diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2008-02-11 01:23:01 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-04-14 08:49:38 +0200 |
commit | ca7cd666949b68bf41a32de38ee38e332e89863b (patch) | |
tree | ed71bef42050e949bf38c443d1cfb1e175100197 /include/linux/netfilter/xt_SECMARK.h | |
parent | 8d458beec463e0b16467ee4649d4575377854fd7 (diff) |
Add all necessary header files - compilation fix for various cases
Allow iptables to compile without a kernel source tree. This
implies fixing build for older kernels, such as 2.6.17 which
lack xt_SECMARK.h.
Diffstat (limited to 'include/linux/netfilter/xt_SECMARK.h')
-rw-r--r-- | include/linux/netfilter/xt_SECMARK.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h new file mode 100644 index 00000000..c53fbffa --- /dev/null +++ b/include/linux/netfilter/xt_SECMARK.h @@ -0,0 +1,26 @@ +#ifndef _XT_SECMARK_H_target +#define _XT_SECMARK_H_target + +/* + * This is intended for use by various security subsystems (but not + * at the same time). + * + * 'mode' refers to the specific security subsystem which the + * packets are being marked for. + */ +#define SECMARK_MODE_SEL 0x01 /* SELinux */ +#define SECMARK_SELCTX_MAX 256 + +struct xt_secmark_target_selinux_info { + u_int32_t selsid; + char selctx[SECMARK_SELCTX_MAX]; +}; + +struct xt_secmark_target_info { + u_int8_t mode; + union { + struct xt_secmark_target_selinux_info sel; + } u; +}; + +#endif /*_XT_SECMARK_H_target */ |