aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArnd Bergmann <arnd@arndb.de>2009-02-25 18:51:43 -0500
committerIngo Molnar <mingo@elte.hu>2009-03-26 13:14:20 -0400
commit60c195c729532815c5209c81442fa0eb26ace706 (patch)
treec332ac9cc9f3e96dbe477f6f6fa3ce07f6f0fc47
parent1d7f83d5ad6c30b385ba549c1c3a287cc872b7ae (diff)
make netfilter use strict integer types
Netfilter traditionally uses BSD integer types in its interface headers. This changes it to use the Linux strict integer types, like everyone else. Cc: netfilter-devel@vger.kernel.org Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
-rw-r--r--include/linux/netfilter/nf_conntrack_tcp.h6
-rw-r--r--include/linux/netfilter/nfnetlink.h4
-rw-r--r--include/linux/netfilter/nfnetlink_compat.h7
-rw-r--r--include/linux/netfilter/nfnetlink_log.h32
-rw-r--r--include/linux/netfilter/nfnetlink_queue.h24
-rw-r--r--include/linux/netfilter/x_tables.h30
-rw-r--r--include/linux/netfilter/xt_CLASSIFY.h4
-rw-r--r--include/linux/netfilter/xt_CONNMARK.h8
-rw-r--r--include/linux/netfilter/xt_CONNSECMARK.h4
-rw-r--r--include/linux/netfilter/xt_DSCP.h7
-rw-r--r--include/linux/netfilter/xt_MARK.h6
-rw-r--r--include/linux/netfilter/xt_NFLOG.h12
-rw-r--r--include/linux/netfilter/xt_NFQUEUE.h4
-rw-r--r--include/linux/netfilter/xt_RATEEST.h6
-rw-r--r--include/linux/netfilter/xt_SECMARK.h6
-rw-r--r--include/linux/netfilter/xt_TCPMSS.h4
-rw-r--r--include/linux/netfilter/xt_connbytes.h6
-rw-r--r--include/linux/netfilter/xt_connmark.h8
-rw-r--r--include/linux/netfilter/xt_conntrack.h12
-rw-r--r--include/linux/netfilter/xt_dccp.h14
-rw-r--r--include/linux/netfilter/xt_dscp.h12
-rw-r--r--include/linux/netfilter/xt_esp.h6
-rw-r--r--include/linux/netfilter/xt_hashlimit.h32
-rw-r--r--include/linux/netfilter/xt_iprange.h4
-rw-r--r--include/linux/netfilter/xt_length.h6
-rw-r--r--include/linux/netfilter/xt_limit.h10
-rw-r--r--include/linux/netfilter/xt_mark.h8
-rw-r--r--include/linux/netfilter/xt_multiport.h18
-rw-r--r--include/linux/netfilter/xt_owner.h8
-rw-r--r--include/linux/netfilter/xt_physdev.h6
-rw-r--r--include/linux/netfilter/xt_policy.h14
-rw-r--r--include/linux/netfilter/xt_rateest.h14
-rw-r--r--include/linux/netfilter/xt_realm.h8
-rw-r--r--include/linux/netfilter/xt_recent.h12
-rw-r--r--include/linux/netfilter/xt_sctp.h36
-rw-r--r--include/linux/netfilter/xt_statistic.h14
-rw-r--r--include/linux/netfilter/xt_string.h12
-rw-r--r--include/linux/netfilter/xt_tcpmss.h6
-rw-r--r--include/linux/netfilter/xt_tcpudp.h20
39 files changed, 260 insertions, 190 deletions
diff --git a/include/linux/netfilter/nf_conntrack_tcp.h b/include/linux/netfilter/nf_conntrack_tcp.h
index a049df4f2236..3066789b972a 100644
--- a/include/linux/netfilter/nf_conntrack_tcp.h
+++ b/include/linux/netfilter/nf_conntrack_tcp.h
@@ -2,6 +2,8 @@
2#define _NF_CONNTRACK_TCP_H 2#define _NF_CONNTRACK_TCP_H
3/* TCP tracking. */ 3/* TCP tracking. */
4 4
5#include <linux/types.h>
6
5/* This is exposed to userspace (ctnetlink) */ 7/* This is exposed to userspace (ctnetlink) */
6enum tcp_conntrack { 8enum tcp_conntrack {
7 TCP_CONNTRACK_NONE, 9 TCP_CONNTRACK_NONE,
@@ -34,8 +36,8 @@ enum tcp_conntrack {
34#define IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED 0x10 36#define IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED 0x10
35 37
36struct nf_ct_tcp_flags { 38struct nf_ct_tcp_flags {
37 u_int8_t flags; 39 __u8 flags;
38 u_int8_t mask; 40 __u8 mask;
39}; 41};
40 42
41#ifdef __KERNEL__ 43#ifdef __KERNEL__
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 7d8e0455ccac..e53546cfa353 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -25,8 +25,8 @@ enum nfnetlink_groups {
25/* General form of address family dependent message. 25/* General form of address family dependent message.
26 */ 26 */
27struct nfgenmsg { 27struct nfgenmsg {
28 u_int8_t nfgen_family; /* AF_xxx */ 28 __u8 nfgen_family; /* AF_xxx */
29 u_int8_t version; /* nfnetlink version */ 29 __u8 version; /* nfnetlink version */
30 __be16 res_id; /* resource id */ 30 __be16 res_id; /* resource id */
31}; 31};
32 32
diff --git a/include/linux/netfilter/nfnetlink_compat.h b/include/linux/netfilter/nfnetlink_compat.h
index e1451760c9cd..eda55cabceec 100644
--- a/include/linux/netfilter/nfnetlink_compat.h
+++ b/include/linux/netfilter/nfnetlink_compat.h
@@ -1,5 +1,8 @@
1#ifndef _NFNETLINK_COMPAT_H 1#ifndef _NFNETLINK_COMPAT_H
2#define _NFNETLINK_COMPAT_H 2#define _NFNETLINK_COMPAT_H
3
4#include <linux/types.h>
5
3#ifndef __KERNEL__ 6#ifndef __KERNEL__
4/* Old nfnetlink macros for userspace */ 7/* Old nfnetlink macros for userspace */
5 8
@@ -20,8 +23,8 @@
20 23
21struct nfattr 24struct nfattr
22{ 25{
23 u_int16_t nfa_len; 26 __u16 nfa_len;
24 u_int16_t nfa_type; /* we use 15 bits for the type, and the highest 27 __u16 nfa_type; /* we use 15 bits for the type, and the highest
25 * bit to indicate whether the payload is nested */ 28 * bit to indicate whether the payload is nested */
26}; 29};
27 30
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h
index f661731f3cb1..d3bab7a2c9b7 100644
--- a/include/linux/netfilter/nfnetlink_log.h
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -17,14 +17,14 @@ enum nfulnl_msg_types {
17 17
18struct nfulnl_msg_packet_hdr { 18struct nfulnl_msg_packet_hdr {
19 __be16 hw_protocol; /* hw protocol (network order) */ 19 __be16 hw_protocol; /* hw protocol (network order) */
20 u_int8_t hook; /* netfilter hook */ 20 __u8 hook; /* netfilter hook */
21 u_int8_t _pad; 21 __u8 _pad;
22}; 22};
23 23
24struct nfulnl_msg_packet_hw { 24struct nfulnl_msg_packet_hw {
25 __be16 hw_addrlen; 25 __be16 hw_addrlen;
26 u_int16_t _pad; 26 __u16 _pad;
27 u_int8_t hw_addr[8]; 27 __u8 hw_addr[8];
28}; 28};
29 29
30struct nfulnl_msg_packet_timestamp { 30struct nfulnl_msg_packet_timestamp {
@@ -35,12 +35,12 @@ struct nfulnl_msg_packet_timestamp {
35enum nfulnl_attr_type { 35enum nfulnl_attr_type {
36 NFULA_UNSPEC, 36 NFULA_UNSPEC,
37 NFULA_PACKET_HDR, 37 NFULA_PACKET_HDR,
38 NFULA_MARK, /* u_int32_t nfmark */ 38 NFULA_MARK, /* __u32 nfmark */
39 NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */ 39 NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */
40 NFULA_IFINDEX_INDEV, /* u_int32_t ifindex */ 40 NFULA_IFINDEX_INDEV, /* __u32 ifindex */
41 NFULA_IFINDEX_OUTDEV, /* u_int32_t ifindex */ 41 NFULA_IFINDEX_OUTDEV, /* __u32 ifindex */
