diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/internal/object.h | 14 | ||||
-rw-r--r-- | include/internal/stack.h | 11 |
2 files changed, 21 insertions, 4 deletions
diff --git a/include/internal/object.h b/include/internal/object.h index 8213f4a..53f942d 100644 --- a/include/internal/object.h +++ b/include/internal/object.h @@ -171,9 +171,13 @@ struct nfct_filter { enum nfct_filter_logic logic[NFCT_FILTER_MAX]; /* - * This the layer 4 protocol map for filtering. + * This the layer 4 protocol map for filtering. Not more than + * 255 protocols (maximum is IPPROTO_MAX which is 256). Actually, + * I doubt that anyone can reach such a limit. */ +#define __FILTER_L4PROTO_MAX 255 u_int32_t l4proto_map[IPPROTO_MAX/32]; + u_int32_t l4proto_len; struct { /* @@ -183,19 +187,21 @@ struct nfct_filter { */ #define __FILTER_PROTO_MAX 16 u_int16_t map; + u_int16_t len; } l4proto_state[IPPROTO_MAX]; #define __FILTER_ADDR_SRC 0 #define __FILTER_ADDR_DST 1 /* - * FIXME: For IPv4 filtering, up to 256 IPs or masks by now. + * FIXME: For IPv4 filtering, up to 127 IPs by now. * This limitation is related to the existing autogenerated BSF code - * and the fact that the maximum jump offset if 2^8 = 256. + * (two BSF lines per comparison) and the fact that the maximum + * jump offset is 0xff which is 255. */ u_int32_t l3proto_elems[2]; struct { -#define __FILTER_ADDR_MAX 256 +#define __FILTER_ADDR_MAX 127 u_int32_t addr; u_int32_t mask; } l3proto[2][__FILTER_ADDR_MAX]; diff --git a/include/internal/stack.h b/include/internal/stack.h new file mode 100644 index 0000000..f57bd15 --- /dev/null +++ b/include/internal/stack.h @@ -0,0 +1,11 @@ +#ifndef _STACK_H_ +#define _STACK_H_ + +struct stack; + +struct stack *stack_create(size_t elem_size, int max_elems); +void stack_destroy(struct stack *s); +int stack_push(struct stack *s, void *data); +int stack_pop(struct stack *s, void *data); + +#endif |