diff options
author | Patrick McHardy <kaber@trash.net> | 2008-01-29 14:34:27 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-01-29 14:34:27 +0000 |
commit | f2565b7a45c51d318706ffd0e372ba4e23cd2d32 (patch) | |
tree | 8d3bf0a0ab6303e9fbcdd1ab034258fb499f7426 /include/linux | |
parent | 9ee386a1b6d7704b259460152c959ab0e79e02aa (diff) |
Add netfilter.h
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter.h | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h new file mode 100644 index 00000000..0d1ba115 --- /dev/null +++ b/include/linux/netfilter.h @@ -0,0 +1,48 @@ +#ifndef __LINUX_NETFILTER_H +#define __LINUX_NETFILTER_H + +#include <linux/compiler.h> + +/* Responses from hook functions. */ +#define NF_DROP 0 +#define NF_ACCEPT 1 +#define NF_STOLEN 2 +#define NF_QUEUE 3 +#define NF_REPEAT 4 +#define NF_STOP 5 +#define NF_MAX_VERDICT NF_STOP + +/* we overload the higher bits for encoding auxiliary data such as the queue + * number. Not nice, but better than additional function arguments. */ +#define NF_VERDICT_MASK 0x0000ffff +#define NF_VERDICT_BITS 16 + +#define NF_VERDICT_QMASK 0xffff0000 +#define NF_VERDICT_QBITS 16 + +#define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE) + +/* only for userspace compatibility */ +/* Generic cache responses from hook functions. + <= 0x2000 is used for protocol-flags. */ +#define NFC_UNKNOWN 0x4000 +#define NFC_ALTERED 0x8000 + +enum nf_inet_hooks { + NF_INET_PRE_ROUTING, + NF_INET_LOCAL_IN, + NF_INET_FORWARD, + NF_INET_LOCAL_OUT, + NF_INET_POST_ROUTING, + NF_INET_NUMHOOKS +}; + +union nf_inet_addr { + u_int32_t all[4]; + __be32 ip; + __be32 ip6[4]; + struct in_addr in; + struct in6_addr in6; +}; + +#endif /*__LINUX_NETFILTER_H*/ |