#ifndef _X_TABLES_H #define _X_TABLES_H #define XT_FUNCTION_MAXNAMELEN 30 #define XT_TABLE_MAXNAMELEN 32 struct xt_entry_match { union { struct { u_int16_t match_size; /* Used by userspace */ char name[XT_FUNCTION_MAXNAMELEN-1]; u_int8_t revision; } user; struct { u_int16_t match_size; /* Used inside the kernel */ struct xt_match *match; } kernel; /* Total length */ u_int16_t match_size; } u; unsigned char data[0]; }; struct xt_entry_target { union { struct { u_int16_t target_size; /* Used by userspace */ char name[XT_FUNCTION_MAXNAMELEN-1]; u_int8_t revision; } user; struct { u_int16_t target_size; /* Used inside the kernel */ struct xt_target *target; } kernel; /* Total length */ u_int16_t target_size; } u; unsigned char data[0]; }; #define XT_TARGET_INIT(__name, __size) \ { \ .target.u.user = { \ .target_size = XT_ALIGN(__size), \ .name = __name, \ }, \ } struct xt_standard_target { struct xt_entry_target target; int verdict; }; /* The argument to IPT_SO_GET_REVISION_*. Returns highest revision * kernel supports, if >= revision. */ struct xt_get_revision { char name[XT_FUNCTION_MAXNAMELEN-1]; u_int8_t revision; }; /* CONTINUE verdict for targets */ #define XT_CONTINUE 0xFFFFFFFF /* For standard target */ #define XT_RETURN (-NF_REPEAT - 1) /* this is a dummy structure to find out the alignment requirement for a struct * containing all the fundamental data types that are used in ipt_entry, * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my * personal pleasure to remove it -HW */ struct _xt_align { u_int8_t u8; u_int16_t u16; u_int32_t u32; u_int64_t u64; }; #define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ & ~(__alignof__(struct _xt_align)-1)) /* Standard return verdict, or do jump. */ #define XT_STANDARD_TARGET "" /* Error verdict. */ #define XT_ERROR_TARGET "ERROR" #define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) #define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) struct xt_counters { u_int64_t pcnt, bcnt; /* Packet and byte counters */ }; /* The argument to IPT_SO_ADD_COUNTERS. */ struct xt_counters_info { /* Which table. */ char name[XT_TABLE_MAXNAMELEN]; unsigned int num_counters; /* The counters (actually `number' of these). */ struct xt_counters counters[0]; }; #define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ /* fn returns 0 to continue iteration */ #define XT_MATCH_ITERATE(type, e, fn, args...) \ ({ \ unsigned int __i; \ int __ret = 0; \ struct xt_entry_match *__m; \ \ for (__i = sizeof(type); \ __i < (e)->target_offset; \ __i += __m->u.match_size) { \ __m = (void *)e + __i; \ \ __ret = fn(__m , ## args); \ if (__ret != 0) \ break; \ } \ __ret; \ }) /* fn returns 0 to continue iteration */ #define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ ({ \ unsigned int __i, __n; \ int __ret = 0; \ type *__entry; \ \ for (__i = 0, __n = 0; __i < (size); \ __i += __entry->next_offset, __n++) { \ __entry = (void *)(entries) + __i; \ if (__n < n) \ continue; \ \ __ret = fn(__entry , ## args); \ if (__ret != 0) \ break; \ } \ __ret; \ }) /* fn returns 0 to continue iteration */ #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) #endif /* _X_TABLES_H */