summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/internal/object.h14
-rw-r--r--include/internal/stack.h11
2 files changed, 21 insertions, 4 deletions
diff --git a/include/internal/object.h b/include/internal/object.h
index 8213f4a..53f942d 100644
--- a/include/internal/object.h
+++ b/include/internal/object.h
@@ -171,9 +171,13 @@ struct nfct_filter {
enum nfct_filter_logic logic[NFCT_FILTER_MAX];
/*
- * This the layer 4 protocol map for filtering.
+ * This the layer 4 protocol map for filtering. Not more than
+ * 255 protocols (maximum is IPPROTO_MAX which is 256). Actually,
+ * I doubt that anyone can reach such a limit.
*/
+#define __FILTER_L4PROTO_MAX 255
u_int32_t l4proto_map[IPPROTO_MAX/32];
+ u_int32_t l4proto_len;
struct {
/*
@@ -183,19 +187,21 @@ struct nfct_filter {
*/
#define __FILTER_PROTO_MAX 16
u_int16_t map;
+ u_int16_t len;
} l4proto_state[IPPROTO_MAX];
#define __FILTER_ADDR_SRC 0
#define __FILTER_ADDR_DST 1
/*
- * FIXME: For IPv4 filtering, up to 256 IPs or masks by now.
+ * FIXME: For IPv4 filtering, up to 127 IPs by now.
* This limitation is related to the existing autogenerated BSF code
- * and the fact that the maximum jump offset if 2^8 = 256.
+ * (two BSF lines per comparison) and the fact that the maximum
+ * jump offset is 0xff which is 255.
*/
u_int32_t l3proto_elems[2];
struct {
-#define __FILTER_ADDR_MAX 256
+#define __FILTER_ADDR_MAX 127
u_int32_t addr;
u_int32_t mask;
} l3proto[2][__FILTER_ADDR_MAX];
diff --git a/include/internal/stack.h b/include/internal/stack.h
new file mode 100644
index 0000000..f57bd15
--- /dev/null
+++ b/include/internal/stack.h
@@ -0,0 +1,11 @@
+#ifndef _STACK_H_
+#define _STACK_H_
+
+struct stack;
+
+struct stack *stack_create(size_t elem_size, int max_elems);
+void stack_destroy(struct stack *s);
+int stack_push(struct stack *s, void *data);
+int stack_pop(struct stack *s, void *data);
+
+#endif