aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2009-09-10 21:17:09 -0400
committerDavid S. Miller <davem@davemloft.net>2009-09-10 21:17:09 -0400
commit9a0da0d19c573e01aded6ac17747d2efc5b1115f (patch)
tree76294327bae4b3e45b16c690bda4b24951f237cf /include
parentec282e9225be924479d4880b51f13524795bd8d3 (diff)
parent8a56df0ae1690f8f42a3c6c4532f4b06f93febea (diff)
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter/nfnetlink.h3
-rw-r--r--include/linux/netfilter/x_tables.h4
-rw-r--r--include/linux/netfilter/xt_CONNMARK.h6
-rw-r--r--include/linux/netfilter/xt_MARK.h17
-rw-r--r--include/linux/netfilter/xt_connmark.h5
-rw-r--r--include/linux/netfilter/xt_conntrack.h36
-rw-r--r--include/linux/netfilter/xt_mark.h5
-rw-r--r--include/linux/netfilter_arp/arp_tables.h2
-rw-r--r--include/linux/netfilter_bridge/ebtables.h2
-rw-r--r--include/linux/netfilter_ipv4/Kbuild32
-rw-r--r--include/linux/netfilter_ipv4/ip_tables.h2
-rw-r--r--include/linux/netfilter_ipv4/ipt_CLASSIFY.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_CONNMARK.h19
-rw-r--r--include/linux/netfilter_ipv4/ipt_DSCP.h18
-rw-r--r--include/linux/netfilter_ipv4/ipt_ECN.h4
-rw-r--r--include/linux/netfilter_ipv4/ipt_MARK.h18
-rw-r--r--include/linux/netfilter_ipv4/ipt_NFQUEUE.h16
-rw-r--r--include/linux/netfilter_ipv4/ipt_TCPMSS.h9
-rw-r--r--include/linux/netfilter_ipv4/ipt_TOS.h12
-rw-r--r--include/linux/netfilter_ipv4/ipt_comment.h10
-rw-r--r--include/linux/netfilter_ipv4/ipt_connbytes.h18
-rw-r--r--include/linux/netfilter_ipv4/ipt_connmark.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_conntrack.h28
-rw-r--r--include/linux/netfilter_ipv4/ipt_dccp.h15
-rw-r--r--include/linux/netfilter_ipv4/ipt_dscp.h21
-rw-r--r--include/linux/netfilter_ipv4/ipt_ecn.h4
-rw-r--r--include/linux/netfilter_ipv4/ipt_esp.h10
-rw-r--r--include/linux/netfilter_ipv4/ipt_hashlimit.h14
-rw-r--r--include/linux/netfilter_ipv4/ipt_helper.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_iprange.h21
-rw-r--r--include/linux/netfilter_ipv4/ipt_length.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_limit.h8
-rw-r--r--include/linux/netfilter_ipv4/ipt_mac.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_mark.h9
-rw-r--r--include/linux/netfilter_ipv4/ipt_multiport.h15
-rw-r--r--include/linux/netfilter_ipv4/ipt_owner.h20
-rw-r--r--include/linux/netfilter_ipv4/ipt_physdev.h17
-rw-r--r--include/linux/netfilter_ipv4/ipt_pkttype.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_policy.h23
-rw-r--r--include/linux/netfilter_ipv4/ipt_recent.h21
-rw-r--r--include/linux/netfilter_ipv4/ipt_sctp.h105
-rw-r--r--include/linux/netfilter_ipv4/ipt_state.h15
-rw-r--r--include/linux/netfilter_ipv4/ipt_string.h10
-rw-r--r--include/linux/netfilter_ipv4/ipt_tcpmss.h7
-rw-r--r--include/linux/netfilter_ipv4/ipt_tos.h13
-rw-r--r--include/linux/netfilter_ipv6/Kbuild12
-rw-r--r--include/linux/netfilter_ipv6/ip6_tables.h2
-rw-r--r--include/linux/netfilter_ipv6/ip6t_MARK.h9
-rw-r--r--include/linux/netfilter_ipv6/ip6t_esp.h10
-rw-r--r--include/linux/netfilter_ipv6/ip6t_length.h8
-rw-r--r--include/linux/netfilter_ipv6/ip6t_limit.h8
-rw-r--r--include/linux/netfilter_ipv6/ip6t_mac.h7
-rw-r--r--include/linux/netfilter_ipv6/ip6t_mark.h9
-rw-r--r--include/linux/netfilter_ipv6/ip6t_multiport.h14
-rw-r--r--include/linux/netfilter_ipv6/ip6t_owner.h18
-rw-r--r--include/linux/netfilter_ipv6/ip6t_physdev.h17
-rw-r--r--include/linux/netfilter_ipv6/ip6t_policy.h23
-rw-r--r--include/linux/netlink.h15
-rw-r--r--include/net/netfilter/nf_nat_core.h2
-rw-r--r--include/net/netlink.h4
-rw-r--r--include/net/rtnetlink.h2
61 files changed, 25 insertions, 791 deletions
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index bff4d5741d98..9f00da287f2c 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -58,7 +58,8 @@ struct nfgenmsg {
58struct nfnl_callback 58struct nfnl_callback
59{ 59{
60 int (*call)(struct sock *nl, struct sk_buff *skb, 60 int (*call)(struct sock *nl, struct sk_buff *skb,
61 struct nlmsghdr *nlh, struct nlattr *cda[]); 61 const struct nlmsghdr *nlh,
62 const struct nlattr * const cda[]);
62 const struct nla_policy *policy; /* netlink attribute policy */ 63 const struct nla_policy *policy; /* netlink attribute policy */
63 const u_int16_t attr_count; /* number of nlattr's */ 64 const u_int16_t attr_count; /* number of nlattr's */
64}; 65};
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 1030b7593898..812cb153cabb 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -238,9 +238,9 @@ struct xt_mtdtor_param {
238 */ 238 */
239struct xt_target_param { 239struct xt_target_param {
240 const struct net_device *in, *out; 240 const struct net_device *in, *out;
241 unsigned int hooknum;
242 const struct xt_target *target; 241 const struct xt_target *target;
243 const void *targinfo; 242 const void *targinfo;
243 unsigned int hooknum;
244 u_int8_t family; 244 u_int8_t family;
245}; 245};
246 246
@@ -407,7 +407,7 @@ extern int xt_check_target(struct xt_tgchk_param *,
407 unsigned int size, u_int8_t proto, bool inv_proto); 407 unsigned int size, u_int8_t proto, bool inv_proto);
408 408
409extern struct xt_table *xt_register_table(struct net *net, 409extern struct xt_table *xt_register_table(struct net *net,
410 struct xt_table *table, 410 const struct xt_table *table,
411 struct xt_table_info *bootstrap, 411 struct xt_table_info *bootstrap,
412 struct xt_table_info *newinfo); 412 struct xt_table_info *newinfo);
413extern void *xt_unregister_table(struct xt_table *table); 413extern void *xt_unregister_table(struct xt_table *table);
diff --git a/include/linux/netfilter/xt_CONNMARK.h b/include/linux/netfilter/xt_CONNMARK.h
index 7635c8ffdadb..0a8545866752 100644
--- a/include/linux/netfilter/xt_CONNMARK.h
+++ b/include/linux/netfilter/xt_CONNMARK.h
@@ -18,12 +18,6 @@ enum {
18 XT_CONNMARK_RESTORE 18 XT_CONNMARK_RESTORE
19}; 19};
20 20
21struct xt_connmark_target_info {
22 unsigned long mark;
23 unsigned long mask;
24 __u8 mode;
25};
26
27struct xt_connmark_tginfo1 { 21struct xt_connmark_tginfo1 {
28 __u32 ctmark, ctmask, nfmask; 22 __u32 ctmark, ctmask, nfmask;
29 __u8 mode; 23 __u8 mode;
diff --git a/include/linux/netfilter/xt_MARK.h b/include/linux/netfilter/xt_MARK.h
index 028304bcc0b1..bc9561bdef79 100644
--- a/include/linux/netfilter/xt_MARK.h
+++ b/include/linux/netfilter/xt_MARK.h
@@ -3,23 +3,6 @@
3 3
4#include <linux/types.h> 4#include <linux/types.h>
5 5
6/* Version 0 */
7struct xt_mark_target_info {
8 unsigned long mark;
9};
10
11/* Version 1 */
12enum {
13 XT_MARK_SET=0,
14 XT_MARK_AND,
15 XT_MARK_OR,
16};
17
18struct xt_mark_target_info_v1 {
19 unsigned long mark;
20 __u8 mode;
21};
22
23struct xt_mark_tginfo2 { 6struct xt_mark_tginfo2 {
24 __u32 mark, mask; 7 __u32 mark, mask;
25}; 8};
diff --git a/include/linux/netfilter/xt_connmark.h b/include/linux/netfilter/xt_connmark.h
index 571e266d004c..619e47cde01a 100644
--- a/include/linux/netfilter/xt_connmark.h
+++ b/include/linux/netfilter/xt_connmark.h
@@ -12,11 +12,6 @@
12 * (at your option) any later version. 12 * (at your option) any later version.
