diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2011-08-28 14:19:43 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-08-31 14:07:43 +0200 |
commit | dbe77cc974cee656eae37e75039dd1a410a4535b (patch) | |
tree | 81b96ab85defef50f6f492d5d66cd6e0d6299135 /include/linux/netfilter/xt_set.h | |
parent | 3775fb69f63b76191bc3571bfa8538c18173d90f (diff) |
include: refresh include files from kernel 3.1-rc3
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'include/linux/netfilter/xt_set.h')
-rw-r--r-- | include/linux/netfilter/xt_set.h | 81 |
1 files changed, 11 insertions, 70 deletions
diff --git a/include/linux/netfilter/xt_set.h b/include/linux/netfilter/xt_set.h index 4379ce9f..e3a9978f 100644 --- a/include/linux/netfilter/xt_set.h +++ b/include/linux/netfilter/xt_set.h @@ -1,62 +1,8 @@ #ifndef _XT_SET_H #define _XT_SET_H -/* The protocol version */ -#define IPSET_PROTOCOL 5 - -/* The max length of strings including NUL: set and type identifiers */ -#define IPSET_MAXNAMELEN 32 - -/* Sets are identified by an index in kernel space. Tweak with ip_set_id_t - * and IPSET_INVALID_ID if you want to increase the max number of sets. - */ -typedef uint16_t ip_set_id_t; - -#define IPSET_INVALID_ID 65535 - -enum ip_set_dim { - IPSET_DIM_ZERO = 0, - IPSET_DIM_ONE, - IPSET_DIM_TWO, - IPSET_DIM_THREE, - /* Max dimension in elements. - * If changed, new revision of iptables match/target is required. - */ - IPSET_DIM_MAX = 6, -}; - -/* Option flags for kernel operations */ -enum ip_set_kopt { - IPSET_INV_MATCH = (1 << IPSET_DIM_ZERO), - IPSET_DIM_ONE_SRC = (1 << IPSET_DIM_ONE), - IPSET_DIM_TWO_SRC = (1 << IPSET_DIM_TWO), - IPSET_DIM_THREE_SRC = (1 << IPSET_DIM_THREE), -}; - -/* Interface to iptables/ip6tables */ - -#define SO_IP_SET 83 - -union ip_set_name_index { - char name[IPSET_MAXNAMELEN]; - ip_set_id_t index; -}; - -#define IP_SET_OP_GET_BYNAME 0x00000006 /* Get set index by name */ -struct ip_set_req_get_set { - unsigned op; - unsigned version; - union ip_set_name_index set; -}; - -#define IP_SET_OP_GET_BYINDEX 0x00000007 /* Get set name by index */ -/* Uses ip_set_req_get_set */ - -#define IP_SET_OP_VERSION 0x00000100 /* Ask kernel version */ -struct ip_set_req_version { - unsigned op; - unsigned version; -}; +#include <linux/types.h> +#include <linux/netfilter/ipset/ip_set.h> /* Revision 0 interface: backward compatible with netfilter/iptables */ @@ -70,11 +16,11 @@ struct ip_set_req_version { struct xt_set_info_v0 { ip_set_id_t index; union { - u_int32_t flags[IPSET_DIM_MAX + 1]; + __u32 flags[IPSET_DIM_MAX + 1]; struct { - u_int32_t __flags[IPSET_DIM_MAX]; - u_int8_t dim; - u_int8_t flags; + __u32 __flags[IPSET_DIM_MAX]; + __u8 dim; + __u8 flags; } compat; } u; }; @@ -89,12 +35,12 @@ struct xt_set_info_target_v0 { struct xt_set_info_v0 del_set; }; -/* Revision 1 match and target */ +/* Revision 1 match and target */ struct xt_set_info { ip_set_id_t index; - u_int8_t dim; - u_int8_t flags; + __u8 dim; + __u8 flags; }; /* match and target infos */ @@ -109,16 +55,11 @@ struct xt_set_info_target_v1 { /* Revision 2 target */ -enum ipset_cmd_flags { - IPSET_FLAG_BIT_EXIST = 0, - IPSET_FLAG_EXIST = (1 << IPSET_FLAG_BIT_EXIST), -}; - struct xt_set_info_target_v2 { struct xt_set_info add_set; struct xt_set_info del_set; - u_int32_t flags; - u_int32_t timeout; + __u32 flags; + __u32 timeout; }; #endif /*_XT_SET_H*/ |