42 NFULA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */ 42 NFULA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
43 NFULA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */ 43 NFULA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
44 NFULA_HWADDR, /* nfulnl_msg_packet_hw */ 44 NFULA_HWADDR, /* nfulnl_msg_packet_hw */
45 NFULA_PAYLOAD, /* opaque data payload */ 45 NFULA_PAYLOAD, /* opaque data payload */
46 NFULA_PREFIX, /* string prefix */ 46 NFULA_PREFIX, /* string prefix */
@@ -65,23 +65,23 @@ enum nfulnl_msg_config_cmds {
65}; 65};
66 66
67struct nfulnl_msg_config_cmd { 67struct nfulnl_msg_config_cmd {
68 u_int8_t command; /* nfulnl_msg_config_cmds */ 68 __u8 command; /* nfulnl_msg_config_cmds */
69} __attribute__ ((packed)); 69} __attribute__ ((packed));
70 70
71struct nfulnl_msg_config_mode { 71struct nfulnl_msg_config_mode {
72 __be32 copy_range; 72 __be32 copy_range;
73 u_int8_t copy_mode; 73 __u8 copy_mode;
74 u_int8_t _pad; 74 __u8 _pad;
75} __attribute__ ((packed)); 75} __attribute__ ((packed));
76 76
77enum nfulnl_attr_config { 77enum nfulnl_attr_config {
78 NFULA_CFG_UNSPEC, 78 NFULA_CFG_UNSPEC,
79 NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */ 79 NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */
80 NFULA_CFG_MODE, /* nfulnl_msg_config_mode */ 80 NFULA_CFG_MODE, /* nfulnl_msg_config_mode */
81 NFULA_CFG_NLBUFSIZ, /* u_int32_t buffer size */ 81 NFULA_CFG_NLBUFSIZ, /* __u32 buffer size */
82 NFULA_CFG_TIMEOUT, /* u_int32_t in 1/100 s */ 82 NFULA_CFG_TIMEOUT, /* __u32 in 1/100 s */
83 NFULA_CFG_QTHRESH, /* u_int32_t */ 83 NFULA_CFG_QTHRESH, /* __u32 */
84 NFULA_CFG_FLAGS, /* u_int16_t */ 84 NFULA_CFG_FLAGS, /* __u16 */
85 __NFULA_CFG_MAX 85 __NFULA_CFG_MAX
86}; 86};
87#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1) 87#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)
diff --git a/include/linux/netfilter/nfnetlink_queue.h b/include/linux/netfilter/nfnetlink_queue.h
index 83e789633e35..2455fe5f4e01 100644
--- a/include/linux/netfilter/nfnetlink_queue.h
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -15,13 +15,13 @@ enum nfqnl_msg_types {
15struct nfqnl_msg_packet_hdr { 15struct nfqnl_msg_packet_hdr {
16 __be32 packet_id; /* unique ID of packet in queue */ 16 __be32 packet_id; /* unique ID of packet in queue */
17 __be16 hw_protocol; /* hw protocol (network order) */ 17 __be16 hw_protocol; /* hw protocol (network order) */
18 u_int8_t hook; /* netfilter hook */ 18 __u8 hook; /* netfilter hook */
19} __attribute__ ((packed)); 19} __attribute__ ((packed));
20 20
21struct nfqnl_msg_packet_hw { 21struct nfqnl_msg_packet_hw {
22 __be16 hw_addrlen; 22 __be16 hw_addrlen;
23 u_int16_t _pad; 23 __u16 _pad;
24 u_int8_t hw_addr[8]; 24 __u8 hw_addr[8];
25}; 25};
26 26
27struct nfqnl_msg_packet_timestamp { 27struct nfqnl_msg_packet_timestamp {
@@ -33,12 +33,12 @@ enum nfqnl_attr_type {
33 NFQA_UNSPEC, 33 NFQA_UNSPEC,
34 NFQA_PACKET_HDR, 34 NFQA_PACKET_HDR,
35 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */ 35 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
36 NFQA_MARK, /* u_int32_t nfmark */ 36 NFQA_MARK, /* __u32 nfmark */
37 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */ 37 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
38 NFQA_IFINDEX_INDEV, /* u_int32_t ifindex */ 38 NFQA_IFINDEX_INDEV, /* __u32 ifindex */
39 NFQA_IFINDEX_OUTDEV, /* u_int32_t ifindex */ 39 NFQA_IFINDEX_OUTDEV, /* __u32 ifindex */
40 NFQA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */ 40 NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
41 NFQA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */ 41 NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
42 NFQA_HWADDR, /* nfqnl_msg_packet_hw */ 42 NFQA_HWADDR, /* nfqnl_msg_packet_hw */
43 NFQA_PAYLOAD, /* opaque data payload */ 43 NFQA_PAYLOAD, /* opaque data payload */
44 44
@@ -61,8 +61,8 @@ enum nfqnl_msg_config_cmds {
61}; 61};
62 62
63struct nfqnl_msg_config_cmd { 63struct nfqnl_msg_config_cmd {
64 u_int8_t command; /* nfqnl_msg_config_cmds */ 64 __u8 command; /* nfqnl_msg_config_cmds */
65 u_int8_t _pad; 65 __u8 _pad;
66 __be16 pf; /* AF_xxx for PF_[UN]BIND */ 66 __be16 pf; /* AF_xxx for PF_[UN]BIND */
67}; 67};
68 68
@@ -74,7 +74,7 @@ enum nfqnl_config_mode {
74 74
75struct nfqnl_msg_config_params { 75struct nfqnl_msg_config_params {
76 __be32 copy_range; 76 __be32 copy_range;
77 u_int8_t copy_mode; /* enum nfqnl_config_mode */ 77 __u8 copy_mode; /* enum nfqnl_config_mode */
78} __attribute__ ((packed)); 78} __attribute__ ((packed));
79 79
80 80
@@ -82,7 +82,7 @@ enum nfqnl_attr_config {
82 NFQA_CFG_UNSPEC, 82 NFQA_CFG_UNSPEC,
83 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */ 83 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */
84 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */ 84 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */
85 NFQA_CFG_QUEUE_MAXLEN, /* u_int32_t */ 85 NFQA_CFG_QUEUE_MAXLEN, /* __u32 */
86 __NFQA_CFG_MAX 86 __NFQA_CFG_MAX
87}; 87};
88#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1) 88#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1)
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index c7ee8744d26b..33fd9c949d80 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -1,6 +1,8 @@
1#ifndef _X_TABLES_H 1#ifndef _X_TABLES_H
2#define _X_TABLES_H 2#define _X_TABLES_H
3 3
4#include <linux/types.h>
5
4#define XT_FUNCTION_MAXNAMELEN 30 6#define XT_FUNCTION_MAXNAMELEN 30
5#define XT_TABLE_MAXNAMELEN 32 7#define XT_TABLE_MAXNAMELEN 32
6 8
@@ -8,22 +10,22 @@ struct xt_entry_match
8{ 10{
9 union { 11 union {
10 struct { 12 struct {
11 u_int16_t match_size; 13 __u16 match_size;
12 14
13 /* Used by userspace */ 15 /* Used by userspace */
14 char name[XT_FUNCTION_MAXNAMELEN-1]; 16 char name[XT_FUNCTION_MAXNAMELEN-1];
15 17
16 u_int8_t revision; 18 __u8 revision;
17 } user; 19 } user;
18 struct { 20 struct {
19 u_int16_t match_size; 21 __u16 match_size;
20 22
21 /* Used inside the kernel */ 23 /* Used inside the kernel */
22 struct xt_match *match; 24 struct xt_match *match;
23 } kernel; 25 } kernel;
24 26
25 /* Total length */ 27 /* Total length */
26 u_int16_t match_size; 28 __u16 match_size;
27 } u; 29 } u;
28 30
29 unsigned char data[0]; 31 unsigned char data[0];
@@ -33,22 +35,22 @@ struct xt_entry_target