13 */ 13 */
14 14
15struct xt_connmark_info {
16 unsigned long mark, mask;
17 __u8 invert;
18};
19
20struct xt_connmark_mtinfo1 { 15struct xt_connmark_mtinfo1 {
21 __u32 mark, mask; 16 __u32 mark, mask;
22 __u8 invert; 17 __u8 invert;
diff --git a/include/linux/netfilter/xt_conntrack.h b/include/linux/netfilter/xt_conntrack.h
index 7ae05338e94c..54f47a2f6152 100644
--- a/include/linux/netfilter/xt_conntrack.h
+++ b/include/linux/netfilter/xt_conntrack.h
@@ -32,42 +32,6 @@ enum {
32 XT_CONNTRACK_DIRECTION = 1 << 12, 32 XT_CONNTRACK_DIRECTION = 1 << 12,
33}; 33};
34 34
35/* This is exposed to userspace, so remains frozen in time. */
36struct ip_conntrack_old_tuple
37{
38 struct {
39 __be32 ip;
40 union {
41 __u16 all;
42 } u;
43 } src;
44
45 struct {
46 __be32 ip;
47 union {
48 __u16 all;
49 } u;
50
51 /* The protocol. */
52 __u16 protonum;
53 } dst;
54};
55
56struct xt_conntrack_info
57{
58 unsigned int statemask, statusmask;
59
60 struct ip_conntrack_old_tuple tuple[IP_CT_DIR_MAX];
61 struct in_addr sipmsk[IP_CT_DIR_MAX], dipmsk[IP_CT_DIR_MAX];
62
63 unsigned long expires_min, expires_max;
64
65 /* Flags word */
66 __u8 flags;
67 /* Inverse flags */
68 __u8 invflags;
69};
70
71struct xt_conntrack_mtinfo1 { 35struct xt_conntrack_mtinfo1 {
72 union nf_inet_addr origsrc_addr, origsrc_mask; 36 union nf_inet_addr origsrc_addr, origsrc_mask;
73 union nf_inet_addr origdst_addr, origdst_mask; 37 union nf_inet_addr origdst_addr, origdst_mask;
diff --git a/include/linux/netfilter/xt_mark.h b/include/linux/netfilter/xt_mark.h
index 6fa460a3cc29..6607c8f38ea5 100644
--- a/include/linux/netfilter/xt_mark.h
+++ b/include/linux/netfilter/xt_mark.h
@@ -3,11 +3,6 @@
3 3
4#include <linux/types.h> 4#include <linux/types.h>
5 5
6struct xt_mark_info {
7 unsigned long mark, mask;
8 __u8 invert;
9};
10
11struct xt_mark_mtinfo1 { 6struct xt_mark_mtinfo1 {
12 __u32 mark, mask; 7 __u32 mark, mask;
13 __u8 invert; 8 __u8 invert;
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h
index 590ac3d6d5d6..6fe3e6aa10db 100644
--- a/include/linux/netfilter_arp/arp_tables.h
+++ b/include/linux/netfilter_arp/arp_tables.h
@@ -265,7 +265,7 @@ struct arpt_error
265} 265}
266 266
267extern struct xt_table *arpt_register_table(struct net *net, 267extern struct xt_table *arpt_register_table(struct net *net,
268 struct xt_table *table, 268 const struct xt_table *table,
269 const struct arpt_replace *repl); 269 const struct arpt_replace *repl);
270extern void arpt_unregister_table(struct xt_table *table); 270extern void arpt_unregister_table(struct xt_table *table);
271extern unsigned int arpt_do_table(struct sk_buff *skb, 271extern unsigned int arpt_do_table(struct sk_buff *skb,
diff --git a/include/linux/netfilter_bridge/ebtables.h b/include/linux/netfilter_bridge/ebtables.h
index e40ddb94b1af..ea281e6a2048 100644
--- a/include/linux/netfilter_bridge/ebtables.h
+++ b/include/linux/netfilter_bridge/ebtables.h
@@ -301,7 +301,7 @@ struct ebt_table
301#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \ 301#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \
302 ~(__alignof__(struct ebt_replace)-1)) 302 ~(__alignof__(struct ebt_replace)-1))
303extern struct ebt_table *ebt_register_table(struct net *net, 303extern struct ebt_table *ebt_register_table(struct net *net,
304 struct ebt_table *table); 304 const struct ebt_table *table);
305extern void ebt_unregister_table(struct ebt_table *table); 305extern void ebt_unregister_table(struct ebt_table *table);
306extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff *skb, 306extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff *skb,
307 const struct net_device *in, const struct net_device *out, 307 const struct net_device *in, const struct net_device *out,
diff --git a/include/linux/netfilter_ipv4/Kbuild b/include/linux/netfilter_ipv4/Kbuild
index 3a7105bb8f33..431b40761920 100644
--- a/include/linux/netfilter_ipv4/Kbuild
+++ b/include/linux/netfilter_ipv4/Kbuild
@@ -1,46 +1,14 @@
1header-y += ipt_CLASSIFY.h
2header-y += ipt_CLUSTERIP.h 1header-y += ipt_CLUSTERIP.h
3header-y += ipt_CONNMARK.h
4header-y += ipt_DSCP.h
5header-y += ipt_ECN.h 2header-y += ipt_ECN.h
6header-y += ipt_LOG.h 3header-y += ipt_LOG.h
7header-y += ipt_MARK.h
8header-y += ipt_NFQUEUE.h
9header-y += ipt_REJECT.h 4header-y += ipt_REJECT.h
10header-y += ipt_SAME.h 5header-y += ipt_SAME.h
11header-y += ipt_TCPMSS.h
12header-y += ipt_TOS.h
13header-y += ipt_TTL.h 6header-y += ipt_TTL.h
14header-y += ipt_ULOG.h 7header-y += ipt_ULOG.h
15header-y += ipt_addrtype.h 8header-y += ipt_addrtype.h
16header-y += ipt_ah.h 9header-y += ipt_ah.h
17header-y += ipt_comment.h
18header-y += ipt_connbytes.h
19header-y += ipt_connmark.h
20header-y += ipt_conntrack.h
21header-y += ipt_dccp.h
22header-y += ipt_dscp.h
23header-y += ipt_ecn.h 10header-y += ipt_ecn.h
24header-y += ipt_esp.h
25header-y += ipt_hashlimit.h
26header-y += ipt_helper.h
27header-y += ipt_iprange.h
28header-y += ipt_length.h
29header-y += ipt_limit.h
30header-y += ipt_mac.h
31header-y += ipt_mark.h
32header-y += ipt_multiport.h
33header-y += ipt_owner.h
