From e67b632ed614f4cda423623bc6c57cbacf5ba182 Mon Sep 17 00:00:00 2001 From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org" Date: Mon, 3 Jan 2005 03:48:40 +0000 Subject: Extension revision number support (if kernel supports the getsockopts). Enhance MARK match with second revision. Committed in anticipation of the kernel patch being applied. --- include/iptables.h | 18 ++++++++++++++++++ include/linux/netfilter_ipv4/ipt_MARK.h | 15 +++++++++++++++ 2 files changed, 33 insertions(+) (limited to 'include') diff --git a/include/iptables.h b/include/iptables.h index 6d997f7..25f36ae 100644 --- a/include/iptables.h +++ b/include/iptables.h @@ -12,6 +12,18 @@ #define IPPROTO_SCTP 132 #endif +#ifndef IPT_SO_GET_REVISION_MATCH /* Old kernel source. */ +#define IPT_SO_GET_REVISION_MATCH (IPT_BASE_CTL + 2) +#define IPT_SO_GET_REVISION_TARGET (IPT_BASE_CTL + 3) + +struct ipt_get_revision +{ + char name[IPT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; +}; +#endif /* IPT_SO_GET_REVISION_MATCH Old kernel source */ + struct iptables_rule_match { struct iptables_rule_match *next; @@ -26,6 +38,9 @@ struct iptables_match ipt_chainlabel name; + /* Revision of match (0 by default). */ + u_int8_t revision; + const char *version; /* Size of match data. */ @@ -76,6 +91,9 @@ struct iptables_target ipt_chainlabel name; + /* Revision of target (0 by default). */ + u_int8_t revision; + const char *version; /* Size of target data. */ diff --git a/include/linux/netfilter_ipv4/ipt_MARK.h b/include/linux/netfilter_ipv4/ipt_MARK.h index 6febfe6..3694e48 100644 --- a/include/linux/netfilter_ipv4/ipt_MARK.h +++ b/include/linux/netfilter_ipv4/ipt_MARK.h @@ -9,4 +9,19 @@ struct ipt_mark_target_info { #endif }; +enum { + IPT_MARK_SET=0, + IPT_MARK_AND, + IPT_MARK_OR +}; + +struct ipt_mark_target_info_v1 { +#ifdef KERNEL_64_USERSPACE_32 + unsigned long long mark; +#else + unsigned long mark; +#endif + u_int8_t mode; +}; + #endif /*_IPT_MARK_H_target*/ -- cgit v1.2.3