diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 17 | ||||
-rw-r--r-- | include/statement.h | 11 |
2 files changed, 28 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 5ebe3d85..70a9619e 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -589,12 +589,26 @@ enum nft_payload_bases { }; /** + * enum nft_payload_csum_types - nf_tables payload expression checksum types + * + * @NFT_PAYLOAD_CSUM_NONE: no checksumming + * @NFT_PAYLOAD_CSUM_INET: internet checksum (RFC 791) + */ +enum nft_payload_csum_types { + NFT_PAYLOAD_CSUM_NONE, + NFT_PAYLOAD_CSUM_INET, +}; + +/** * enum nft_payload_attributes - nf_tables payload expression netlink attributes * * @NFTA_PAYLOAD_DREG: destination register to load data into (NLA_U32: nft_registers) * @NFTA_PAYLOAD_BASE: payload base (NLA_U32: nft_payload_bases) * @NFTA_PAYLOAD_OFFSET: payload offset relative to base (NLA_U32) * @NFTA_PAYLOAD_LEN: payload length (NLA_U32) + * @NFTA_PAYLOAD_SREG: source register to load data from (NLA_U32: nft_registers) + * @NFTA_PAYLOAD_CSUM_TYPE: checksum type (NLA_U32) + * @NFTA_PAYLOAD_CSUM_OFFSET: checksum offset relative to base (NLA_U32) */ enum nft_payload_attributes { NFTA_PAYLOAD_UNSPEC, @@ -602,6 +616,9 @@ enum nft_payload_attributes { NFTA_PAYLOAD_BASE, NFTA_PAYLOAD_OFFSET, NFTA_PAYLOAD_LEN, + NFTA_PAYLOAD_SREG, + NFTA_PAYLOAD_CSUM_TYPE, + NFTA_PAYLOAD_CSUM_OFFSET, __NFTA_PAYLOAD_MAX }; #define NFTA_PAYLOAD_MAX (__NFTA_PAYLOAD_MAX - 1) diff --git a/include/statement.h b/include/statement.h index 8b035d31..53620aec 100644 --- a/include/statement.h +++ b/include/statement.h @@ -17,6 +17,14 @@ struct counter_stmt { extern struct stmt *counter_stmt_alloc(const struct location *loc); +struct payload_stmt { + struct expr *expr; + struct expr *val; +}; + +extern struct stmt *payload_stmt_alloc(const struct location *loc, + struct expr *payload, struct expr *expr); + #include <meta.h> struct meta_stmt { enum nft_meta_keys key; @@ -128,6 +136,7 @@ extern struct stmt *set_stmt_alloc(const struct location *loc); * @STMT_EXPRESSION: expression statement (relational) * @STMT_VERDICT: verdict statement * @STMT_COUNTER: counters + * @STMT_PAYLOAD: payload statement * @STMT_META: meta statement * @STMT_LIMIT: limit statement * @STMT_LOG: log statement @@ -145,6 +154,7 @@ enum stmt_types { STMT_EXPRESSION, STMT_VERDICT, STMT_COUNTER, + STMT_PAYLOAD, STMT_META, STMT_LIMIT, STMT_LOG, @@ -196,6 +206,7 @@ struct stmt { union { struct expr *expr; struct counter_stmt counter; + struct payload_stmt payload; struct meta_stmt meta; struct log_stmt log; struct limit_stmt limit; |