34header-y += ipt_physdev.h
35header-y += ipt_pkttype.h
36header-y += ipt_policy.h
37header-y += ipt_realm.h 11header-y += ipt_realm.h
38header-y += ipt_recent.h
39header-y += ipt_sctp.h
40header-y += ipt_state.h
41header-y += ipt_string.h
42header-y += ipt_tcpmss.h
43header-y += ipt_tos.h
44header-y += ipt_ttl.h 12header-y += ipt_ttl.h
45 13
46unifdef-y += ip_queue.h 14unifdef-y += ip_queue.h
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index 092bd50581a9..61fafc868a7b 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -245,7 +245,7 @@ ipt_get_target(struct ipt_entry *e)
245extern void ipt_init(void) __init; 245extern void ipt_init(void) __init;
246 246
247extern struct xt_table *ipt_register_table(struct net *net, 247extern struct xt_table *ipt_register_table(struct net *net,
248 struct xt_table *table, 248 const struct xt_table *table,
249 const struct ipt_replace *repl); 249 const struct ipt_replace *repl);
250extern void ipt_unregister_table(struct xt_table *table); 250extern void ipt_unregister_table(struct xt_table *table);
251 251
diff --git a/include/linux/netfilter_ipv4/ipt_CLASSIFY.h b/include/linux/netfilter_ipv4/ipt_CLASSIFY.h
deleted file mode 100644
index a46d511b5c36..000000000000
--- a/include/linux/netfilter_ipv4/ipt_CLASSIFY.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_CLASSIFY_H
2#define _IPT_CLASSIFY_H
3
4#include <linux/netfilter/xt_CLASSIFY.h>
5#define ipt_classify_target_info xt_classify_target_info
6
7#endif /*_IPT_CLASSIFY_H */
diff --git a/include/linux/netfilter_ipv4/ipt_CONNMARK.h b/include/linux/netfilter_ipv4/ipt_CONNMARK.h
deleted file mode 100644
index 9ecfee0a9e33..000000000000
--- a/include/linux/netfilter_ipv4/ipt_CONNMARK.h
+++ /dev/null
@@ -1,19 +0,0 @@
1#ifndef _IPT_CONNMARK_H_target
2#define _IPT_CONNMARK_H_target
3
4/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
5 * by Henrik Nordstrom <hno@marasystems.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 */
12#include <linux/netfilter/xt_CONNMARK.h>
13#define IPT_CONNMARK_SET XT_CONNMARK_SET
14#define IPT_CONNMARK_SAVE XT_CONNMARK_SAVE
15#define IPT_CONNMARK_RESTORE XT_CONNMARK_RESTORE
16
17#define ipt_connmark_target_info xt_connmark_target_info
18
19#endif /*_IPT_CONNMARK_H_target*/
diff --git a/include/linux/netfilter_ipv4/ipt_DSCP.h b/include/linux/netfilter_ipv4/ipt_DSCP.h
deleted file mode 100644
index 3491e524d5ea..000000000000
--- a/include/linux/netfilter_ipv4/ipt_DSCP.h
+++ /dev/null
@@ -1,18 +0,0 @@
1/* iptables module for setting the IPv4 DSCP field
2 *
3 * (C) 2002 Harald Welte <laforge@gnumonks.org>
4 * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
5 * This software is distributed under GNU GPL v2, 1991
6 *
7 * See RFC2474 for a description of the DSCP field within the IP Header.
8 *
9 * ipt_DSCP.h,v 1.7 2002/03/14 12:03:13 laforge Exp
10*/
11#ifndef _IPT_DSCP_TARGET_H
12#define _IPT_DSCP_TARGET_H
13#include <linux/netfilter_ipv4/ipt_dscp.h>
14#include <linux/netfilter/xt_DSCP.h>
15
16#define ipt_DSCP_info xt_DSCP_info
17
18#endif /* _IPT_DSCP_TARGET_H */
diff --git a/include/linux/netfilter_ipv4/ipt_ECN.h b/include/linux/netfilter_ipv4/ipt_ECN.h
index 94e0d9866469..7ca45918ab8e 100644
--- a/include/linux/netfilter_ipv4/ipt_ECN.h
+++ b/include/linux/netfilter_ipv4/ipt_ECN.h
@@ -8,9 +8,9 @@
8*/ 8*/
9#ifndef _IPT_ECN_TARGET_H 9#ifndef _IPT_ECN_TARGET_H
10#define _IPT_ECN_TARGET_H 10#define _IPT_ECN_TARGET_H
11#include <linux/netfilter_ipv4/ipt_DSCP.h> 11#include <linux/netfilter/xt_DSCP.h>
12 12
13#define IPT_ECN_IP_MASK (~IPT_DSCP_MASK) 13#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
14 14
15#define IPT_ECN_OP_SET_IP 0x01 /* set ECN bits of IPv4 header */ 15#define IPT_ECN_OP_SET_IP 0x01 /* set ECN bits of IPv4 header */
16#define IPT_ECN_OP_SET_ECE 0x10 /* set ECE bit of TCP header */ 16#define IPT_ECN_OP_SET_ECE 0x10 /* set ECE bit of TCP header */
diff --git a/include/linux/netfilter_ipv4/ipt_MARK.h b/include/linux/netfilter_ipv4/ipt_MARK.h
deleted file mode 100644
index 697a486a96d3..000000000000
--- a/include/linux/netfilter_ipv4/ipt_MARK.h
+++ /dev/null
@@ -1,18 +0,0 @@
1#ifndef _IPT_MARK_H_target
2#define _IPT_MARK_H_target
3
4/* Backwards compatibility for old userspace */
5
6#include <linux/netfilter/xt_MARK.h>
7
8/* Version 0 */
9#define ipt_mark_target_info xt_mark_target_info
10
11/* Version 1 */
12#define IPT_MARK_SET XT_MARK_SET
13#define IPT_MARK_AND XT_MARK_AND
14#define IPT_MARK_OR XT_MARK_OR
15
16#define ipt_mark_target_info_v1 xt_mark_target_info_v1
17
18#endif /*_IPT_MARK_H_target*/
diff --git a/include/linux/netfilter_ipv4/ipt_NFQUEUE.h b/include/linux/netfilter_ipv4/ipt_NFQUEUE.h
deleted file mode 100644
index 97a2a7557cb9..000000000000
--- a/include/linux/netfilter_ipv4/ipt_NFQUEUE.h
+++ /dev/null
@@ -1,16 +0,0 @@
1/* iptables module for using NFQUEUE mechanism
2 *
3 * (C) 2005 Harald Welte <laforge@netfilter.org>
4 *
5 * This software is distributed under GNU GPL v2, 1991
6 *
7*/
8#ifndef _IPT_NFQ_TARGET_H
9#define _IPT_NFQ_TARGET_H
10
11/* Backwards compatibility for old userspace */
12#include <linux/netfilter/xt_NFQUEUE.h>
