From edf14cf4b5edb148d7473f067d95e7bd1316900b Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@linuxcare.com.au>
Date: Wed, 19 Apr 2000 11:26:44 +0000
Subject: Changes to allow matching (for delete) on part of a rule, for rules
 which change in the kernel (eg. ipt_limit).

---
 include/iptables.h        | 6 ++++++
 include/libiptc/libiptc.h | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/iptables.h b/include/iptables.h
index 9b1a4a16..1ddd8712 100644
--- a/include/iptables.h
+++ b/include/iptables.h
@@ -15,6 +15,9 @@ struct iptables_match
 	/* Size of match data. */
 	size_t size;
 
+	/* Size of match data relevent for userspace comparison purposes */
+	size_t userspacesize;
+
 	/* Function which prints out usage message. */
 	void (*help)(void);
 
@@ -59,6 +62,9 @@ struct iptables_target
 	/* Size of target data. */
 	size_t size;
 
+	/* Size of target data relevent for userspace comparison purposes */
+	size_t userspacesize;
+
 	/* Function which prints out usage message. */
 	void (*help)(void);
 
diff --git a/include/libiptc/libiptc.h b/include/libiptc/libiptc.h
index 4a964e03..0a491071 100644
--- a/include/libiptc/libiptc.h
+++ b/include/libiptc/libiptc.h
@@ -73,9 +73,11 @@ int iptc_append_entry(const ipt_chainlabel chain,
 		      const struct ipt_entry *e,
 		      iptc_handle_t *handle);
 
-/* Delete the first rule in `chain' which matches `e'. */
+/* Delete the first rule in `chain' which matches `e', subject to
+   matchmask (array of length == origfw) */
 int iptc_delete_entry(const ipt_chainlabel chain,
 		      const struct ipt_entry *origfw,
+		      unsigned char *matchmask,
 		      iptc_handle_t *handle);
 
 /* Delete the rule in position `rulenum' in `chain'. */
-- 
cgit v1.2.3