOG packets passed through netlink */ +typedef struct ulog_packet_msg { + unsigned long mark; + long timestamp_sec; + long timestamp_usec; + unsigned int hook; + char indev_name[IFNAMSIZ]; + char outdev_name[IFNAMSIZ]; + size_t data_len; + char prefix[ULOG_PREFIX_LEN]; + unsigned char mac_len; + unsigned char mac[ULOG_MAC_LEN]; + unsigned char payload[0]; +} ulog_packet_msg_t; + +#endif /*_IPT_ULOG_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_ah.h b/include/linux/netfilter_ipv4/ipt_ah.h new file mode 100644 index 0000000..7b9a2ac --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_ah.h @@ -0,0 +1,16 @@ +#ifndef _IPT_AH_H +#define _IPT_AH_H + +struct ipt_ah +{ + u_int32_t spis[2]; /* Security Parameter Index */ + u_int8_t invflags; /* Inverse flags */ +}; + + + +/* Values for "invflags" field in struct ipt_ah. */ +#define IPT_AH_INV_SPI 0x01 /* Invert the sense of spi. */ +#define IPT_AH_INV_MASK 0x01 /* All possible flags. */ + +#endif /*_IPT_AH_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_connlimit.h b/include/linux/netfilter_ipv4/ipt_connlimit.h new file mode 100644 index 0000000..6282194 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_connlimit.h @@ -0,0 +1,12 @@ +#ifndef _IPT_IPLIMIT_H +#define _IPT_IPLIMIT_H + +struct ipt_iplimit_data; + +struct ipt_iplimit_info { + int limit; + int inverse; + u_int32_t mask; + struct ipt_iplimit_data *data; +}; +#endif /* _IPT_IPLIMIT_H */ diff --git a/include/linux/netfilter_ipv4/ipt_esp.h b/include/linux/netfilter_ipv4/ipt_esp.h new file mode 100644 index 0000000..c782a83 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_esp.h @@ -0,0 +1,16 @@ +#ifndef _IPT_ESP_H +#define _IPT_ESP_H + +struct ipt_esp +{ + u_int32_t spis[2]; /* Security Parameter Index */ + u_int8_t invflags; /* Inverse flags */ +}; + + + +/* Values for "invflags" field in struct ipt_esp. */ +#define IPT_ESP_INV_SPI 0x01 /* Invert the sense of spi. */ +#define IPT_ESP_INV_MASK 0x01 /* All possible flags. */ + +#endif /*_IPT_ESP_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_tcpmss.h b/include/linux/netfilter_ipv4/ipt_tcpmss.h new file mode 100644 index 0000000..e2b1439 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_tcpmss.h @@ -0,0 +1,9 @@ +#ifndef _IPT_TCPMSS_MATCH_H +#define _IPT_TCPMSS_MATCH_H + +struct ipt_tcpmss_match_info { + u_int16_t mss_min, mss_max; + u_int8_t invert; +}; + +#endif /*_IPT_TCPMSS_MATCH_H*/ diff --git a/include/linux/netfilter_ipv4/ipt_ttl.h b/include/linux/netfilter_ipv4/ipt_ttl.h new file mode 100644 index 0000000..ee24fd8 --- /dev/null +++ b/include/linux/netfilter_ipv4/ipt_ttl.h @@ -0,0 +1,21 @@ +/* IP tables module for matching the value of the TTL + * (C) 2000 by Harald Welte <laforge@gnumonks.org> */ + +#ifndef _IPT_TTL_H +#define _IPT_TTL_H + +enum { + IPT_TTL_EQ = 0, /* equals */ + IPT_TTL_NE, /* not equals */ + IPT_TTL_LT, /* less than */ + IPT_TTL_GT, /* greater than */ +}; + + +struct ipt_ttl_info { + u_int8_t mode; + u_int8_t ttl; +}; + + +#endif |