13
14#define ipt_NFQ_info xt_NFQ_info
15
16#endif /* _IPT_DSCP_TARGET_H */
diff --git a/include/linux/netfilter_ipv4/ipt_TCPMSS.h b/include/linux/netfilter_ipv4/ipt_TCPMSS.h
deleted file mode 100644
index 7a850f945824..000000000000
--- a/include/linux/netfilter_ipv4/ipt_TCPMSS.h
+++ /dev/null
@@ -1,9 +0,0 @@
1#ifndef _IPT_TCPMSS_H
2#define _IPT_TCPMSS_H
3
4#include <linux/netfilter/xt_TCPMSS.h>
5
6#define ipt_tcpmss_info xt_tcpmss_info
7#define IPT_TCPMSS_CLAMP_PMTU XT_TCPMSS_CLAMP_PMTU
8
9#endif /*_IPT_TCPMSS_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_TOS.h b/include/linux/netfilter_ipv4/ipt_TOS.h
deleted file mode 100644
index 6bf9e1fdfd88..000000000000
--- a/include/linux/netfilter_ipv4/ipt_TOS.h
+++ /dev/null
@@ -1,12 +0,0 @@
1#ifndef _IPT_TOS_H_target
2#define _IPT_TOS_H_target
3
4#ifndef IPTOS_NORMALSVC
5#define IPTOS_NORMALSVC 0
6#endif
7
8struct ipt_tos_target_info {
9 u_int8_t tos;
10};
11
12#endif /*_IPT_TOS_H_target*/
diff --git a/include/linux/netfilter_ipv4/ipt_comment.h b/include/linux/netfilter_ipv4/ipt_comment.h
deleted file mode 100644
index ae2afc2f7481..000000000000
--- a/include/linux/netfilter_ipv4/ipt_comment.h
+++ /dev/null
@@ -1,10 +0,0 @@
1#ifndef _IPT_COMMENT_H
2#define _IPT_COMMENT_H
3
4#include <linux/netfilter/xt_comment.h>
5
6#define IPT_MAX_COMMENT_LEN XT_MAX_COMMENT_LEN
7
8#define ipt_comment_info xt_comment_info
9
10#endif /* _IPT_COMMENT_H */
diff --git a/include/linux/netfilter_ipv4/ipt_connbytes.h b/include/linux/netfilter_ipv4/ipt_connbytes.h
deleted file mode 100644
index f63e6ee91113..000000000000
--- a/include/linux/netfilter_ipv4/ipt_connbytes.h
+++ /dev/null
@@ -1,18 +0,0 @@
1#ifndef _IPT_CONNBYTES_H
2#define _IPT_CONNBYTES_H
3
4#include <linux/netfilter/xt_connbytes.h>
5#define ipt_connbytes_what xt_connbytes_what
6
7#define IPT_CONNBYTES_PKTS XT_CONNBYTES_PKTS
8#define IPT_CONNBYTES_BYTES XT_CONNBYTES_BYTES
9#define IPT_CONNBYTES_AVGPKT XT_CONNBYTES_AVGPKT
10
11#define ipt_connbytes_direction xt_connbytes_direction
12#define IPT_CONNBYTES_DIR_ORIGINAL XT_CONNBYTES_DIR_ORIGINAL
13#define IPT_CONNBYTES_DIR_REPLY XT_CONNBYTES_DIR_REPLY
14#define IPT_CONNBYTES_DIR_BOTH XT_CONNBYTES_DIR_BOTH
15
16#define ipt_connbytes_info xt_connbytes_info
17
18#endif
diff --git a/include/linux/netfilter_ipv4/ipt_connmark.h b/include/linux/netfilter_ipv4/ipt_connmark.h
deleted file mode 100644
index c7ba6560d44c..000000000000
--- a/include/linux/netfilter_ipv4/ipt_connmark.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_CONNMARK_H
2#define _IPT_CONNMARK_H
3
4#include <linux/netfilter/xt_connmark.h>
5#define ipt_connmark_info xt_connmark_info
6
7#endif /*_IPT_CONNMARK_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_conntrack.h b/include/linux/netfilter_ipv4/ipt_conntrack.h
deleted file mode 100644
index cde6762949c5..000000000000
--- a/include/linux/netfilter_ipv4/ipt_conntrack.h
+++ /dev/null
@@ -1,28 +0,0 @@
1/* Header file for kernel module to match connection tracking information.
2 * GPL (C) 2001 Marc Boucher (marc@mbsi.ca).
3 */
4
5#ifndef _IPT_CONNTRACK_H
6#define _IPT_CONNTRACK_H
7
8#include <linux/netfilter/xt_conntrack.h>
9
10#define IPT_CONNTRACK_STATE_BIT(ctinfo) XT_CONNTRACK_STATE_BIT(ctinfo)
11#define IPT_CONNTRACK_STATE_INVALID XT_CONNTRACK_STATE_INVALID
12
13#define IPT_CONNTRACK_STATE_SNAT XT_CONNTRACK_STATE_SNAT
14#define IPT_CONNTRACK_STATE_DNAT XT_CONNTRACK_STATE_DNAT
15#define IPT_CONNTRACK_STATE_UNTRACKED XT_CONNTRACK_STATE_UNTRACKED
16
17/* flags, invflags: */
18#define IPT_CONNTRACK_STATE XT_CONNTRACK_STATE
19#define IPT_CONNTRACK_PROTO XT_CONNTRACK_PROTO
20#define IPT_CONNTRACK_ORIGSRC XT_CONNTRACK_ORIGSRC
21#define IPT_CONNTRACK_ORIGDST XT_CONNTRACK_ORIGDST
22#define IPT_CONNTRACK_REPLSRC XT_CONNTRACK_REPLSRC
23#define IPT_CONNTRACK_REPLDST XT_CONNTRACK_REPLDST
24#define IPT_CONNTRACK_STATUS XT_CONNTRACK_STATUS
25#define IPT_CONNTRACK_EXPIRES XT_CONNTRACK_EXPIRES
26
27#define ipt_conntrack_info xt_conntrack_info
28#endif /*_IPT_CONNTRACK_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_dccp.h b/include/linux/netfilter_ipv4/ipt_dccp.h
deleted file mode 100644
index e70d11e1f53c..000000000000
--- a/include/linux/netfilter_ipv4/ipt_dccp.h
+++ /dev/null
@@ -1,15 +0,0 @@
1#ifndef _IPT_DCCP_H_
2#define _IPT_DCCP_H_
3
4#include <linux/netfilter/xt_dccp.h>
5#define IPT_DCCP_SRC_PORTS XT_DCCP_SRC_PORTS
6#define IPT_DCCP_DEST_PORTS XT_DCCP_DEST_PORTS
7#define IPT_DCCP_TYPE XT_DCCP_TYPE
8#define IPT_DCCP_OPTION XT_DCCP_OPTION
9
10#define IPT_DCCP_VALID_FLAGS XT_DCCP_VALID_FLAGS
11
12#define ipt_dccp_info xt_dccp_info
13
14#endif /* _IPT_DCCP_H_ */
15
diff --git a/include/linux/netfilter_ipv4/ipt_dscp.h b/include/linux/netfilter_ipv4/ipt_dscp.h
deleted file mode 100644
index 4b82ca912b0e..000000000000
--- a/include/linux/netfilter_ipv4/ipt_dscp.h
+++ /dev/null
@@ -1,21 +0,0 @@
1/* iptables module for matching the IPv4 DSCP field
2 *
3 * (C) 2002 Harald Welte <laforge@gnumonks.org>
4 * This software is distributed under GNU GPL v2, 1991
5 *
6 * See RFC2474 for a description of the DSCP field within the IP Header.
