summaryrefslogtreecommitdiffstats
path: root/include/xtables.h.in
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2011-05-11 13:43:44 +0200
committerPatrick McHardy <kaber@trash.net>2011-05-11 13:43:44 +0200
commit8075493a00e06857147263574333df4073ea671b (patch)
tree6d8b7e0d6179282f0e4037a52c1f834c835780ea /include/xtables.h.in
parent77b6230adfe51836ad5b31b41638b43e9b0062e2 (diff)
parent73425492d4c57d34a616d948666ac75ecc612eed (diff)
Merge branch 'opts' of git://dev.medozas.de/iptables
Diffstat (limited to 'include/xtables.h.in')
-rw-r--r--include/xtables.h.in28
1 files changed, 24 insertions, 4 deletions
diff --git a/include/xtables.h.in b/include/xtables.h.in
index eb088b6b..00be61cf 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -46,6 +46,12 @@ struct in_addr;
#define XTOPT_TABLEEND {.name = NULL}
/**
+ * Select the format the input has to conform to, as well as the target type
+ * (area pointed to with XTOPT_POINTER). Note that the storing is not always
+ * uniform. @cb->val will be populated with as much as there is space, i.e.
+ * exactly 2 items for ranges, but the target area can receive more values
+ * (e.g. in case of ranges), or less values (e.g. %XTTYPE_HOSTMASK).
+ *
* %XTTYPE_NONE: option takes no argument
* %XTTYPE_UINT*: standard integer
* %XTTYPE_UINT*RC: colon-separated range of standard integers
@@ -54,11 +60,16 @@ struct in_addr;
* %XTTYPE_TOSMASK: 8-bit TOS value with optional mask
* %XTTYPE_MARKMASK32: 32-bit mark with optional mask
* %XTTYPE_SYSLOGLEVEL: syslog level by name or number
- * %XTTYPE_ONEHOST: one host or address (union nf_inet_addr)
+ * %XTTYPE_HOST: one host or address (ptr: union nf_inet_addr)
+ * %XTTYPE_HOSTMASK: one host or address, with an optional prefix length
+ * (ptr: union nf_inet_addr; only host portion is stored)
+ * %XTTYPE_PROTOCOL: protocol number/name from /etc/protocols (ptr: uint8_t)
* %XTTYPE_PORT: 16-bit port name or number
* %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian
* %XTTYPE_PORTRC: colon-separated port range (names acceptable)
* %XTTYPE_PORTRC_NE: same as %XTTYPE_PORTRC, stored in network-endian
+ * %XTTYPE_PLEN: prefix length
+ * %XTTYPE_PLENMASK: prefix length (ptr: union nf_inet_addr)
*/
enum xt_option_type {
XTTYPE_NONE,
@@ -75,11 +86,15 @@ enum xt_option_type {
XTTYPE_TOSMASK,
XTTYPE_MARKMASK32,
XTTYPE_SYSLOGLEVEL,
- XTTYPE_ONEHOST,
+ XTTYPE_HOST,
+ XTTYPE_HOSTMASK,
+ XTTYPE_PROTOCOL,
XTTYPE_PORT,
XTTYPE_PORT_NE,
XTTYPE_PORTRC,
XTTYPE_PORTRC_NE,
+ XTTYPE_PLEN,
+ XTTYPE_PLENMASK,
};
/**
@@ -134,12 +149,15 @@ struct xt_option_call {
bool invert;
uint8_t nvals;
union {
- uint8_t u8, u8_range[2], syslog_level;
+ uint8_t u8, u8_range[2], syslog_level, protocol;
uint16_t u16, u16_range[2], port, port_range[2];
uint32_t u32, u32_range[2];
uint64_t u64, u64_range[2];
double dbl;
- union nf_inet_addr inetaddr;
+ struct {
+ union nf_inet_addr haddr, hmask;
+ uint8_t hlen;
+ };
struct {
uint8_t tos_value, tos_mask;
};
@@ -147,10 +165,12 @@ struct xt_option_call {
uint32_t mark, mask;
};
} val;
+ /* Wished for a world where the ones below were gone: */
union {
struct xt_entry_match **match;
struct xt_entry_target **target;
};
+ void *xt_entry;
};
/**