summaryrefslogtreecommitdiffstats
path: root/include/linux
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2008-01-29 14:34:27 +0000
committerPatrick McHardy <kaber@trash.net>2008-01-29 14:34:27 +0000
commitf2565b7a45c51d318706ffd0e372ba4e23cd2d32 (patch)
tree8d3bf0a0ab6303e9fbcdd1ab034258fb499f7426 /include/linux
parent9ee386a1b6d7704b259460152c959ab0e79e02aa (diff)
Add netfilter.h
Diffstat (limited to 'include/linux')
-rw-r--r--include/linux/netfilter.h48
1 files changed, 48 insertions, 0 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
new file mode 100644
index 00000000..0d1ba115
--- /dev/null
+++ b/include/linux/netfilter.h
@@ -0,0 +1,48 @@
+#ifndef __LINUX_NETFILTER_H
+#define __LINUX_NETFILTER_H
+
+#include <linux/compiler.h>
+
+/* Responses from hook functions. */
+#define NF_DROP 0
+#define NF_ACCEPT 1
+#define NF_STOLEN 2
+#define NF_QUEUE 3
+#define NF_REPEAT 4
+#define NF_STOP 5
+#define NF_MAX_VERDICT NF_STOP
+
+/* we overload the higher bits for encoding auxiliary data such as the queue
+ * number. Not nice, but better than additional function arguments. */
+#define NF_VERDICT_MASK 0x0000ffff
+#define NF_VERDICT_BITS 16
+
+#define NF_VERDICT_QMASK 0xffff0000
+#define NF_VERDICT_QBITS 16
+
+#define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE)
+
+/* only for userspace compatibility */
+/* Generic cache responses from hook functions.
+ <= 0x2000 is used for protocol-flags. */
+#define NFC_UNKNOWN 0x4000
+#define NFC_ALTERED 0x8000
+
+enum nf_inet_hooks {
+ NF_INET_PRE_ROUTING,
+ NF_INET_LOCAL_IN,
+ NF_INET_FORWARD,
+ NF_INET_LOCAL_OUT,
+ NF_INET_POST_ROUTING,
+ NF_INET_NUMHOOKS
+};
+
+union nf_inet_addr {
+ u_int32_t all[4];
+ __be32 ip;
+ __be32 ip6[4];
+ struct in_addr in;
+ struct in6_addr in6;
+};
+
+#endif /*__LINUX_NETFILTER_H*/