7 *
8 * ipt_dscp.h,v 1.3 2002/08/05 19:00:21 laforge Exp
9*/
10#ifndef _IPT_DSCP_H
11#define _IPT_DSCP_H
12
13#include <linux/netfilter/xt_dscp.h>
14
15#define IPT_DSCP_MASK XT_DSCP_MASK
16#define IPT_DSCP_SHIFT XT_DSCP_SHIFT
17#define IPT_DSCP_MAX XT_DSCP_MAX
18
19#define ipt_dscp_info xt_dscp_info
20
21#endif /* _IPT_DSCP_H */
diff --git a/include/linux/netfilter_ipv4/ipt_ecn.h b/include/linux/netfilter_ipv4/ipt_ecn.h
index 1f0d9a4d3378..9945baa4ccd7 100644
--- a/include/linux/netfilter_ipv4/ipt_ecn.h
+++ b/include/linux/netfilter_ipv4/ipt_ecn.h
@@ -8,9 +8,9 @@
8*/ 8*/
9#ifndef _IPT_ECN_H 9#ifndef _IPT_ECN_H
10#define _IPT_ECN_H 10#define _IPT_ECN_H
11#include <linux/netfilter_ipv4/ipt_dscp.h> 11#include <linux/netfilter/xt_dscp.h>
12 12
13#define IPT_ECN_IP_MASK (~IPT_DSCP_MASK) 13#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
14 14
15#define IPT_ECN_OP_MATCH_IP 0x01 15#define IPT_ECN_OP_MATCH_IP 0x01
16#define IPT_ECN_OP_MATCH_ECE 0x10 16#define IPT_ECN_OP_MATCH_ECE 0x10
diff --git a/include/linux/netfilter_ipv4/ipt_esp.h b/include/linux/netfilter_ipv4/ipt_esp.h
deleted file mode 100644
index 78296e7eeff9..000000000000
--- a/include/linux/netfilter_ipv4/ipt_esp.h
+++ /dev/null
@@ -1,10 +0,0 @@
1#ifndef _IPT_ESP_H
2#define _IPT_ESP_H
3
4#include <linux/netfilter/xt_esp.h>
5
6#define ipt_esp xt_esp
7#define IPT_ESP_INV_SPI XT_ESP_INV_SPI
8#define IPT_ESP_INV_MASK XT_ESP_INV_MASK
9
10#endif /*_IPT_ESP_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_hashlimit.h b/include/linux/netfilter_ipv4/ipt_hashlimit.h
deleted file mode 100644
index 5662120a3d7b..000000000000
--- a/include/linux/netfilter_ipv4/ipt_hashlimit.h
+++ /dev/null
@@ -1,14 +0,0 @@
1#ifndef _IPT_HASHLIMIT_H
2#define _IPT_HASHLIMIT_H
3
4#include <linux/netfilter/xt_hashlimit.h>
5
6#define IPT_HASHLIMIT_SCALE XT_HASHLIMIT_SCALE
7#define IPT_HASHLIMIT_HASH_DIP XT_HASHLIMIT_HASH_DIP
8#define IPT_HASHLIMIT_HASH_DPT XT_HASHLIMIT_HASH_DPT
9#define IPT_HASHLIMIT_HASH_SIP XT_HASHLIMIT_HASH_SIP
10#define IPT_HASHLIMIT_HASH_SPT XT_HASHLIMIT_HASH_SPT
11
12#define ipt_hashlimit_info xt_hashlimit_info
13
14#endif /* _IPT_HASHLIMIT_H */
diff --git a/include/linux/netfilter_ipv4/ipt_helper.h b/include/linux/netfilter_ipv4/ipt_helper.h
deleted file mode 100644
index 80452c218551..000000000000
--- a/include/linux/netfilter_ipv4/ipt_helper.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_HELPER_H
2#define _IPT_HELPER_H
3
4#include <linux/netfilter/xt_helper.h>
5#define ipt_helper_info xt_helper_info
6
7#endif /* _IPT_HELPER_H */
diff --git a/include/linux/netfilter_ipv4/ipt_iprange.h b/include/linux/netfilter_ipv4/ipt_iprange.h
deleted file mode 100644
index 5f1aebde4d2f..000000000000
--- a/include/linux/netfilter_ipv4/ipt_iprange.h
+++ /dev/null
@@ -1,21 +0,0 @@
1#ifndef _IPT_IPRANGE_H
2#define _IPT_IPRANGE_H
3
4#include <linux/types.h>
5#include <linux/netfilter/xt_iprange.h>
6
7struct ipt_iprange {
8 /* Inclusive: network order. */
9 __be32 min_ip, max_ip;
10};
11
12struct ipt_iprange_info
13{
14 struct ipt_iprange src;
15 struct ipt_iprange dst;
16
17 /* Flags from above */
18 u_int8_t flags;
19};
20
21#endif /* _IPT_IPRANGE_H */
diff --git a/include/linux/netfilter_ipv4/ipt_length.h b/include/linux/netfilter_ipv4/ipt_length.h
deleted file mode 100644
index 9b45206ffcef..000000000000
--- a/include/linux/netfilter_ipv4/ipt_length.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_LENGTH_H
2#define _IPT_LENGTH_H
3
4#include <linux/netfilter/xt_length.h>
5#define ipt_length_info xt_length_info
6
7#endif /*_IPT_LENGTH_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_limit.h b/include/linux/netfilter_ipv4/ipt_limit.h
deleted file mode 100644
index 92f5cd07bbc4..000000000000
--- a/include/linux/netfilter_ipv4/ipt_limit.h
+++ /dev/null
@@ -1,8 +0,0 @@
1#ifndef _IPT_RATE_H
2#define _IPT_RATE_H
3
4#include <linux/netfilter/xt_limit.h>
5#define IPT_LIMIT_SCALE XT_LIMIT_SCALE
6#define ipt_rateinfo xt_rateinfo
7
8#endif /*_IPT_RATE_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_mac.h b/include/linux/netfilter_ipv4/ipt_mac.h
deleted file mode 100644
index b186008a3c47..000000000000
--- a/include/linux/netfilter_ipv4/ipt_mac.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_MAC_H
2#define _IPT_MAC_H
3
4#include <linux/netfilter/xt_mac.h>
5#define ipt_mac_info xt_mac_info
6
7#endif /*_IPT_MAC_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_mark.h b/include/linux/netfilter_ipv4/ipt_mark.h
deleted file mode 100644
index bfde67c61224..000000000000
--- a/include/linux/netfilter_ipv4/ipt_mark.h
+++ /dev/null
@@ -1,9 +0,0 @@
1#ifndef _IPT_MARK_H
2#define _IPT_MARK_H
3
4/* Backwards compatibility for old userspace */
5#include <linux/netfilter/xt_mark.h>
6
7#define ipt_mark_info xt_mark_info
8
9#endif /*_IPT_MARK_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_multiport.h b/include/linux/netfilter_ipv4/ipt_multiport.h
deleted file mode 100644
index 55fe85eca88c..000000000000
--- a/include/linux/netfilter_ipv4/ipt_multiport.h
+++ /dev/null
@@ -1,15 +0,0 @@
1#ifndef _IPT_MULTIPORT_H
2#define _IPT_MULTIPORT_H
3
4#include <linux/netfilter/xt_multiport.h>
5
6#define IPT_MULTIPORT_SOURCE XT_MULTIPORT_SOURCE
7#define IPT_MULTIPORT_DESTINATION XT_MULTIPORT_DESTINATION
8#define IPT_MULTIPORT_EITHER XT_MULTIPORT_EITHER
9
10#define IPT_MULTI_PORTS XT_MULTI_PORTS
11
12#define ipt_multiport xt_multiport
13#define ipt_multiport_v1 xt_multiport_v1
14
15#endif /*_IPT_MULTIPORT_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_owner.h b/include/linux/netfilter_ipv4/ipt_owner.h
deleted file mode 100644
index a78445be9992..000000000000
--- a/include/linux/netfilter_ipv4/ipt_owner.h
+++ /dev/null
@@ -1,20 +0,0 @@
1#ifndef _IPT_OWNER_H
2#define _IPT_OWNER_H
3
4/* match and invert flags */
5#define IPT_OWNER_UID 0x01
6#define IPT_OWNER_GID 0x02
7#define IPT_OWNER_PID 0x04
8#define IPT_OWNER_SID 0x08
9#define IPT_OWNER_COMM 0x10
10
11struct ipt_owner_info {
12 __kernel_uid32_t uid;
13 __kernel_gid32_t gid;
14 __kernel_pid_t pid;
15 __kernel_pid_t sid;
16 char comm[16];
17 u_int8_t match, invert; /* flags */
18};
19
20#endif /*_IPT_OWNER_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_physdev.h b/include/linux/netfilter_ipv4/ipt_physdev.h
