27
27
#define ipt_target xt_target
28
28
#define ipt_table xt_table
29
29
#define ipt_get_revision xt_get_revision
30
#define ipt_entry_match xt_entry_match
31
#define ipt_entry_target xt_entry_target
32
#define ipt_standard_target xt_standard_target
33
#define ipt_error_target xt_error_target
34
#define ipt_counters xt_counters
35
#define IPT_CONTINUE XT_CONTINUE
36
#define IPT_RETURN XT_RETURN
38
/* This group is older than old (iptables < v1.4.0-rc1~89) */
39
#include <linux/netfilter/xt_tcpudp.h>
40
#define ipt_udp xt_udp
41
#define ipt_tcp xt_tcp
42
#define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT
43
#define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT
44
#define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS
45
#define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION
46
#define IPT_TCP_INV_MASK XT_TCP_INV_MASK
47
#define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT
48
#define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT
49
#define IPT_UDP_INV_MASK XT_UDP_INV_MASK
51
/* The argument to IPT_SO_ADD_COUNTERS. */
52
#define ipt_counters_info xt_counters_info
53
/* Standard return verdict, or do jump. */
54
#define IPT_STANDARD_TARGET XT_STANDARD_TARGET
56
#define IPT_ERROR_TARGET XT_ERROR_TARGET
58
/* fn returns 0 to continue iteration */
59
#define IPT_MATCH_ITERATE(e, fn, args...) \
60
XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args)
62
/* fn returns 0 to continue iteration */
63
#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \
64
XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args)
31
66
/* Yes, Virginia, you have to zero the padding. */
49
#define ipt_entry_match xt_entry_match
50
#define ipt_entry_target xt_entry_target
51
#define ipt_standard_target xt_standard_target
53
#define ipt_counters xt_counters
55
84
/* Values for "flag" field in struct ipt_ip (general ip structure). */
56
85
#define IPT_F_FRAG 0x01 /* Set if rule is a fragment rule */
57
86
#define IPT_F_GOTO 0x02 /* Set if jump is a goto */
110
139
#define IPT_SO_GET_REVISION_TARGET (IPT_BASE_CTL + 3)
111
140
#define IPT_SO_GET_MAX IPT_SO_GET_REVISION_TARGET
113
#define IPT_CONTINUE XT_CONTINUE
114
#define IPT_RETURN XT_RETURN
116
#include <linux/netfilter/xt_tcpudp.h>
117
#define ipt_udp xt_udp
118
#define ipt_tcp xt_tcp
120
#define IPT_TCP_INV_SRCPT XT_TCP_INV_SRCPT
121
#define IPT_TCP_INV_DSTPT XT_TCP_INV_DSTPT
122
#define IPT_TCP_INV_FLAGS XT_TCP_INV_FLAGS
123
#define IPT_TCP_INV_OPTION XT_TCP_INV_OPTION
124
#define IPT_TCP_INV_MASK XT_TCP_INV_MASK
126
#define IPT_UDP_INV_SRCPT XT_UDP_INV_SRCPT
127
#define IPT_UDP_INV_DSTPT XT_UDP_INV_DSTPT
128
#define IPT_UDP_INV_MASK XT_UDP_INV_MASK
130
142
/* ICMP matching stuff */
131
143
struct ipt_icmp {
132
144
u_int8_t type; /* type to match */
140
152
/* The argument to IPT_SO_GET_INFO */
141
153
struct ipt_getinfo {
142
154
/* Which table: caller fills this in. */
143
char name[IPT_TABLE_MAXNAMELEN];
155
char name[XT_TABLE_MAXNAMELEN];
145
157
/* Kernel fills these in. */
146
158
/* Which hook entry points are valid: bitmask */
190
202
struct ipt_entry entries[0];
193
/* The argument to IPT_SO_ADD_COUNTERS. */
194
#define ipt_counters_info xt_counters_info
196
205
/* The argument to IPT_SO_GET_ENTRIES. */
197
206
struct ipt_get_entries {
198
207
/* Which table: user fills this in. */
199
char name[IPT_TABLE_MAXNAMELEN];
208
char name[XT_TABLE_MAXNAMELEN];
201
210
/* User fills this in: total entry size. */
202
211
unsigned int size;
205
214
struct ipt_entry entrytable[0];
208
/* Standard return verdict, or do jump. */
209
#define IPT_STANDARD_TARGET XT_STANDARD_TARGET
211
#define IPT_ERROR_TARGET XT_ERROR_TARGET
213
217
/* Helper functions */
214
static __inline__ struct ipt_entry_target *
218
static __inline__ struct xt_entry_target *
215
219
ipt_get_target(struct ipt_entry *e)
217
221
return (void *)e + e->target_offset;
220
/* fn returns 0 to continue iteration */
221
#define IPT_MATCH_ITERATE(e, fn, args...) \
222
XT_MATCH_ITERATE(struct ipt_entry, e, fn, ## args)
224
/* fn returns 0 to continue iteration */
225
#define IPT_ENTRY_ITERATE(entries, size, fn, args...) \
226
XT_ENTRY_ITERATE(struct ipt_entry, entries, size, fn, ## args)
229
225
* Main firewall chains definitions and global var's definitions.