summaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorLaszlo Attila Toth <panther@balabit.hu>2008-06-06 14:17:53 +0200
committerPatrick McHardy <kaber@trash.net>2008-06-06 14:17:53 +0200
commit4dfd25a405199c03fc694b9a43efdae6a91d8ae8 (patch)
tree69159dd97395ccc6dd127525dc46f70779b9b208 /include/linux
parente2562c8207dcb730ef2406faccf1d55ec42994f6 (diff)
addrtype match: added revision 1
In revision 1 address type checking can be limited to either the incoming or outgoing interface depending on the current chain. In the FORWARD chain only one of them is allowed at the same time. Signed-off-by: Laszlo Attila Toth <panther@balabit.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/netfilter_ipv4/ipt_addrtype.h14
1 files changed, 14 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv4/ipt_addrtype.h b/include/linux/netfilter_ipv4/ipt_addrtype.h
index 166ed01a..446de6ae 100644
--- a/include/linux/netfilter_ipv4/ipt_addrtype.h
+++ b/include/linux/netfilter_ipv4/ipt_addrtype.h
@@ -1,6 +1,20 @@
#ifndef _IPT_ADDRTYPE_H
#define _IPT_ADDRTYPE_H
+enum {
+ IPT_ADDRTYPE_INVERT_SOURCE = 0x0001,
+ IPT_ADDRTYPE_INVERT_DEST = 0x0002,
+ IPT_ADDRTYPE_LIMIT_IFACE_IN = 0x0004,
+ IPT_ADDRTYPE_LIMIT_IFACE_OUT = 0x0008,
+};
+
+struct ipt_addrtype_info_v1 {
+ u_int16_t source; /* source-type mask */
+ u_int16_t dest; /* dest-type mask */
+ u_int32_t flags;
+};
+
+/* revision 0 */
struct ipt_addrtype_info {
u_int16_t source; /* source-type mask */
u_int16_t dest; /* dest-type mask */