33{ 35{
34 union { 36 union {
35 struct { 37 struct {
36 u_int16_t target_size; 38 __u16 target_size;
37 39
38 /* Used by userspace */ 40 /* Used by userspace */
39 char name[XT_FUNCTION_MAXNAMELEN-1]; 41 char name[XT_FUNCTION_MAXNAMELEN-1];
40 42
41 u_int8_t revision; 43 __u8 revision;
42 } user; 44 } user;
43 struct { 45 struct {
44 u_int16_t target_size; 46 __u16 target_size;
45 47
46 /* Used inside the kernel */ 48 /* Used inside the kernel */
47 struct xt_target *target; 49 struct xt_target *target;
48 } kernel; 50 } kernel;
49 51
50 /* Total length */ 52 /* Total length */
51 u_int16_t target_size; 53 __u16 target_size;
52 } u; 54 } u;
53 55
54 unsigned char data[0]; 56 unsigned char data[0];
@@ -74,7 +76,7 @@ struct xt_get_revision
74{ 76{
75 char name[XT_FUNCTION_MAXNAMELEN-1]; 77 char name[XT_FUNCTION_MAXNAMELEN-1];
76 78
77 u_int8_t revision; 79 __u8 revision;
78}; 80};
79 81
80/* CONTINUE verdict for targets */ 82/* CONTINUE verdict for targets */
@@ -90,10 +92,10 @@ struct xt_get_revision
90 */ 92 */
91struct _xt_align 93struct _xt_align
92{ 94{
93 u_int8_t u8; 95 __u8 u8;
94 u_int16_t u16; 96 __u16 u16;
95 u_int32_t u32; 97 __u32 u32;
96 u_int64_t u64; 98 __u64 u64;
97}; 99};
98 100
99#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 101#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \
@@ -109,7 +111,7 @@ struct _xt_align
109 111
110struct xt_counters 112struct xt_counters
111{ 113{
112 u_int64_t pcnt, bcnt; /* Packet and byte counters */ 114 __u64 pcnt, bcnt; /* Packet and byte counters */
113}; 115};
114 116
115/* The argument to IPT_SO_ADD_COUNTERS. */ 117/* The argument to IPT_SO_ADD_COUNTERS. */
diff --git a/include/linux/netfilter/xt_CLASSIFY.h b/include/linux/netfilter/xt_CLASSIFY.h
index 58111355255d..a813bf14dd63 100644
--- a/include/linux/netfilter/xt_CLASSIFY.h
+++ b/include/linux/netfilter/xt_CLASSIFY.h
@@ -1,8 +1,10 @@
1#ifndef _XT_CLASSIFY_H 1#ifndef _XT_CLASSIFY_H
2#define _XT_CLASSIFY_H 2#define _XT_CLASSIFY_H
3 3
4#include <linux/types.h>
5
4struct xt_classify_target_info { 6struct xt_classify_target_info {
5 u_int32_t priority; 7 __u32 priority;
6}; 8};
7 9
8#endif /*_XT_CLASSIFY_H */ 10#endif /*_XT_CLASSIFY_H */
diff --git a/include/linux/netfilter/xt_CONNMARK.h b/include/linux/netfilter/xt_CONNMARK.h
index 4e58ba43c289..7635c8ffdadb 100644
--- a/include/linux/netfilter/xt_CONNMARK.h
+++ b/include/linux/netfilter/xt_CONNMARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNMARK_H_target 1#ifndef _XT_CONNMARK_H_target
2#define _XT_CONNMARK_H_target 2#define _XT_CONNMARK_H_target
3 3
4#include <linux/types.h>
5
4/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 6/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
5 * by Henrik Nordstrom <hno@marasystems.com> 7 * by Henrik Nordstrom <hno@marasystems.com>
6 * 8 *
@@ -19,12 +21,12 @@ enum {
19struct xt_connmark_target_info { 21struct xt_connmark_target_info {
20 unsigned long mark; 22 unsigned long mark;
21 unsigned long mask; 23 unsigned long mask;
22 u_int8_t mode; 24 __u8 mode;
23}; 25};
24 26
25struct xt_connmark_tginfo1 { 27struct xt_connmark_tginfo1 {
26 u_int32_t ctmark, ctmask, nfmask; 28 __u32 ctmark, ctmask, nfmask;
27 u_int8_t mode; 29 __u8 mode;
28}; 30};
29 31
30#endif /*_XT_CONNMARK_H_target*/ 32#endif /*_XT_CONNMARK_H_target*/
diff --git a/include/linux/netfilter/xt_CONNSECMARK.h b/include/linux/netfilter/xt_CONNSECMARK.h
index c6bd75469ba2..b973ff80fa1e 100644
--- a/include/linux/netfilter/xt_CONNSECMARK.h
+++ b/include/linux/netfilter/xt_CONNSECMARK.h
@@ -1,13 +1,15 @@
1#ifndef _XT_CONNSECMARK_H_target 1#ifndef _XT_CONNSECMARK_H_target
2#define _XT_CONNSECMARK_H_target 2#define _XT_CONNSECMARK_H_target
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 CONNSECMARK_SAVE = 1, 7 CONNSECMARK_SAVE = 1,
6 CONNSECMARK_RESTORE, 8 CONNSECMARK_RESTORE,
7}; 9};
8 10
9struct xt_connsecmark_target_info { 11struct xt_connsecmark_target_info {
10 u_int8_t mode; 12 __u8 mode;
11}; 13};
12 14
13#endif /*_XT_CONNSECMARK_H_target */ 15#endif /*_XT_CONNSECMARK_H_target */
diff --git a/include/linux/netfilter/xt_DSCP.h b/include/linux/netfilter/xt_DSCP.h
index 14da1968e2c6..648e0b3bed29 100644
--- a/include/linux/netfilter/xt_DSCP.h
+++ b/include/linux/netfilter/xt_DSCP.h
@@ -11,15 +11,16 @@
11#ifndef _XT_DSCP_TARGET_H 11#ifndef _XT_DSCP_TARGET_H
12#define _XT_DSCP_TARGET_H 12#define _XT_DSCP_TARGET_H
13#include <linux/netfilter/xt_dscp.h> 13#include <linux/netfilter/xt_dscp.h>
14#include <linux/types.h>
14 15
15/* target info */ 16/* target info */
16struct xt_DSCP_info { 17struct xt_DSCP_info {
17 u_int8_t dscp; 18 __u8 dscp;
18}; 19};
19 20
20struct xt_tos_target_info { 21struct xt_tos_target_info {
21 u_int8_t tos_value; 22 __u8 tos_value;
22 u_int8_t tos_mask; 23 __u8 tos_mask;
23}; 24};
24 25
25#endif /* _XT_DSCP_TARGET_H */ 26#endif /* _XT_DSCP_TARGET_H */
diff --git a/include/linux/netfilter/xt_MARK.h b/include/linux/netfilter/xt_MARK.h
index 778b278fd9f2..028304bcc0b1 100644
--- a/include/linux/netfilter/xt_MARK.h
+++ b/include/linux/netfilter/xt_MARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_MARK_H_target 1#ifndef _XT_MARK_H_target
2#define _XT_MARK_H_target 2#define _XT_MARK_H_target
3 3
4#include <linux/types.h>
5
4/* Version 0 */ 6/* Version 0 */
5struct xt_mark_target_info { 7struct xt_mark_target_info {
6 unsigned long mark; 8 unsigned long mark;
@@ -15,11 +17,11 @@ enum {
15 17
16struct xt_mark_target_info_v1 { 18struct xt_mark_target_info_v1 {
17 unsigned long mark; 19 unsigned long mark;
18 u_int8_t mode; 20 __u8 mode;
19}; 21};
20 22
21struct xt_mark_tginfo2 { 23struct xt_mark_tginfo2 {
22 u_int32_t mark, mask; 24 __u32 mark, mask;
23}; 25};
24 26
25#endif /*_XT_MARK_H_target */ 27#endif /*_XT_MARK_H_target */
diff --git a/include/linux/netfilter/xt_NFLOG.h b/include/linux/netfilter/xt_NFLOG.h
index cdcd0ed58f7a..eaac7b5226e9 100644
--- a/include/linux/netfilter/xt_NFLOG.h
+++ b/include/linux/netfilter/xt_NFLOG.h
@@ -1,17 +1,19 @@
1#ifndef _XT_NFLOG_TARGET 1#ifndef _XT_NFLOG_TARGET
2#define _XT_NFLOG_TARGET 2#define _XT_NFLOG_TARGET
3 3
4#include <linux/types.h>
5
4#define XT_NFLOG_DEFAULT_GROUP 0x1 6#define XT_NFLOG_DEFAULT_GROUP 0x1
5#define XT_NFLOG_DEFAULT_THRESHOLD 1 7#define XT_NFLOG_DEFAULT_THRESHOLD 1
6 8
7#define XT_NFLOG_MASK 0x0 9#define XT_NFLOG_MASK 0x0
