diff options
author | Yasuyuki KOZAKAI <yasuyuki@netfilter.org> | 2007-07-24 05:52:07 +0000 |
---|---|---|
committer | Yasuyuki KOZAKAI <yasuyuki@netfilter.org> | 2007-07-24 05:52:07 +0000 |
commit | 0d502bcdbc97ed359e84f6a21dfa0049b3b60a6c (patch) | |
tree | 537187d08bae1bac51328c5d27f3c24f72b6cc06 /include/libiptc | |
parent | 0b82e8e81e887843011c8771f70d2302901f7e5e (diff) |
Introduces xtables match/target registration
- moves lib_dir to xtables.c
- introduces struct pfinfo which has protocol family dependent infomations.
- unifies load_ip[6]tables_ko() and moves them as load_xtables_ko()
- introduces xt_{match,match_rule,target,tryload} and replaces
ip[6]t_* with them
- unifies following functions and move them to xtables.c
- find_{match,find_target}
- compatible_revision, compatible_{match,target}_revision
- introduces xtables_register_{match,target} and make
register_{match,target}[6] call them. xtables_register_* register ONLY
matches/targets matched protocol family
Some concepts:
- source compatibility for libip[6]t_xxx.c with warning on compilation
not binary compatibility.
- binary compatibility between 2.4/2.6 kernel and iptables/ip6tables,
of cause.
- xtables is enough to support only one address family at runtime.
Then xtables keeps infomations of only the focused address famiy
in struct afinfo.
Diffstat (limited to 'include/libiptc')
-rw-r--r-- | include/libiptc/libxtc.h | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/include/libiptc/libxtc.h b/include/libiptc/libxtc.h new file mode 100644 index 00000000..031afb54 --- /dev/null +++ b/include/libiptc/libxtc.h @@ -0,0 +1,35 @@ +#ifndef _LIBXTC_H +#define _LIBXTC_H +/* Library which manipulates filtering rules. */ + +#include <libiptc/ipt_kernel_headers.h> +#include <linux/netfilter/x_tables.h> + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef XT_MIN_ALIGN +/* xt_entry has pointers and u_int64_t's in it, so if you align to + it, you'll also align to any crazy matches and targets someone + might write */ +#define XT_MIN_ALIGN (__alignof__(struct xt_entry)) +#endif + +#ifndef XT_ALIGN +#define XT_ALIGN(s) (((s) + ((XT_MIN_ALIGN)-1)) & ~((XT_MIN_ALIGN)-1)) +#endif + +typedef char xt_chainlabel[32]; + +#define XTC_LABEL_ACCEPT "ACCEPT" +#define XTC_LABEL_DROP "DROP" +#define XTC_LABEL_QUEUE "QUEUE" +#define XTC_LABEL_RETURN "RETURN" + + +#ifdef __cplusplus +} +#endif + +#endif /* _LIBXTC_H */ |