diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-09 15:02:02 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-11-24 11:35:33 +0100 |
| commit | da871de2a6efb576b6378a66222c0871f4282e96 (patch) | |
| tree | a700e6ff93143a9a4a863e0e1cf2df8fc2cc5d41 /iptables/xtables-ebtables.h | |
| parent | d87b76cfc3b1c003fec75b8a4ea639aa444014f3 (diff) | |
nft: bootstrap ebtables-compat
This patch bootstraps ebtables-compat, the ebtables compatibility
software upon nf_tables.
[ Original patches:
http://patchwork.ozlabs.org/patch/395544/
http://patchwork.ozlabs.org/patch/395545/
http://patchwork.ozlabs.org/patch/395546/
I have also forward port them on top of the current git HEAD, otherwise
compilation breaks.
This bootstrap is experimental, this still needs more work. --Pablo ]
Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables-ebtables.h')
| -rw-r--r-- | iptables/xtables-ebtables.h | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/iptables/xtables-ebtables.h b/iptables/xtables-ebtables.h new file mode 100644 index 00000000..1e479b1b --- /dev/null +++ b/iptables/xtables-ebtables.h @@ -0,0 +1,49 @@ +#ifndef _XTABLES_EBTABLES_H_ +#define _XTABLES_EBTABLES_H_ + +#include <netinet/in.h> +#include <linux/netfilter_bridge/ebtables.h> +#include <linux/netfilter/x_tables.h> + +/* We use replace->flags, so we can't use the following values: + * 0x01 == OPT_COMMAND, 0x02 == OPT_TABLE, 0x100 == OPT_ZERO */ +#define LIST_N 0x04 +#define LIST_C 0x08 +#define LIST_X 0x10 +#define LIST_MAC2 0x20 + +/* Be backwards compatible, so don't use '+' in kernel */ +#define IF_WILDCARD 1 + +extern unsigned char eb_mac_type_unicast[ETH_ALEN]; +extern unsigned char eb_msk_type_unicast[ETH_ALEN]; +extern unsigned char eb_mac_type_multicast[ETH_ALEN]; +extern unsigned char eb_msk_type_multicast[ETH_ALEN]; +extern unsigned char eb_mac_type_broadcast[ETH_ALEN]; +extern unsigned char eb_msk_type_broadcast[ETH_ALEN]; +extern unsigned char eb_mac_type_bridge_group[ETH_ALEN]; +extern unsigned char eb_msk_type_bridge_group[ETH_ALEN]; + +int ebt_get_mac_and_mask(const char *from, unsigned char *to, unsigned char *mask); + +struct xtables_ebt_entry { + unsigned int bitmask; + unsigned int invflags; + unsigned int flags; + uint16_t ethproto; + char in[IFNAMSIZ]; + char logical_in[IFNAMSIZ]; + unsigned char in_mask[IFNAMSIZ]; + char out[IFNAMSIZ]; + char logical_out[IFNAMSIZ]; + unsigned char out_mask[IFNAMSIZ]; + unsigned char sourcemac[ETH_ALEN]; + unsigned char sourcemsk[ETH_ALEN]; + unsigned char destmac[ETH_ALEN]; + unsigned char destmsk[ETH_ALEN]; + struct xtables_rule_match *matches; + struct xtables_target *target; + struct xt_counters counters; + const char *jumpto; +}; +#endif |