8 10
9struct xt_nflog_info { 11struct xt_nflog_info {
10 u_int32_t len; 12 __u32 len;
11 u_int16_t group; 13 __u16 group;
12 u_int16_t threshold; 14 __u16 threshold;
13 u_int16_t flags; 15 __u16 flags;
14 u_int16_t pad; 16 __u16 pad;
15 char prefix[64]; 17 char prefix[64];
16}; 18};
17 19
diff --git a/include/linux/netfilter/xt_NFQUEUE.h b/include/linux/netfilter/xt_NFQUEUE.h
index 9a9af79f74d2..982a89f78272 100644
--- a/include/linux/netfilter/xt_NFQUEUE.h
+++ b/include/linux/netfilter/xt_NFQUEUE.h
@@ -8,9 +8,11 @@
8#ifndef _XT_NFQ_TARGET_H 8#ifndef _XT_NFQ_TARGET_H
9#define _XT_NFQ_TARGET_H 9#define _XT_NFQ_TARGET_H
10 10
11#include <linux/types.h>
12
11/* target info */ 13/* target info */
12struct xt_NFQ_info { 14struct xt_NFQ_info {
13 u_int16_t queuenum; 15 __u16 queuenum;
14}; 16};
15 17
16#endif /* _XT_NFQ_TARGET_H */ 18#endif /* _XT_NFQ_TARGET_H */
diff --git a/include/linux/netfilter/xt_RATEEST.h b/include/linux/netfilter/xt_RATEEST.h
index f79e3133cbea..6605e20ad8cf 100644
--- a/include/linux/netfilter/xt_RATEEST.h
+++ b/include/linux/netfilter/xt_RATEEST.h
@@ -1,10 +1,12 @@
1#ifndef _XT_RATEEST_TARGET_H 1#ifndef _XT_RATEEST_TARGET_H
2#define _XT_RATEEST_TARGET_H 2#define _XT_RATEEST_TARGET_H
3 3
4#include <linux/types.h>
5
4struct xt_rateest_target_info { 6struct xt_rateest_target_info {
5 char name[IFNAMSIZ]; 7 char name[IFNAMSIZ];
6 int8_t interval; 8 __s8 interval;
7 u_int8_t ewma_log; 9 __u8 ewma_log;
8 10
9 /* Used internally by the kernel */ 11 /* Used internally by the kernel */
10 struct xt_rateest *est __attribute__((aligned(8))); 12 struct xt_rateest *est __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h
index c53fbffa997d..6fcd3448b186 100644
--- a/include/linux/netfilter/xt_SECMARK.h
+++ b/include/linux/netfilter/xt_SECMARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_SECMARK_H_target 1#ifndef _XT_SECMARK_H_target
2#define _XT_SECMARK_H_target 2#define _XT_SECMARK_H_target
3 3
4#include <linux/types.h>
5
4/* 6/*
5 * This is intended for use by various security subsystems (but not 7 * This is intended for use by various security subsystems (but not
6 * at the same time). 8 * at the same time).
@@ -12,12 +14,12 @@
12#define SECMARK_SELCTX_MAX 256 14#define SECMARK_SELCTX_MAX 256
13 15
14struct xt_secmark_target_selinux_info { 16struct xt_secmark_target_selinux_info {
15 u_int32_t selsid; 17 __u32 selsid;
16 char selctx[SECMARK_SELCTX_MAX]; 18 char selctx[SECMARK_SELCTX_MAX];
17}; 19};
18 20
19struct xt_secmark_target_info { 21struct xt_secmark_target_info {
20 u_int8_t mode; 22 __u8 mode;
21 union { 23 union {
22 struct xt_secmark_target_selinux_info sel; 24 struct xt_secmark_target_selinux_info sel;
23 } u; 25 } u;
diff --git a/include/linux/netfilter/xt_TCPMSS.h b/include/linux/netfilter/xt_TCPMSS.h
index 53a292cd47f3..9a6960afc134 100644
--- a/include/linux/netfilter/xt_TCPMSS.h
+++ b/include/linux/netfilter/xt_TCPMSS.h
@@ -1,8 +1,10 @@
1#ifndef _XT_TCPMSS_H 1#ifndef _XT_TCPMSS_H
2#define _XT_TCPMSS_H 2#define _XT_TCPMSS_H
3 3
4#include <linux/types.h>
5
4struct xt_tcpmss_info { 6struct xt_tcpmss_info {
5 u_int16_t mss; 7 __u16 mss;
6}; 8};
7 9
8#define XT_TCPMSS_CLAMP_PMTU 0xffff 10#define XT_TCPMSS_CLAMP_PMTU 0xffff
diff --git a/include/linux/netfilter/xt_connbytes.h b/include/linux/netfilter/xt_connbytes.h
index c022c989754d..52bd6153b996 100644
--- a/include/linux/netfilter/xt_connbytes.h
+++ b/include/linux/netfilter/xt_connbytes.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNBYTES_H 1#ifndef _XT_CONNBYTES_H
2#define _XT_CONNBYTES_H 2#define _XT_CONNBYTES_H
3 3
4#include <linux/types.h>
5
4enum xt_connbytes_what { 6enum xt_connbytes_what {
5 XT_CONNBYTES_PKTS, 7 XT_CONNBYTES_PKTS,
6 XT_CONNBYTES_BYTES, 8 XT_CONNBYTES_BYTES,
@@ -19,7 +21,7 @@ struct xt_connbytes_info
19 aligned_u64 from; /* count to be matched */ 21 aligned_u64 from; /* count to be matched */
20 aligned_u64 to; /* count to be matched */ 22 aligned_u64 to; /* count to be matched */
21 } count; 23 } count;
22 u_int8_t what; /* ipt_connbytes_what */ 24 __u8 what; /* ipt_connbytes_what */
23 u_int8_t direction; /* ipt_connbytes_direction */ 25 __u8 direction; /* ipt_connbytes_direction */
24}; 26};
25#endif 27#endif
diff --git a/include/linux/netfilter/xt_connmark.h b/include/linux/netfilter/xt_connmark.h
index 359ef86918dc..571e266d004c 100644
--- a/include/linux/netfilter/xt_connmark.h
+++ b/include/linux/netfilter/xt_connmark.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNMARK_H 1#ifndef _XT_CONNMARK_H
2#define _XT_CONNMARK_H 2#define _XT_CONNMARK_H
3 3
4#include <linux/types.h>
5
4/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 6/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
5 * by Henrik Nordstrom <hno@marasystems.com> 7 * by Henrik Nordstrom <hno@marasystems.com>
6 * 8 *
@@ -12,12 +14,12 @@
12 14
13struct xt_connmark_info { 15struct xt_connmark_info {
14 unsigned long mark, mask; 16 unsigned long mark, mask;
15 u_int8_t invert; 17 __u8 invert;
16}; 18};
17 19
18struct xt_connmark_mtinfo1 { 20struct xt_connmark_mtinfo1 {
19 u_int32_t mark, mask; 21 __u32 mark, mask;
20 u_int8_t invert; 22 __u8 invert;
21}; 23};
22 24
23#endif /*_XT_CONNMARK_H*/ 25#endif /*_XT_CONNMARK_H*/
diff --git a/include/linux/netfilter/xt_conntrack.h b/include/linux/netfilter/xt_conntrack.h
index 8f5345275393..3430c7751948 100644
--- a/include/linux/netfilter/xt_conntrack.h
+++ b/include/linux/netfilter/xt_conntrack.h
@@ -63,9 +63,9 @@ struct xt_conntrack_info
63 unsigned long expires_min, expires_max; 63 unsigned long expires_min, expires_max;
64 64
65 /* Flags word */ 65 /* Flags word */
66 u_int8_t flags; 66 __u8 flags;
67 /* Inverse flags */ 67 /* Inverse flags */
68 u_int8_t invflags; 68 __u8 invflags;
69}; 69};
70 70
71struct xt_conntrack_mtinfo1 { 71struct xt_conntrack_mtinfo1 {
@@ -73,12 +73,12 @@ struct xt_conntrack_mtinfo1 {
73 union nf_inet_addr origdst_addr, origdst_mask; 73 union nf_inet_addr origdst_addr, origdst_mask;
74 union nf_inet_addr replsrc_addr, replsrc_mask; 74 union nf_inet_addr replsrc_addr, replsrc_mask;
75 union nf_inet_addr repldst_addr, repldst_mask; 75 union nf_inet_addr repldst_addr, repldst_mask;
76 u_int32_t expires_min, expires_max; 76 __u32 expires_min, expires_max;
77 u_int16_t l4proto; 77 __u16 l4proto;