deleted file mode 100644
index 2400e7140f26..000000000000
--- a/include/linux/netfilter_ipv4/ipt_physdev.h
+++ /dev/null
@@ -1,17 +0,0 @@
1#ifndef _IPT_PHYSDEV_H
2#define _IPT_PHYSDEV_H
3
4/* Backwards compatibility for old userspace */
5
6#include <linux/netfilter/xt_physdev.h>
7
8#define IPT_PHYSDEV_OP_IN XT_PHYSDEV_OP_IN
9#define IPT_PHYSDEV_OP_OUT XT_PHYSDEV_OP_OUT
10#define IPT_PHYSDEV_OP_BRIDGED XT_PHYSDEV_OP_BRIDGED
11#define IPT_PHYSDEV_OP_ISIN XT_PHYSDEV_OP_ISIN
12#define IPT_PHYSDEV_OP_ISOUT XT_PHYSDEV_OP_ISOUT
13#define IPT_PHYSDEV_OP_MASK XT_PHYSDEV_OP_MASK
14
15#define ipt_physdev_info xt_physdev_info
16
17#endif /*_IPT_PHYSDEV_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_pkttype.h b/include/linux/netfilter_ipv4/ipt_pkttype.h
deleted file mode 100644
index ff1fbc949a0c..000000000000
--- a/include/linux/netfilter_ipv4/ipt_pkttype.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_PKTTYPE_H
2#define _IPT_PKTTYPE_H
3
4#include <linux/netfilter/xt_pkttype.h>
5#define ipt_pkttype_info xt_pkttype_info
6
7#endif /*_IPT_PKTTYPE_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_policy.h b/include/linux/netfilter_ipv4/ipt_policy.h
deleted file mode 100644
index 1037fb2cd206..000000000000
--- a/include/linux/netfilter_ipv4/ipt_policy.h
+++ /dev/null
@@ -1,23 +0,0 @@
1#ifndef _IPT_POLICY_H
2#define _IPT_POLICY_H
3
4#include <linux/netfilter/xt_policy.h>
5
6#define IPT_POLICY_MAX_ELEM XT_POLICY_MAX_ELEM
7
8/* ipt_policy_flags */
9#define IPT_POLICY_MATCH_IN XT_POLICY_MATCH_IN
10#define IPT_POLICY_MATCH_OUT XT_POLICY_MATCH_OUT
11#define IPT_POLICY_MATCH_NONE XT_POLICY_MATCH_NONE
12#define IPT_POLICY_MATCH_STRICT XT_POLICY_MATCH_STRICT
13
14/* ipt_policy_modes */
15#define IPT_POLICY_MODE_TRANSPORT XT_POLICY_MODE_TRANSPORT
16#define IPT_POLICY_MODE_TUNNEL XT_POLICY_MODE_TUNNEL
17
18#define ipt_policy_spec xt_policy_spec
19#define ipt_policy_addr xt_policy_addr
20#define ipt_policy_elem xt_policy_elem
21#define ipt_policy_info xt_policy_info
22
23#endif /* _IPT_POLICY_H */
diff --git a/include/linux/netfilter_ipv4/ipt_recent.h b/include/linux/netfilter_ipv4/ipt_recent.h
deleted file mode 100644
index d636cca133c2..000000000000
--- a/include/linux/netfilter_ipv4/ipt_recent.h
+++ /dev/null
@@ -1,21 +0,0 @@
1#ifndef _IPT_RECENT_H
2#define _IPT_RECENT_H
3
4#include <linux/netfilter/xt_recent.h>
5
6#define ipt_recent_info xt_recent_mtinfo
7
8enum {
9 IPT_RECENT_CHECK = XT_RECENT_CHECK,
10 IPT_RECENT_SET = XT_RECENT_SET,
11 IPT_RECENT_UPDATE = XT_RECENT_UPDATE,
12 IPT_RECENT_REMOVE = XT_RECENT_REMOVE,
13 IPT_RECENT_TTL = XT_RECENT_TTL,
14
15 IPT_RECENT_SOURCE = XT_RECENT_SOURCE,
16 IPT_RECENT_DEST = XT_RECENT_DEST,
17
18 IPT_RECENT_NAME_LEN = XT_RECENT_NAME_LEN,
19};
20
21#endif /*_IPT_RECENT_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_sctp.h b/include/linux/netfilter_ipv4/ipt_sctp.h
deleted file mode 100644
index 80b3dbacd193..000000000000
--- a/include/linux/netfilter_ipv4/ipt_sctp.h
+++ /dev/null
@@ -1,105 +0,0 @@
1#ifndef _IPT_SCTP_H_
2#define _IPT_SCTP_H_
3
4#define IPT_SCTP_SRC_PORTS 0x01
5#define IPT_SCTP_DEST_PORTS 0x02
6#define IPT_SCTP_CHUNK_TYPES 0x04
7
8#define IPT_SCTP_VALID_FLAGS 0x07
9
10
11struct ipt_sctp_flag_info {
12 u_int8_t chunktype;
13 u_int8_t flag;
14 u_int8_t flag_mask;
15};
16
17#define IPT_NUM_SCTP_FLAGS 4
18
19struct ipt_sctp_info {
20 u_int16_t dpts[2]; /* Min, Max */
21 u_int16_t spts[2]; /* Min, Max */
22
23 u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */
24
25#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */
26#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */
27#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */
28
29 u_int32_t chunk_match_type;
30 struct ipt_sctp_flag_info flag_info[IPT_NUM_SCTP_FLAGS];
31 int flag_count;
32
33 u_int32_t flags;
34 u_int32_t invflags;
35};
36
37#define bytes(type) (sizeof(type) * 8)
38
39#define SCTP_CHUNKMAP_SET(chunkmap, type) \
40 do { \
41 chunkmap[type / bytes(u_int32_t)] |= \
42 1 << (type % bytes(u_int32_t)); \
43 } while (0)
44
45#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \
46 do { \
47 chunkmap[type / bytes(u_int32_t)] &= \
48 ~(1 << (type % bytes(u_int32_t))); \
49 } while (0)
50
51#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \
52({ \
53 (chunkmap[type / bytes (u_int32_t)] & \
54 (1 << (type % bytes (u_int32_t)))) ? 1: 0; \
55})
56
57#define SCTP_CHUNKMAP_RESET(chunkmap) \
58 do { \
59 int i; \
60 for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
61 chunkmap[i] = 0; \
62 } while (0)
63
64#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \
65 do { \
66 int i; \
67 for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
68 chunkmap[i] = ~0; \
69 } while (0)
70
71#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \
72 do { \
73 int i; \
74 for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
75 destmap[i] = srcmap[i]; \
76 } while (0)
77
78#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
79({ \
80 int i; \
81 int flag = 1; \
82 for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
83 if (chunkmap[i]) { \
84 flag = 0; \
85 break; \
86 } \
87 } \
88 flag; \
89})
90
91#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
92({ \
93 int i; \
94 int flag = 1; \
95 for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
96 if (chunkmap[i] != ~0) { \
97 flag = 0; \
98 break; \
99 } \
100 } \
101 flag; \
102})
103
104#endif /* _IPT_SCTP_H_ */
105
diff --git a/include/linux/netfilter_ipv4/ipt_state.h b/include/linux/netfilter_ipv4/ipt_state.h
deleted file mode 100644
index a44a99cc28cc..000000000000
--- a/include/linux/netfilter_ipv4/ipt_state.h
+++ /dev/null
@@ -1,15 +0,0 @@
1#ifndef _IPT_STATE_H
2#define _IPT_STATE_H
3
4/* Backwards compatibility for old userspace */
5
6#include <linux/netfilter/xt_state.h>
7
8#define IPT_STATE_BIT XT_STATE_BIT
9#define IPT_STATE_INVALID XT_STATE_INVALID
10
11#define IPT_STATE_UNTRACKED XT_STATE_UNTRACKED
12
13#define ipt_state_info xt_state_info
14
15#endif /*_IPT_STATE_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_string.h b/include/linux/netfilter_ipv4/ipt_string.h
deleted file mode 100644
index c26de3059903..000000000000
--- a/include/linux/netfilter_ipv4/ipt_string.h
+++ /dev/null
@@ -1,10 +0,0 @@
