summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter_ipv4
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/netfilter_ipv4')
-rw-r--r--include/linux/netfilter_ipv4/ipt_conntrack.h6
-rw-r--r--include/linux/netfilter_ipv4/ipt_limit.h26
2 files changed, 31 insertions, 1 deletions
diff --git a/include/linux/netfilter_ipv4/ipt_conntrack.h b/include/linux/netfilter_ipv4/ipt_conntrack.h
index eb97456..9877021 100644
--- a/include/linux/netfilter_ipv4/ipt_conntrack.h
+++ b/include/linux/netfilter_ipv4/ipt_conntrack.h
@@ -10,6 +10,7 @@
#define IPT_CONNTRACK_STATE_SNAT (1 << (IP_CT_NUMBER + 1))
#define IPT_CONNTRACK_STATE_DNAT (1 << (IP_CT_NUMBER + 2))
+#define IPT_CONNTRACK_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 3))
/* flags, invflags: */
#define IPT_CONNTRACK_STATE 0x01
@@ -28,7 +29,11 @@ struct ipt_conntrack_info
struct ip_conntrack_tuple tuple[IP_CT_DIR_MAX];
struct in_addr sipmsk[IP_CT_DIR_MAX], dipmsk[IP_CT_DIR_MAX];
+#ifdef KERNEL_64_USERSPACE_32
+ unsigned long long expires_min, expires_max;
+#else
unsigned long expires_min, expires_max;
+#endif
/* Flags word */
u_int8_t flags;
@@ -36,4 +41,3 @@ struct ipt_conntrack_info
u_int8_t invflags;
};
#endif /*_IPT_CONNTRACK_H*/
-
diff --git a/include/linux/netfilter_ipv4/ipt_limit.h b/include/linux/netfilter_ipv4/ipt_limit.h
new file mode 100644
index 0000000..e2fb166
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_limit.h
@@ -0,0 +1,26 @@
+#ifndef _IPT_RATE_H
+#define _IPT_RATE_H
+
+/* timings are in milliseconds. */
+#define IPT_LIMIT_SCALE 10000
+
+/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
+ seconds, or one every 59 hours. */
+struct ipt_rateinfo {
+ u_int32_t avg; /* Average secs between packets * scale */
+ u_int32_t burst; /* Period multiplier for upper limit. */
+
+#ifdef KERNEL_64_USERSPACE_32
+ u_int64_t prev;
+ u_int64_t placeholder;
+#else
+ /* Used internally by the kernel */
+ unsigned long prev;
+ /* Ugly, ugly fucker. */
+ struct ipt_rateinfo *master;
+#endif
+
+ u_int32_t credit;
+ u_int32_t credit_cap, cost;
+};
+#endif /*_IPT_RATE_H*/