78 __be16 origsrc_port, origdst_port; 78 __be16 origsrc_port, origdst_port;
79 __be16 replsrc_port, repldst_port; 79 __be16 replsrc_port, repldst_port;
80 u_int16_t match_flags, invert_flags; 80 __u16 match_flags, invert_flags;
81 u_int8_t state_mask, status_mask; 81 __u8 state_mask, status_mask;
82}; 82};
83 83
84#endif /*_XT_CONNTRACK_H*/ 84#endif /*_XT_CONNTRACK_H*/
diff --git a/include/linux/netfilter/xt_dccp.h b/include/linux/netfilter/xt_dccp.h
index e0221b9d32cb..a579e1b6f040 100644
--- a/include/linux/netfilter/xt_dccp.h
+++ b/include/linux/netfilter/xt_dccp.h
@@ -1,6 +1,8 @@
1#ifndef _XT_DCCP_H_ 1#ifndef _XT_DCCP_H_
2#define _XT_DCCP_H_ 2#define _XT_DCCP_H_
3 3
4#include <linux/types.h>
5
4#define XT_DCCP_SRC_PORTS 0x01 6#define XT_DCCP_SRC_PORTS 0x01
5#define XT_DCCP_DEST_PORTS 0x02 7#define XT_DCCP_DEST_PORTS 0x02
6#define XT_DCCP_TYPE 0x04 8#define XT_DCCP_TYPE 0x04
@@ -9,14 +11,14 @@
9#define XT_DCCP_VALID_FLAGS 0x0f 11#define XT_DCCP_VALID_FLAGS 0x0f
10 12
11struct xt_dccp_info { 13struct xt_dccp_info {
12 u_int16_t dpts[2]; /* Min, Max */ 14 __u16 dpts[2]; /* Min, Max */
13 u_int16_t spts[2]; /* Min, Max */ 15 __u16 spts[2]; /* Min, Max */
14 16
15 u_int16_t flags; 17 __u16 flags;
16 u_int16_t invflags; 18 __u16 invflags;
17 19
18 u_int16_t typemask; 20 __u16 typemask;
19 u_int8_t option; 21 __u8 option;
20}; 22};
21 23
22#endif /* _XT_DCCP_H_ */ 24#endif /* _XT_DCCP_H_ */
diff --git a/include/linux/netfilter/xt_dscp.h b/include/linux/netfilter/xt_dscp.h
index f49bc1a648dc..15f8932ad5ce 100644
--- a/include/linux/netfilter/xt_dscp.h
+++ b/include/linux/netfilter/xt_dscp.h
@@ -10,20 +10,22 @@
10#ifndef _XT_DSCP_H 10#ifndef _XT_DSCP_H
11#define _XT_DSCP_H 11#define _XT_DSCP_H
12 12
13#include <linux/types.h>
14
13#define XT_DSCP_MASK 0xfc /* 11111100 */ 15#define XT_DSCP_MASK 0xfc /* 11111100 */
14#define XT_DSCP_SHIFT 2 16#define XT_DSCP_SHIFT 2
15#define XT_DSCP_MAX 0x3f /* 00111111 */ 17#define XT_DSCP_MAX 0x3f /* 00111111 */
16 18
17/* match info */ 19/* match info */
18struct xt_dscp_info { 20struct xt_dscp_info {
19 u_int8_t dscp; 21 __u8 dscp;
20 u_int8_t invert; 22 __u8 invert;
21}; 23};
22 24
23struct xt_tos_match_info { 25struct xt_tos_match_info {
24 u_int8_t tos_mask; 26 __u8 tos_mask;
25 u_int8_t tos_value; 27 __u8 tos_value;
26 u_int8_t invert; 28 __u8 invert;
27}; 29};
28 30
29#endif /* _XT_DSCP_H */ 31#endif /* _XT_DSCP_H */
diff --git a/include/linux/netfilter/xt_esp.h b/include/linux/netfilter/xt_esp.h
index 9380fb1c27da..ef6fa4747d0a 100644
--- a/include/linux/netfilter/xt_esp.h
+++ b/include/linux/netfilter/xt_esp.h
@@ -1,10 +1,12 @@
1#ifndef _XT_ESP_H 1#ifndef _XT_ESP_H
2#define _XT_ESP_H 2#define _XT_ESP_H
3 3
4#include <linux/types.h>
5
4struct xt_esp 6struct xt_esp
5{ 7{
6 u_int32_t spis[2]; /* Security Parameter Index */ 8 __u32 spis[2]; /* Security Parameter Index */
7 u_int8_t invflags; /* Inverse flags */ 9 __u8 invflags; /* Inverse flags */
8}; 10};
9 11
10/* Values for "invflags" field in struct xt_esp. */ 12/* Values for "invflags" field in struct xt_esp. */
diff --git a/include/linux/netfilter/xt_hashlimit.h b/include/linux/netfilter/xt_hashlimit.h
index 51b18d83b477..b1925b5925e9 100644
--- a/include/linux/netfilter/xt_hashlimit.h
+++ b/include/linux/netfilter/xt_hashlimit.h
@@ -1,6 +1,8 @@
1#ifndef _XT_HASHLIMIT_H 1#ifndef _XT_HASHLIMIT_H
2#define _XT_HASHLIMIT_H 2#define _XT_HASHLIMIT_H
3 3
4#include <linux/types.h>
5
4/* timings are in milliseconds. */ 6/* timings are in milliseconds. */
5#define XT_HASHLIMIT_SCALE 10000 7#define XT_HASHLIMIT_SCALE 10000
6/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490 8/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
@@ -18,15 +20,15 @@ enum {
18}; 20};
19 21
20struct hashlimit_cfg { 22struct hashlimit_cfg {
21 u_int32_t mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 23 __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */
22 u_int32_t avg; /* Average secs between packets * scale */ 24 __u32 avg; /* Average secs between packets * scale */
23 u_int32_t burst; /* Period multiplier for upper limit. */ 25 __u32 burst; /* Period multiplier for upper limit. */
24 26
25 /* user specified */ 27 /* user specified */
26 u_int32_t size; /* how many buckets */ 28 __u32 size; /* how many buckets */
27 u_int32_t max; /* max number of entries */ 29 __u32 max; /* max number of entries */
28 u_int32_t gc_interval; /* gc interval */ 30 __u32 gc_interval; /* gc interval */
29 u_int32_t expire; /* when do entries expire? */ 31 __u32 expire; /* when do entries expire? */
30}; 32};
31 33
32struct xt_hashlimit_info { 34struct xt_hashlimit_info {
@@ -42,17 +44,17 @@ struct xt_hashlimit_info {
42}; 44};
43 45
44struct hashlimit_cfg1 { 46struct hashlimit_cfg1 {
45 u_int32_t mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 47 __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */
46 u_int32_t avg; /* Average secs between packets * scale */ 48 __u32 avg; /* Average secs between packets * scale */
47 u_int32_t burst; /* Period multiplier for upper limit. */ 49 __u32 burst; /* Period multiplier for upper limit. */
48 50
49 /* user specified */ 51 /* user specified */
50 u_int32_t size; /* how many buckets */ 52 __u32 size; /* how many buckets */
51 u_int32_t max; /* max number of entries */ 53 __u32 max; /* max number of entries */
52 u_int32_t gc_interval; /* gc interval */ 54 __u32 gc_interval; /* gc interval */
53 u_int32_t expire; /* when do entries expire? */ 55 __u32 expire; /* when do entries expire? */
54 56
55 u_int8_t srcmask, dstmask; 57 __u8 srcmask, dstmask;
56}; 58};
57 59
58struct xt_hashlimit_mtinfo1 { 60struct xt_hashlimit_mtinfo1 {
diff --git a/include/linux/netfilter/xt_iprange.h b/include/linux/netfilter/xt_iprange.h
index a4299c7d3680..c1f21a779a45 100644
--- a/include/linux/netfilter/xt_iprange.h
+++ b/include/linux/netfilter/xt_iprange.h
@@ -1,6 +1,8 @@
1#ifndef _LINUX_NETFILTER_XT_IPRANGE_H 1#ifndef _LINUX_NETFILTER_XT_IPRANGE_H
2#define _LINUX_NETFILTER_XT_IPRANGE_H 1 2#define _LINUX_NETFILTER_XT_IPRANGE_H 1
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 IPRANGE_SRC = 1 << 0, /* match source IP address */ 7 IPRANGE_SRC = 1 << 0, /* match source IP address */
6 IPRANGE_DST = 1 << 1, /* match destination IP address */ 8 IPRANGE_DST = 1 << 1, /* match destination IP address */
@@ -11,7 +13,7 @@ enum {
