summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter_ipv6
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2008-02-11 01:23:01 +0100
committerPatrick McHardy <kaber@trash.net>2008-04-14 08:49:38 +0200
commitca7cd666949b68bf41a32de38ee38e332e89863b (patch)
treeed71bef42050e949bf38c443d1cfb1e175100197 /include/linux/netfilter_ipv6
parent8d458beec463e0b16467ee4649d4575377854fd7 (diff)
Add all necessary header files - compilation fix for various cases
Allow iptables to compile without a kernel source tree. This implies fixing build for older kernels, such as 2.6.17 which lack xt_SECMARK.h.
Diffstat (limited to 'include/linux/netfilter_ipv6')
-rw-r--r--include/linux/netfilter_ipv6/ip6_tables.h46
-rw-r--r--include/linux/netfilter_ipv6/ip6t_LOG.h18
2 files changed, 27 insertions, 37 deletions
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
index 36e33010..68b22fc3 100644
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -208,10 +208,10 @@ struct ip6t_getinfo
unsigned int valid_hooks;
/* Hook entry points: one per netfilter hook. */
- unsigned int hook_entry[NF_IP6_NUMHOOKS];
+ unsigned int hook_entry[NF_INET_NUMHOOKS];
/* Underflow points. */
- unsigned int underflow[NF_IP6_NUMHOOKS];
+ unsigned int underflow[NF_INET_NUMHOOKS];
/* Number of entries */
unsigned int num_entries;
@@ -237,16 +237,16 @@ struct ip6t_replace
unsigned int size;
/* Hook entry points. */
- unsigned int hook_entry[NF_IP6_NUMHOOKS];
+ unsigned int hook_entry[NF_INET_NUMHOOKS];
/* Underflow points. */
- unsigned int underflow[NF_IP6_NUMHOOKS];
+ unsigned int underflow[NF_INET_NUMHOOKS];
/* Information about old entries: */
/* Number of counters (must be equal to current number of entries). */
unsigned int num_counters;
/* The old entries' counters. */
- struct xt_counters __user *counters;
+ struct xt_counters *counters;
/* The entries (hang off end: not really an array). */
struct ip6t_entry entries[0];
@@ -281,40 +281,12 @@ ip6t_get_target(struct ip6t_entry *e)
}
/* fn returns 0 to continue iteration */
-#define IP6T_MATCH_ITERATE(e, fn, args...) \
-({ \
- unsigned int __i; \
- int __ret = 0; \
- struct ip6t_entry_match *__m; \
- \
- for (__i = sizeof(struct ip6t_entry); \
- __i < (e)->target_offset; \
- __i += __m->u.match_size) { \
- __m = (void *)(e) + __i; \
- \
- __ret = fn(__m , ## args); \
- if (__ret != 0) \
- break; \
- } \
- __ret; \
-})
+#define IP6T_MATCH_ITERATE(e, fn, args...) \
+ XT_MATCH_ITERATE(struct ip6t_entry, e, fn, ## args)
/* fn returns 0 to continue iteration */
-#define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \
-({ \
- unsigned int __i; \
- int __ret = 0; \
- struct ip6t_entry *__e; \
- \
- for (__i = 0; __i < (size); __i += __e->next_offset) { \
- __e = (void *)(entries) + __i; \
- \
- __ret = fn(__e , ## args); \
- if (__ret != 0) \
- break; \
- } \
- __ret; \
-})
+#define IP6T_ENTRY_ITERATE(entries, size, fn, args...) \
+ XT_ENTRY_ITERATE(struct ip6t_entry, entries, size, fn, ## args)
/*
* Main firewall chains definitions and global var's definitions.
diff --git a/include/linux/netfilter_ipv6/ip6t_LOG.h b/include/linux/netfilter_ipv6/ip6t_LOG.h
new file mode 100644
index 00000000..0d0119b0
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_LOG.h
@@ -0,0 +1,18 @@
+#ifndef _IP6T_LOG_H
+#define _IP6T_LOG_H
+
+/* make sure not to change this without changing netfilter.h:NF_LOG_* (!) */
+#define IP6T_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
+#define IP6T_LOG_TCPOPT 0x02 /* Log TCP options */
+#define IP6T_LOG_IPOPT 0x04 /* Log IP options */
+#define IP6T_LOG_UID 0x08 /* Log UID owning local socket */
+#define IP6T_LOG_NFLOG 0x10 /* Unsupported, don't use */
+#define IP6T_LOG_MASK 0x1f
+
+struct ip6t_log_info {
+ unsigned char level;
+ unsigned char logflags;
+ char prefix[30];
+};
+
+#endif /*_IPT_LOG_H*/