1#ifndef _IPT_STRING_H
2#define _IPT_STRING_H
3
4#include <linux/netfilter/xt_string.h>
5
6#define IPT_STRING_MAX_PATTERN_SIZE XT_STRING_MAX_PATTERN_SIZE
7#define IPT_STRING_MAX_ALGO_NAME_SIZE XT_STRING_MAX_ALGO_NAME_SIZE
8#define ipt_string_info xt_string_info
9
10#endif /*_IPT_STRING_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_tcpmss.h b/include/linux/netfilter_ipv4/ipt_tcpmss.h
deleted file mode 100644
index 18bbc8e8e009..000000000000
--- a/include/linux/netfilter_ipv4/ipt_tcpmss.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IPT_TCPMSS_MATCH_H
2#define _IPT_TCPMSS_MATCH_H
3
4#include <linux/netfilter/xt_tcpmss.h>
5#define ipt_tcpmss_match_info xt_tcpmss_match_info
6
7#endif /*_IPT_TCPMSS_MATCH_H*/
diff --git a/include/linux/netfilter_ipv4/ipt_tos.h b/include/linux/netfilter_ipv4/ipt_tos.h
deleted file mode 100644
index a21f5df23c50..000000000000
--- a/include/linux/netfilter_ipv4/ipt_tos.h
+++ /dev/null
@@ -1,13 +0,0 @@
1#ifndef _IPT_TOS_H
2#define _IPT_TOS_H
3
4struct ipt_tos_info {
5 u_int8_t tos;
6 u_int8_t invert;
7};
8
9#ifndef IPTOS_NORMALSVC
10#define IPTOS_NORMALSVC 0
11#endif
12
13#endif /*_IPT_TOS_H*/
diff --git a/include/linux/netfilter_ipv6/Kbuild b/include/linux/netfilter_ipv6/Kbuild
index aca4bd1f6d7c..e864eaee9e5e 100644
--- a/include/linux/netfilter_ipv6/Kbuild
+++ b/include/linux/netfilter_ipv6/Kbuild
@@ -1,22 +1,12 @@
1header-y += ip6t_HL.h 1header-y += ip6t_HL.h
2header-y += ip6t_LOG.h 2header-y += ip6t_LOG.h
3header-y += ip6t_MARK.h
4header-y += ip6t_REJECT.h 3header-y += ip6t_REJECT.h
5header-y += ip6t_ah.h 4header-y += ip6t_ah.h
6header-y += ip6t_esp.h
7header-y += ip6t_frag.h 5header-y += ip6t_frag.h
8header-y += ip6t_hl.h
9header-y += ip6t_ipv6header.h 6header-y += ip6t_ipv6header.h
10header-y += ip6t_length.h 7header-y += ip6t_hl.h
11header-y += ip6t_limit.h
12header-y += ip6t_mac.h
13header-y += ip6t_mark.h
14header-y += ip6t_mh.h 8header-y += ip6t_mh.h
15header-y += ip6t_multiport.h
16header-y += ip6t_opts.h 9header-y += ip6t_opts.h
17header-y += ip6t_owner.h
18header-y += ip6t_physdev.h
19header-y += ip6t_policy.h
20header-y += ip6t_rt.h 10header-y += ip6t_rt.h
21 11
22unifdef-y += ip6_tables.h 12unifdef-y += ip6_tables.h
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
index 1089e33cf633..a64e1451ac38 100644
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -306,7 +306,7 @@ ip6t_get_target(struct ip6t_entry *e)
306extern void ip6t_init(void) __init; 306extern void ip6t_init(void) __init;
307 307
308extern struct xt_table *ip6t_register_table(struct net *net, 308extern struct xt_table *ip6t_register_table(struct net *net,
309 struct xt_table *table, 309 const struct xt_table *table,
310 const struct ip6t_replace *repl); 310 const struct ip6t_replace *repl);
311extern void ip6t_unregister_table(struct xt_table *table); 311extern void ip6t_unregister_table(struct xt_table *table);
312extern unsigned int ip6t_do_table(struct sk_buff *skb, 312extern unsigned int ip6t_do_table(struct sk_buff *skb,
diff --git a/include/linux/netfilter_ipv6/ip6t_MARK.h b/include/linux/netfilter_ipv6/ip6t_MARK.h
deleted file mode 100644
index 7cf629a8ab92..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_MARK.h
+++ /dev/null
@@ -1,9 +0,0 @@
1#ifndef _IP6T_MARK_H_target
2#define _IP6T_MARK_H_target
3
4/* Backwards compatibility for old userspace */
5#include <linux/netfilter/xt_MARK.h>
6
7#define ip6t_mark_target_info xt_mark_target_info
8
9#endif /*_IP6T_MARK_H_target*/
diff --git a/include/linux/netfilter_ipv6/ip6t_esp.h b/include/linux/netfilter_ipv6/ip6t_esp.h
deleted file mode 100644
index f62eaf53c16c..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_esp.h
+++ /dev/null
@@ -1,10 +0,0 @@
1#ifndef _IP6T_ESP_H
2#define _IP6T_ESP_H
3
4#include <linux/netfilter/xt_esp.h>
5
6#define ip6t_esp xt_esp
7#define IP6T_ESP_INV_SPI XT_ESP_INV_SPI
8#define IP6T_ESP_INV_MASK XT_ESP_INV_MASK
9
10#endif /*_IP6T_ESP_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_length.h b/include/linux/netfilter_ipv6/ip6t_length.h
deleted file mode 100644
index 9e9689d03ed7..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_length.h
+++ /dev/null
@@ -1,8 +0,0 @@
1#ifndef _IP6T_LENGTH_H
2#define _IP6T_LENGTH_H
3
4#include <linux/netfilter/xt_length.h>
5#define ip6t_length_info xt_length_info
6
7#endif /*_IP6T_LENGTH_H*/
8
diff --git a/include/linux/netfilter_ipv6/ip6t_limit.h b/include/linux/netfilter_ipv6/ip6t_limit.h
deleted file mode 100644
index 487e5ea342c6..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_limit.h
+++ /dev/null
@@ -1,8 +0,0 @@
1#ifndef _IP6T_RATE_H
2#define _IP6T_RATE_H
3
4#include <linux/netfilter/xt_limit.h>
5#define IP6T_LIMIT_SCALE XT_LIMIT_SCALE
6#define ip6t_rateinfo xt_rateinfo
7
8#endif /*_IP6T_RATE_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_mac.h b/include/linux/netfilter_ipv6/ip6t_mac.h
deleted file mode 100644
index ac58e83e9423..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_mac.h
+++ /dev/null
@@ -1,7 +0,0 @@
1#ifndef _IP6T_MAC_H
2#define _IP6T_MAC_H
3
4#include <linux/netfilter/xt_mac.h>
5#define ip6t_mac_info xt_mac_info
6
7#endif /*_IP6T_MAC_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_mark.h b/include/linux/netfilter_ipv6/ip6t_mark.h
deleted file mode 100644
index ff204951ddc3..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_mark.h
+++ /dev/null
@@ -1,9 +0,0 @@
1#ifndef _IP6T_MARK_H
2#define _IP6T_MARK_H
3
4/* Backwards compatibility for old userspace */
5#include <linux/netfilter/xt_mark.h>
6
7#define ip6t_mark_info xt_mark_info
8
9#endif /*_IPT_MARK_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_multiport.h b/include/linux/netfilter_ipv6/ip6t_multiport.h
deleted file mode 100644
index 042c92661cee..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_multiport.h
+++ /dev/null
@@ -1,14 +0,0 @@
1#ifndef _IP6T_MULTIPORT_H
2#define _IP6T_MULTIPORT_H
3
4#include <linux/netfilter/xt_multiport.h>
5
6#define IP6T_MULTIPORT_SOURCE XT_MULTIPORT_SOURCE
7#define IP6T_MULTIPORT_DESTINATION XT_MULTIPORT_DESTINATION
8#define IP6T_MULTIPORT_EITHER XT_MULTIPORT_EITHER
9
10#define IP6T_MULTI_PORTS XT_MULTI_PORTS
11
12#define ip6t_multiport xt_multiport
13