11struct xt_iprange_mtinfo { 13struct xt_iprange_mtinfo {
12 union nf_inet_addr src_min, src_max; 14 union nf_inet_addr src_min, src_max;
13 union nf_inet_addr dst_min, dst_max; 15 union nf_inet_addr dst_min, dst_max;
14 u_int8_t flags; 16 __u8 flags;
15}; 17};
16 18
17#endif /* _LINUX_NETFILTER_XT_IPRANGE_H */ 19#endif /* _LINUX_NETFILTER_XT_IPRANGE_H */
diff --git a/include/linux/netfilter/xt_length.h b/include/linux/netfilter/xt_length.h
index 7c2b439f73fe..b82ed7c4b1e0 100644
--- a/include/linux/netfilter/xt_length.h
+++ b/include/linux/netfilter/xt_length.h
@@ -1,9 +1,11 @@
1#ifndef _XT_LENGTH_H 1#ifndef _XT_LENGTH_H
2#define _XT_LENGTH_H 2#define _XT_LENGTH_H
3 3
4#include <linux/types.h>
5
4struct xt_length_info { 6struct xt_length_info {
5 u_int16_t min, max; 7 __u16 min, max;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9#endif /*_XT_LENGTH_H*/ 11#endif /*_XT_LENGTH_H*/
diff --git a/include/linux/netfilter/xt_limit.h b/include/linux/netfilter/xt_limit.h
index b3ce65375ecb..190e98b1f7c9 100644
--- a/include/linux/netfilter/xt_limit.h
+++ b/include/linux/netfilter/xt_limit.h
@@ -1,19 +1,21 @@
1#ifndef _XT_RATE_H 1#ifndef _XT_RATE_H
2#define _XT_RATE_H 2#define _XT_RATE_H
3 3
4#include <linux/types.h>
5
4/* timings are in milliseconds. */ 6/* timings are in milliseconds. */
5#define XT_LIMIT_SCALE 10000 7#define XT_LIMIT_SCALE 10000
6 8
7/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490 9/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
8 seconds, or one every 59 hours. */ 10 seconds, or one every 59 hours. */
9struct xt_rateinfo { 11struct xt_rateinfo {
10 u_int32_t avg; /* Average secs between packets * scale */ 12 __u32 avg; /* Average secs between packets * scale */
11 u_int32_t burst; /* Period multiplier for upper limit. */ 13 __u32 burst; /* Period multiplier for upper limit. */
12 14
13 /* Used internally by the kernel */ 15 /* Used internally by the kernel */
14 unsigned long prev; 16 unsigned long prev;
15 u_int32_t credit; 17 __u32 credit;
16 u_int32_t credit_cap, cost; 18 __u32 credit_cap, cost;
17 19
18 /* Ugly, ugly fucker. */ 20 /* Ugly, ugly fucker. */
19 struct xt_rateinfo *master; 21 struct xt_rateinfo *master;
diff --git a/include/linux/netfilter/xt_mark.h b/include/linux/netfilter/xt_mark.h
index fae74bc3f34e..6fa460a3cc29 100644
--- a/include/linux/netfilter/xt_mark.h
+++ b/include/linux/netfilter/xt_mark.h
@@ -1,14 +1,16 @@
1#ifndef _XT_MARK_H 1#ifndef _XT_MARK_H
2#define _XT_MARK_H 2#define _XT_MARK_H
3 3
4#include <linux/types.h>
5
4struct xt_mark_info { 6struct xt_mark_info {
5 unsigned long mark, mask; 7 unsigned long mark, mask;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9struct xt_mark_mtinfo1 { 11struct xt_mark_mtinfo1 {
10 u_int32_t mark, mask; 12 __u32 mark, mask;
11 u_int8_t invert; 13 __u8 invert;
12}; 14};
13 15
14#endif /*_XT_MARK_H*/ 16#endif /*_XT_MARK_H*/
diff --git a/include/linux/netfilter/xt_multiport.h b/include/linux/netfilter/xt_multiport.h
index d49ee4183710..185db499fcbc 100644
--- a/include/linux/netfilter/xt_multiport.h
+++ b/include/linux/netfilter/xt_multiport.h
@@ -1,6 +1,8 @@
1#ifndef _XT_MULTIPORT_H 1#ifndef _XT_MULTIPORT_H
2#define _XT_MULTIPORT_H 2#define _XT_MULTIPORT_H
3 3
4#include <linux/types.h>
5
4enum xt_multiport_flags 6enum xt_multiport_flags
5{ 7{
6 XT_MULTIPORT_SOURCE, 8 XT_MULTIPORT_SOURCE,
@@ -13,18 +15,18 @@ enum xt_multiport_flags
13/* Must fit inside union xt_matchinfo: 16 bytes */ 15/* Must fit inside union xt_matchinfo: 16 bytes */
14struct xt_multiport 16struct xt_multiport
15{ 17{
16 u_int8_t flags; /* Type of comparison */ 18 __u8 flags; /* Type of comparison */
17 u_int8_t count; /* Number of ports */ 19 __u8 count; /* Number of ports */
18 u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ 20 __u16 ports[XT_MULTI_PORTS]; /* Ports */
19}; 21};
20 22
21struct xt_multiport_v1 23struct xt_multiport_v1
22{ 24{
23 u_int8_t flags; /* Type of comparison */ 25 __u8 flags; /* Type of comparison */
24 u_int8_t count; /* Number of ports */ 26 __u8 count; /* Number of ports */
25 u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ 27 __u16 ports[XT_MULTI_PORTS]; /* Ports */
26 u_int8_t pflags[XT_MULTI_PORTS]; /* Port flags */ 28 __u8 pflags[XT_MULTI_PORTS]; /* Port flags */
27 u_int8_t invert; /* Invert flag */ 29 __u8 invert; /* Invert flag */
28}; 30};
29 31
30#endif /*_XT_MULTIPORT_H*/ 32#endif /*_XT_MULTIPORT_H*/
diff --git a/include/linux/netfilter/xt_owner.h b/include/linux/netfilter/xt_owner.h
index c84e52cfe415..2081761714b5 100644
--- a/include/linux/netfilter/xt_owner.h
+++ b/include/linux/netfilter/xt_owner.h
@@ -1,6 +1,8 @@
1#ifndef _XT_OWNER_MATCH_H 1#ifndef _XT_OWNER_MATCH_H
2#define _XT_OWNER_MATCH_H 2#define _XT_OWNER_MATCH_H
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 XT_OWNER_UID = 1 << 0, 7 XT_OWNER_UID = 1 << 0,
6 XT_OWNER_GID = 1 << 1, 8 XT_OWNER_GID = 1 << 1,
@@ -8,9 +10,9 @@ enum {
8}; 10};
9 11
10struct xt_owner_match_info { 12struct xt_owner_match_info {
11 u_int32_t uid_min, uid_max; 13 __u32 uid_min, uid_max;
12 u_int32_t gid_min, gid_max; 14 __u32 gid_min, gid_max;
13 u_int8_t match, invert; 15 __u8 match, invert;
14}; 16};
15 17
16#endif /* _XT_OWNER_MATCH_H */ 18#endif /* _XT_OWNER_MATCH_H */
diff --git a/include/linux/netfilter/xt_physdev.h b/include/linux/netfilter/xt_physdev.h
index 25a7a1815b5b..8555e399886d 100644
--- a/include/linux/netfilter/xt_physdev.h
+++ b/include/linux/netfilter/xt_physdev.h
@@ -1,6 +1,8 @@
1#ifndef _XT_PHYSDEV_H 1#ifndef _XT_PHYSDEV_H
2#define _XT_PHYSDEV_H 2#define _XT_PHYSDEV_H
3 3
4#include <linux/types.h>
5
4#ifdef __KERNEL__ 6#ifdef __KERNEL__
5#include <linux/if.h> 7#include <linux/if.h>
6#endif 8#endif
@@ -17,8 +19,8 @@ struct xt_physdev_info {
17 char in_mask[IFNAMSIZ]; 19 char in_mask[IFNAMSIZ];
18 char physoutdev[IFNAMSIZ]; 20 char physoutdev[IFNAMSIZ];
19 char out_mask[IFNAMSIZ]; 21 char out_mask[IFNAMSIZ];
20 u_int8_t invert; 22 __u8 invert;
21 u_int8_t bitmask; 23 __u8 bitmask;
22}; 24};
23 25
24#endif /*_XT_PHYSDEV_H*/ 26#endif /*_XT_PHYSDEV_H*/
diff --git a/include/linux/netfilter/xt_policy.h b/include/linux/netfilter/xt_policy.h
index 053d8cc65464..7bb64e7c853d 100644
--- a/include/linux/netfilter/xt_policy.h
+++ b/include/linux/netfilter/xt_policy.h
@@ -1,6 +1,8 @@
1#ifndef _XT_POLICY_H 1#ifndef _XT_POLICY_H
