diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/nf_tables.h | 16 | ||||
-rw-r--r-- | include/statement.h | 11 |
2 files changed, 27 insertions, 0 deletions
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 88e0ca1c..d98cebb0 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -1232,6 +1232,22 @@ enum nft_nat_attributes { #define NFTA_NAT_MAX (__NFTA_NAT_MAX - 1) /** + * enum nft_tproxy_attributes - nf_tables tproxy expression netlink attributes + * + * NFTA_TPROXY_FAMILY: Target address family (NLA_U32: nft_registers) + * NFTA_TPROXY_REG_ADDR: Target address register (NLA_U32: nft_registers) + * NFTA_TPROXY_REG_PORT: Target port register (NLA_U32: nft_registers) + */ +enum nft_tproxy_attributes { + NFTA_TPROXY_UNSPEC, + NFTA_TPROXY_FAMILY, + NFTA_TPROXY_REG_ADDR, + NFTA_TPROXY_REG_PORT, + __NFTA_TPROXY_MAX +}; +#define NFTA_TPROXY_MAX (__NFTA_TPROXY_MAX - 1) + +/** * enum nft_masq_attributes - nf_tables masquerade expression attributes * * @NFTA_MASQ_FLAGS: NAT flags (see NF_NAT_RANGE_* in linux/netfilter/nf_nat.h) (NLA_U32) diff --git a/include/statement.h b/include/statement.h index 5a907aa4..7840e9d2 100644 --- a/include/statement.h +++ b/include/statement.h @@ -128,6 +128,15 @@ struct nat_stmt { extern struct stmt *nat_stmt_alloc(const struct location *loc, enum nft_nat_etypes type); +struct tproxy_stmt { + struct expr *addr; + struct expr *port; + uint8_t family; + uint8_t table_family; /* only used for printing the rule */ +}; + +extern struct stmt *tproxy_stmt_alloc(const struct location *loc); + struct queue_stmt { struct expr *queue; uint16_t flags; @@ -271,6 +280,7 @@ enum stmt_types { STMT_LOG, STMT_REJECT, STMT_NAT, + STMT_TPROXY, STMT_QUEUE, STMT_CT, STMT_SET, @@ -337,6 +347,7 @@ struct stmt { struct limit_stmt limit; struct reject_stmt reject; struct nat_stmt nat; + struct tproxy_stmt tproxy; struct queue_stmt queue; struct quota_stmt quota; struct ct_stmt ct; |