14#endif /*_IP6T_MULTIPORT_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_owner.h b/include/linux/netfilter_ipv6/ip6t_owner.h
deleted file mode 100644
index ec5cc7a38c42..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_owner.h
+++ /dev/null
@@ -1,18 +0,0 @@
1#ifndef _IP6T_OWNER_H
2#define _IP6T_OWNER_H
3
4/* match and invert flags */
5#define IP6T_OWNER_UID 0x01
6#define IP6T_OWNER_GID 0x02
7#define IP6T_OWNER_PID 0x04
8#define IP6T_OWNER_SID 0x08
9
10struct ip6t_owner_info {
11 __kernel_uid32_t uid;
12 __kernel_gid32_t gid;
13 __kernel_pid_t pid;
14 __kernel_pid_t sid;
15 u_int8_t match, invert; /* flags */
16};
17
18#endif /*_IPT_OWNER_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_physdev.h b/include/linux/netfilter_ipv6/ip6t_physdev.h
deleted file mode 100644
index c161c0a81b55..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_physdev.h
+++ /dev/null
@@ -1,17 +0,0 @@
1#ifndef _IP6T_PHYSDEV_H
2#define _IP6T_PHYSDEV_H
3
4/* Backwards compatibility for old userspace */
5
6#include <linux/netfilter/xt_physdev.h>
7
8#define IP6T_PHYSDEV_OP_IN XT_PHYSDEV_OP_IN
9#define IP6T_PHYSDEV_OP_OUT XT_PHYSDEV_OP_OUT
10#define IP6T_PHYSDEV_OP_BRIDGED XT_PHYSDEV_OP_BRIDGED
11#define IP6T_PHYSDEV_OP_ISIN XT_PHYSDEV_OP_ISIN
12#define IP6T_PHYSDEV_OP_ISOUT XT_PHYSDEV_OP_ISOUT
13#define IP6T_PHYSDEV_OP_MASK XT_PHYSDEV_OP_MASK
14
15#define ip6t_physdev_info xt_physdev_info
16
17#endif /*_IP6T_PHYSDEV_H*/
diff --git a/include/linux/netfilter_ipv6/ip6t_policy.h b/include/linux/netfilter_ipv6/ip6t_policy.h
deleted file mode 100644
index b1c449d7ec89..000000000000
--- a/include/linux/netfilter_ipv6/ip6t_policy.h
+++ /dev/null
@@ -1,23 +0,0 @@
1#ifndef _IP6T_POLICY_H
2#define _IP6T_POLICY_H
3
4#include <linux/netfilter/xt_policy.h>
5
6#define IP6T_POLICY_MAX_ELEM XT_POLICY_MAX_ELEM
7
8/* ip6t_policy_flags */
9#define IP6T_POLICY_MATCH_IN XT_POLICY_MATCH_IN
10#define IP6T_POLICY_MATCH_OUT XT_POLICY_MATCH_OUT
11#define IP6T_POLICY_MATCH_NONE XT_POLICY_MATCH_NONE
12#define IP6T_POLICY_MATCH_STRICT XT_POLICY_MATCH_STRICT
13
14/* ip6t_policy_modes */
15#define IP6T_POLICY_MODE_TRANSPORT XT_POLICY_MODE_TRANSPORT
16#define IP6T_POLICY_MODE_TUNNEL XT_POLICY_MODE_TUNNEL
17
18#define ip6t_policy_spec xt_policy_spec
19#define ip6t_policy_addr xt_policy_addr
20#define ip6t_policy_elem xt_policy_elem
21#define ip6t_policy_info xt_policy_info
22
23#endif /* _IP6T_POLICY_H */
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index 5ba398e90304..0fbecbbe8e9e 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -217,12 +217,13 @@ int netlink_sendskb(struct sock *sk, struct sk_buff *skb);
217 217
218struct netlink_callback 218struct netlink_callback
219{ 219{
220 struct sk_buff *skb; 220 struct sk_buff *skb;
221 struct nlmsghdr *nlh; 221 const struct nlmsghdr *nlh;
222 int (*dump)(struct sk_buff * skb, struct netlink_callback *cb); 222 int (*dump)(struct sk_buff * skb,
223 int (*done)(struct netlink_callback *cb); 223 struct netlink_callback *cb);
224 int family; 224 int (*done)(struct netlink_callback *cb);
225 long args[6]; 225 int family;
226 long args[6];
226}; 227};
227 228
228struct netlink_notify 229struct netlink_notify
@@ -258,7 +259,7 @@ __nlmsg_put(struct sk_buff *skb, u32 pid, u32 seq, int type, int len, int flags)
258 NLMSG_NEW(skb, pid, seq, type, len, 0) 259 NLMSG_NEW(skb, pid, seq, type, len, 0)
259 260
260extern int netlink_dump_start(struct sock *ssk, struct sk_buff *skb, 261extern int netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
261 struct nlmsghdr *nlh, 262 const struct nlmsghdr *nlh,
262 int (*dump)(struct sk_buff *skb, struct netlink_callback*), 263 int (*dump)(struct sk_buff *skb, struct netlink_callback*),
263 int (*done)(struct netlink_callback*)); 264 int (*done)(struct netlink_callback*));
264 265
diff --git a/include/net/netfilter/nf_nat_core.h b/include/net/netfilter/nf_nat_core.h
index 58684066388c..33602ab66190 100644
--- a/include/net/netfilter/nf_nat_core.h
+++ b/include/net/netfilter/nf_nat_core.h
@@ -31,6 +31,6 @@ struct nlattr;
31extern int 31extern int
32(*nfnetlink_parse_nat_setup_hook)(struct nf_conn *ct, 32(*nfnetlink_parse_nat_setup_hook)(struct nf_conn *ct,
33 enum nf_nat_manip_type manip, 33 enum nf_nat_manip_type manip,
34 struct nlattr *attr); 34 const struct nlattr *attr);
35 35
36#endif /* _NF_NAT_CORE_H */ 36#endif /* _NF_NAT_CORE_H */
diff --git a/include/net/netlink.h b/include/net/netlink.h
index 007bdb07dabb..a63b2192ac1c 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -365,7 +365,7 @@ static inline struct nlmsghdr *nlmsg_next(struct nlmsghdr *nlh, int *remaining)
365 * 365 *
366 * See nla_parse() 366 * See nla_parse()
367 */ 367 */
368static inline int nlmsg_parse(struct nlmsghdr *nlh, int hdrlen, 368static inline int nlmsg_parse(const struct nlmsghdr *nlh, int hdrlen,
369 struct nlattr *tb[], int maxtype, 369 struct nlattr *tb[], int maxtype,
370 const struct nla_policy *policy) 370 const struct nla_policy *policy)
371{ 371{
@@ -414,7 +414,7 @@ static inline int nlmsg_validate(struct nlmsghdr *nlh, int hdrlen, int maxtype,
414 * 414 *
415 * Returns 1 if a report back to the application is requested. 415 * Returns 1 if a report back to the application is requested.
416 */ 416 */
417static inline int nlmsg_report(struct nlmsghdr *nlh) 417static inline int nlmsg_report(const struct nlmsghdr *nlh)
418{ 418{
419 return !!(nlh->nlmsg_flags & NLM_F_ECHO); 419 return !!(nlh->nlmsg_flags & NLM_F_ECHO);
420} 420}
diff --git a/include/net/rtnetlink.h b/include/net/rtnetlink.h
index b630196b5627..c3aa044d3fc3 100644
--- a/include/net/rtnetlink.h
+++ b/include/net/rtnetlink.h
@@ -14,7 +14,7 @@ extern void rtnl_register(int protocol, int msgtype,
14extern int rtnl_unregister(int protocol, int msgtype); 14extern int rtnl_unregister(int protocol, int msgtype);
15extern void rtnl_unregister_all(int protocol); 15extern void rtnl_unregister_all(int protocol);
16 16
17static inline int rtnl_msg_family(struct nlmsghdr *nlh) 17static inline int rtnl_msg_family(const struct nlmsghdr *nlh)
18{ 18{
19 if (nlmsg_len(nlh) >= sizeof(struct rtgenmsg)) 19 if (nlmsg_len(nlh) >= sizeof(struct rtgenmsg))
20 return ((struct rtgenmsg *) nlmsg_data(nlh))->rtgen_family; 20 return ((struct rtgenmsg *) nlmsg_data(nlh))->rtgen_family;