2#define _XT_POLICY_H 2#define _XT_POLICY_H
3 3
4#include <linux/types.h>
5
4#define XT_POLICY_MAX_ELEM 4 6#define XT_POLICY_MAX_ELEM 4
5 7
6enum xt_policy_flags 8enum xt_policy_flags
@@ -19,7 +21,7 @@ enum xt_policy_modes
19 21
20struct xt_policy_spec 22struct xt_policy_spec
21{ 23{
22 u_int8_t saddr:1, 24 __u8 saddr:1,
23 daddr:1, 25 daddr:1,
24 proto:1, 26 proto:1,
25 mode:1, 27 mode:1,
@@ -55,9 +57,9 @@ struct xt_policy_elem
55#endif 57#endif
56 }; 58 };
57 __be32 spi; 59 __be32 spi;
58 u_int32_t reqid; 60 __u32 reqid;
59 u_int8_t proto; 61 __u8 proto;
60 u_int8_t mode; 62 __u8 mode;
61 63
62 struct xt_policy_spec match; 64 struct xt_policy_spec match;
63 struct xt_policy_spec invert; 65 struct xt_policy_spec invert;
@@ -66,8 +68,8 @@ struct xt_policy_elem
66struct xt_policy_info 68struct xt_policy_info
67{ 69{
68 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM]; 70 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM];
69 u_int16_t flags; 71 __u16 flags;
70 u_int16_t len; 72 __u16 len;
71}; 73};
72 74
73#endif /* _XT_POLICY_H */ 75#endif /* _XT_POLICY_H */
diff --git a/include/linux/netfilter/xt_rateest.h b/include/linux/netfilter/xt_rateest.h
index 2010cb74250f..d40a6196842a 100644
--- a/include/linux/netfilter/xt_rateest.h
+++ b/include/linux/netfilter/xt_rateest.h
@@ -1,6 +1,8 @@
1#ifndef _XT_RATEEST_MATCH_H 1#ifndef _XT_RATEEST_MATCH_H
2#define _XT_RATEEST_MATCH_H 2#define _XT_RATEEST_MATCH_H
3 3
4#include <linux/types.h>
5
4enum xt_rateest_match_flags { 6enum xt_rateest_match_flags {
5 XT_RATEEST_MATCH_INVERT = 1<<0, 7 XT_RATEEST_MATCH_INVERT = 1<<0,
6 XT_RATEEST_MATCH_ABS = 1<<1, 8 XT_RATEEST_MATCH_ABS = 1<<1,
@@ -20,12 +22,12 @@ enum xt_rateest_match_mode {
20struct xt_rateest_match_info { 22struct xt_rateest_match_info {
21 char name1[IFNAMSIZ]; 23 char name1[IFNAMSIZ];
22 char name2[IFNAMSIZ]; 24 char name2[IFNAMSIZ];
23 u_int16_t flags; 25 __u16 flags;
24 u_int16_t mode; 26 __u16 mode;
25 u_int32_t bps1; 27 __u32 bps1;
26 u_int32_t pps1; 28 __u32 pps1;
27 u_int32_t bps2; 29 __u32 bps2;
28 u_int32_t pps2; 30 __u32 pps2;
29 31
30 /* Used internally by the kernel */ 32 /* Used internally by the kernel */
31 struct xt_rateest *est1 __attribute__((aligned(8))); 33 struct xt_rateest *est1 __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_realm.h b/include/linux/netfilter/xt_realm.h
index 220e87245716..d4a82ee56a02 100644
--- a/include/linux/netfilter/xt_realm.h
+++ b/include/linux/netfilter/xt_realm.h
@@ -1,10 +1,12 @@
1#ifndef _XT_REALM_H 1#ifndef _XT_REALM_H
2#define _XT_REALM_H 2#define _XT_REALM_H
3 3
4#include <linux/types.h>
5
4struct xt_realm_info { 6struct xt_realm_info {
5 u_int32_t id; 7 __u32 id;
6 u_int32_t mask; 8 __u32 mask;
7 u_int8_t invert; 9 __u8 invert;
8}; 10};
9 11
10#endif /* _XT_REALM_H */ 12#endif /* _XT_REALM_H */
diff --git a/include/linux/netfilter/xt_recent.h b/include/linux/netfilter/xt_recent.h
index 5cfeb81c6794..d2c276609925 100644
--- a/include/linux/netfilter/xt_recent.h
+++ b/include/linux/netfilter/xt_recent.h
@@ -1,6 +1,8 @@
1#ifndef _LINUX_NETFILTER_XT_RECENT_H 1#ifndef _LINUX_NETFILTER_XT_RECENT_H
2#define _LINUX_NETFILTER_XT_RECENT_H 1 2#define _LINUX_NETFILTER_XT_RECENT_H 1
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 XT_RECENT_CHECK = 1 << 0, 7 XT_RECENT_CHECK = 1 << 0,
6 XT_RECENT_SET = 1 << 1, 8 XT_RECENT_SET = 1 << 1,
@@ -15,12 +17,12 @@ enum {
15}; 17};
16 18
17struct xt_recent_mtinfo { 19struct xt_recent_mtinfo {
18 u_int32_t seconds; 20 __u32 seconds;
19 u_int32_t hit_count; 21 __u32 hit_count;
20 u_int8_t check_set; 22 __u8 check_set;
21 u_int8_t invert; 23 __u8 invert;
22 char name[XT_RECENT_NAME_LEN]; 24 char name[XT_RECENT_NAME_LEN];
23 u_int8_t side; 25 __u8 side;
24}; 26};
25 27
26#endif /* _LINUX_NETFILTER_XT_RECENT_H */ 28#endif /* _LINUX_NETFILTER_XT_RECENT_H */
diff --git a/include/linux/netfilter/xt_sctp.h b/include/linux/netfilter/xt_sctp.h
index 32000ba6ecef..29287be696a2 100644
--- a/include/linux/netfilter/xt_sctp.h
+++ b/include/linux/netfilter/xt_sctp.h
@@ -1,6 +1,8 @@
1#ifndef _XT_SCTP_H_ 1#ifndef _XT_SCTP_H_
2#define _XT_SCTP_H_ 2#define _XT_SCTP_H_
3 3
4#include <linux/types.h>
5
4#define XT_SCTP_SRC_PORTS 0x01 6#define XT_SCTP_SRC_PORTS 0x01
5#define XT_SCTP_DEST_PORTS 0x02 7#define XT_SCTP_DEST_PORTS 0x02
6#define XT_SCTP_CHUNK_TYPES 0x04 8#define XT_SCTP_CHUNK_TYPES 0x04
@@ -8,49 +10,49 @@
8#define XT_SCTP_VALID_FLAGS 0x07 10#define XT_SCTP_VALID_FLAGS 0x07
9 11
10struct xt_sctp_flag_info { 12struct xt_sctp_flag_info {
11 u_int8_t chunktype; 13 __u8 chunktype;
12 u_int8_t flag; 14 __u8 flag;
13 u_int8_t flag_mask; 15 __u8 flag_mask;
14}; 16};
15 17
16#define XT_NUM_SCTP_FLAGS 4 18#define XT_NUM_SCTP_FLAGS 4
17 19
18struct xt_sctp_info { 20struct xt_sctp_info {
19 u_int16_t dpts[2]; /* Min, Max */ 21 __u16 dpts[2]; /* Min, Max */
20 u_int16_t spts[2]; /* Min, Max */ 22 __u16 spts[2]; /* Min, Max */
21 23
22 u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ 24 __u32 chunkmap[256 / sizeof (__u32)]; /* Bit mask of chunks to be matched according to RFC 2960 */
23 25
24#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */ 26#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */
25#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */ 27#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */
26#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */ 28#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */
27 29
28 u_int32_t chunk_match_type; 30 __u32 chunk_match_type;
29 struct xt_sctp_flag_info flag_info[XT_NUM_SCTP_FLAGS]; 31 struct xt_sctp_flag_info flag_info[XT_NUM_SCTP_FLAGS];
30 int flag_count; 32 int flag_count;
31 33
32 u_int32_t flags; 34 __u32 flags;
33 u_int32_t invflags; 35 __u32 invflags;
34}; 36};
35 37
36#define bytes(type) (sizeof(type) * 8) 38#define bytes(type) (sizeof(type) * 8)
37 39
38#define SCTP_CHUNKMAP_SET(chunkmap, type) \ 40#define SCTP_CHUNKMAP_SET(chunkmap, type) \
39 do { \ 41 do { \
40 (chunkmap)[type / bytes(u_int32_t)] |= \ 42 (chunkmap)[type / bytes(__u32)] |= \
41 1 << (type % bytes(u_int32_t)); \ 43 1 << (type % bytes(__u32)); \
42 } while (0) 44 } while (0)
43 45
44#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ 46#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \
45 do { \ 47 do { \
