summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter/xt_set.h
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2011-08-28 14:19:43 +0200
committerJan Engelhardt <jengelh@medozas.de>2011-08-31 14:07:43 +0200
commitdbe77cc974cee656eae37e75039dd1a410a4535b (patch)
tree81b96ab85defef50f6f492d5d66cd6e0d6299135 /include/linux/netfilter/xt_set.h
parent3775fb69f63b76191bc3571bfa8538c18173d90f (diff)
include: refresh include files from kernel 3.1-rc3
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'include/linux/netfilter/xt_set.h')
-rw-r--r--include/linux/netfilter/xt_set.h81
1 files changed, 11 insertions, 70 deletions
diff --git a/include/linux/netfilter/xt_set.h b/include/linux/netfilter/xt_set.h
index 4379ce9f..e3a9978f 100644
--- a/include/linux/netfilter/xt_set.h
+++ b/include/linux/netfilter/xt_set.h
@@ -1,62 +1,8 @@
#ifndef _XT_SET_H
#define _XT_SET_H
-/* The protocol version */
-#define IPSET_PROTOCOL 5
-
-/* The max length of strings including NUL: set and type identifiers */
-#define IPSET_MAXNAMELEN 32
-
-/* Sets are identified by an index in kernel space. Tweak with ip_set_id_t
- * and IPSET_INVALID_ID if you want to increase the max number of sets.
- */
-typedef uint16_t ip_set_id_t;
-
-#define IPSET_INVALID_ID 65535
-
-enum ip_set_dim {
- IPSET_DIM_ZERO = 0,
- IPSET_DIM_ONE,
- IPSET_DIM_TWO,
- IPSET_DIM_THREE,
- /* Max dimension in elements.
- * If changed, new revision of iptables match/target is required.
- */
- IPSET_DIM_MAX = 6,
-};
-
-/* Option flags for kernel operations */
-enum ip_set_kopt {
- IPSET_INV_MATCH = (1 << IPSET_DIM_ZERO),
- IPSET_DIM_ONE_SRC = (1 << IPSET_DIM_ONE),
- IPSET_DIM_TWO_SRC = (1 << IPSET_DIM_TWO),
- IPSET_DIM_THREE_SRC = (1 << IPSET_DIM_THREE),
-};
-
-/* Interface to iptables/ip6tables */
-
-#define SO_IP_SET 83
-
-union ip_set_name_index {
- char name[IPSET_MAXNAMELEN];
- ip_set_id_t index;
-};
-
-#define IP_SET_OP_GET_BYNAME 0x00000006 /* Get set index by name */
-struct ip_set_req_get_set {
- unsigned op;
- unsigned version;
- union ip_set_name_index set;
-};
-
-#define IP_SET_OP_GET_BYINDEX 0x00000007 /* Get set name by index */
-/* Uses ip_set_req_get_set */
-
-#define IP_SET_OP_VERSION 0x00000100 /* Ask kernel version */
-struct ip_set_req_version {
- unsigned op;
- unsigned version;
-};
+#include <linux/types.h>
+#include <linux/netfilter/ipset/ip_set.h>
/* Revision 0 interface: backward compatible with netfilter/iptables */
@@ -70,11 +16,11 @@ struct ip_set_req_version {
struct xt_set_info_v0 {
ip_set_id_t index;
union {
- u_int32_t flags[IPSET_DIM_MAX + 1];
+ __u32 flags[IPSET_DIM_MAX + 1];
struct {
- u_int32_t __flags[IPSET_DIM_MAX];
- u_int8_t dim;
- u_int8_t flags;
+ __u32 __flags[IPSET_DIM_MAX];
+ __u8 dim;
+ __u8 flags;
} compat;
} u;
};
@@ -89,12 +35,12 @@ struct xt_set_info_target_v0 {
struct xt_set_info_v0 del_set;
};
-/* Revision 1 match and target */
+/* Revision 1 match and target */
struct xt_set_info {
ip_set_id_t index;
- u_int8_t dim;
- u_int8_t flags;
+ __u8 dim;
+ __u8 flags;
};
/* match and target infos */
@@ -109,16 +55,11 @@ struct xt_set_info_target_v1 {
/* Revision 2 target */
-enum ipset_cmd_flags {
- IPSET_FLAG_BIT_EXIST = 0,
- IPSET_FLAG_EXIST = (1 << IPSET_FLAG_BIT_EXIST),
-};
-
struct xt_set_info_target_v2 {
struct xt_set_info add_set;
struct xt_set_info del_set;
- u_int32_t flags;
- u_int32_t timeout;
+ __u32 flags;
+ __u32 timeout;
};
#endif /*_XT_SET_H*/