46 (chunkmap)[type / bytes(u_int32_t)] &= \ 48 (chunkmap)[type / bytes(__u32)] &= \
47 ~(1 << (type % bytes(u_int32_t))); \ 49 ~(1 << (type % bytes(__u32))); \
48 } while (0) 50 } while (0)
49 51
50#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ 52#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \
51({ \ 53({ \
52 ((chunkmap)[type / bytes (u_int32_t)] & \ 54 ((chunkmap)[type / bytes (__u32)] & \
53 (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ 55 (1 << (type % bytes (__u32)))) ? 1: 0; \
54}) 56})
55 57
56#define SCTP_CHUNKMAP_RESET(chunkmap) \ 58#define SCTP_CHUNKMAP_RESET(chunkmap) \
@@ -65,7 +67,7 @@ struct xt_sctp_info {
65#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ 67#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
66 __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap)) 68 __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap))
67static inline bool 69static inline bool
68__sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n) 70__sctp_chunkmap_is_clear(const __u32 *chunkmap, unsigned int n)
69{ 71{
70 unsigned int i; 72 unsigned int i;
71 for (i = 0; i < n; ++i) 73 for (i = 0; i < n; ++i)
@@ -77,7 +79,7 @@ __sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n)
77#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ 79#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
78 __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap)) 80 __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap))
79static inline bool 81static inline bool
80__sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n) 82__sctp_chunkmap_is_all_set(const __u32 *chunkmap, unsigned int n)
81{ 83{
82 unsigned int i; 84 unsigned int i;
83 for (i = 0; i < n; ++i) 85 for (i = 0; i < n; ++i)
diff --git a/include/linux/netfilter/xt_statistic.h b/include/linux/netfilter/xt_statistic.h
index 3d38bc975048..095f3c66f456 100644
--- a/include/linux/netfilter/xt_statistic.h
+++ b/include/linux/netfilter/xt_statistic.h
@@ -1,6 +1,8 @@
1#ifndef _XT_STATISTIC_H 1#ifndef _XT_STATISTIC_H
2#define _XT_STATISTIC_H 2#define _XT_STATISTIC_H
3 3
4#include <linux/types.h>
5
4enum xt_statistic_mode { 6enum xt_statistic_mode {
5 XT_STATISTIC_MODE_RANDOM, 7 XT_STATISTIC_MODE_RANDOM,
6 XT_STATISTIC_MODE_NTH, 8 XT_STATISTIC_MODE_NTH,
@@ -14,17 +16,17 @@ enum xt_statistic_flags {
14#define XT_STATISTIC_MASK 0x1 16#define XT_STATISTIC_MASK 0x1
15 17
16struct xt_statistic_info { 18struct xt_statistic_info {
17 u_int16_t mode; 19 __u16 mode;
18 u_int16_t flags; 20 __u16 flags;
19 union { 21 union {
20 struct { 22 struct {
21 u_int32_t probability; 23 __u32 probability;
22 } random; 24 } random;
23 struct { 25 struct {
24 u_int32_t every; 26 __u32 every;
25 u_int32_t packet; 27 __u32 packet;
26 /* Used internally by the kernel */ 28 /* Used internally by the kernel */
27 u_int32_t count; 29 __u32 count;
28 } nth; 30 } nth;
29 } u; 31 } u;
30 struct xt_statistic_info *master __attribute__((aligned(8))); 32 struct xt_statistic_info *master __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_string.h b/include/linux/netfilter/xt_string.h
index 8a6ba7bbef9f..ecbb95fc89ed 100644
--- a/include/linux/netfilter/xt_string.h
+++ b/include/linux/netfilter/xt_string.h
@@ -1,6 +1,8 @@
1#ifndef _XT_STRING_H 1#ifndef _XT_STRING_H
2#define _XT_STRING_H 2#define _XT_STRING_H
3 3
4#include <linux/types.h>
5
4#define XT_STRING_MAX_PATTERN_SIZE 128 6#define XT_STRING_MAX_PATTERN_SIZE 128
5#define XT_STRING_MAX_ALGO_NAME_SIZE 16 7#define XT_STRING_MAX_ALGO_NAME_SIZE 16
6 8
@@ -11,18 +13,18 @@ enum {
11 13
12struct xt_string_info 14struct xt_string_info
13{ 15{
14 u_int16_t from_offset; 16 __u16 from_offset;
15 u_int16_t to_offset; 17 __u16 to_offset;
16 char algo[XT_STRING_MAX_ALGO_NAME_SIZE]; 18 char algo[XT_STRING_MAX_ALGO_NAME_SIZE];
17 char pattern[XT_STRING_MAX_PATTERN_SIZE]; 19 char pattern[XT_STRING_MAX_PATTERN_SIZE];
18 u_int8_t patlen; 20 __u8 patlen;
19 union { 21 union {
20 struct { 22 struct {
21 u_int8_t invert; 23 __u8 invert;
22 } v0; 24 } v0;
23 25
24 struct { 26 struct {
25 u_int8_t flags; 27 __u8 flags;
26 } v1; 28 } v1;
27 } u; 29 } u;
28 30
diff --git a/include/linux/netfilter/xt_tcpmss.h b/include/linux/netfilter/xt_tcpmss.h
index e03274c4c790..fbac56b9e667 100644
--- a/include/linux/netfilter/xt_tcpmss.h
+++ b/include/linux/netfilter/xt_tcpmss.h
@@ -1,9 +1,11 @@
1#ifndef _XT_TCPMSS_MATCH_H 1#ifndef _XT_TCPMSS_MATCH_H
2#define _XT_TCPMSS_MATCH_H 2#define _XT_TCPMSS_MATCH_H
3 3
4#include <linux/types.h>
5
4struct xt_tcpmss_match_info { 6struct xt_tcpmss_match_info {
5 u_int16_t mss_min, mss_max; 7 __u16 mss_min, mss_max;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9#endif /*_XT_TCPMSS_MATCH_H*/ 11#endif /*_XT_TCPMSS_MATCH_H*/
diff --git a/include/linux/netfilter/xt_tcpudp.h b/include/linux/netfilter/xt_tcpudp.h
index 78bc65f11adf..a490a0bc1d29 100644
--- a/include/linux/netfilter/xt_tcpudp.h
+++ b/include/linux/netfilter/xt_tcpudp.h
@@ -1,15 +1,17 @@
1#ifndef _XT_TCPUDP_H 1#ifndef _XT_TCPUDP_H
2#define _XT_TCPUDP_H 2#define _XT_TCPUDP_H
3 3
4#include <linux/types.h>
5
4/* TCP matching stuff */ 6/* TCP matching stuff */
5struct xt_tcp 7struct xt_tcp
6{ 8{
7 u_int16_t spts[2]; /* Source port range. */ 9 __u16 spts[2]; /* Source port range. */
8 u_int16_t dpts[2]; /* Destination port range. */ 10 __u16 dpts[2]; /* Destination port range. */
9 u_int8_t option; /* TCP Option iff non-zero*/ 11 __u8 option; /* TCP Option iff non-zero*/
10 u_int8_t flg_mask; /* TCP flags mask byte */ 12 __u8 flg_mask; /* TCP flags mask byte */
11 u_int8_t flg_cmp; /* TCP flags compare byte */ 13 __u8 flg_cmp; /* TCP flags compare byte */
12 u_int8_t invflags; /* Inverse flags */ 14 __u8 invflags; /* Inverse flags */
13}; 15};
14 16
15/* Values for "inv" field in struct ipt_tcp. */ 17/* Values for "inv" field in struct ipt_tcp. */
@@ -22,9 +24,9 @@ struct xt_tcp
22/* UDP matching stuff */ 24/* UDP matching stuff */
23struct xt_udp 25struct xt_udp
24{ 26{
25 u_int16_t spts[2]; /* Source port range. */ 27 __u16 spts[2]; /* Source port range. */
26 u_int16_t dpts[2]; /* Destination port range. */ 28 __u16 dpts[2]; /* Destination port range. */
27 u_int8_t invflags; /* Inverse flags */ 29 __u8 invflags; /* Inverse flags */
28}; 30};
29 31
30/* Values for "invflags" field in struct ipt_udp. */ 32/* Values for "invflags" field in struct ipt_udp. */