aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-11-19 21:53:30 -0500
committerDavid S. Miller <davem@davemloft.net>2008-01-28 17:53:55 -0500
commit6e23ae2a48750bda407a4a58f52a4865d7308bf5 (patch)
tree633fd60b2a42bf6fdb86564f0c05a6d52d8dc92b /include
parent1bf06cd2e338fd6fc29169d30eaf0df982338285 (diff)
[NETFILTER]: Introduce NF_INET_ hook values
The IPv4 and IPv6 hook values are identical, yet some code tries to figure out the "correct" value by looking at the address family. Introduce NF_INET_* values for both IPv4 and IPv6. The old values are kept in a #ifndef __KERNEL__ section for userspace compatibility. Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r--include/linux/netfilter.h9
-rw-r--r--include/linux/netfilter/x_tables.h4
-rw-r--r--include/linux/netfilter_ipv4.h2
-rw-r--r--include/linux/netfilter_ipv4/ip_tables.h8
-rw-r--r--include/linux/netfilter_ipv6.h3
-rw-r--r--include/linux/netfilter_ipv6/ip6_tables.h8
-rw-r--r--include/net/netfilter/nf_nat.h3
7 files changed, 23 insertions, 14 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 16adac688af5..25fc12260340 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -39,6 +39,15 @@
39#define NFC_ALTERED 0x8000 39#define NFC_ALTERED 0x8000
40#endif 40#endif
41 41
42enum nf_inet_hooks {
43 NF_INET_PRE_ROUTING,
44 NF_INET_LOCAL_IN,
45 NF_INET_FORWARD,
46 NF_INET_LOCAL_OUT,
47 NF_INET_POST_ROUTING,
48 NF_INET_NUMHOOKS
49};
50
42#ifdef __KERNEL__ 51#ifdef __KERNEL__
43#ifdef CONFIG_NETFILTER 52#ifdef CONFIG_NETFILTER
44 53
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 03e6ce979eaa..9657c4ee70fc 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -265,8 +265,8 @@ struct xt_table_info
265 unsigned int initial_entries; 265 unsigned int initial_entries;
266 266
267 /* Entry points and underflows */ 267 /* Entry points and underflows */
268 unsigned int hook_entry[NF_IP_NUMHOOKS]; 268 unsigned int hook_entry[NF_INET_NUMHOOKS];
269 unsigned int underflow[NF_IP_NUMHOOKS]; 269 unsigned int underflow[NF_INET_NUMHOOKS];
270 270
271 /* ipt_entry tables: one per CPU */ 271 /* ipt_entry tables: one per CPU */
272 char *entries[NR_CPUS]; 272 char *entries[NR_CPUS];
diff --git a/include/linux/netfilter_ipv4.h b/include/linux/netfilter_ipv4.h
index 1a63adf5c4c1..9a10092e358c 100644
--- a/include/linux/netfilter_ipv4.h
+++ b/include/linux/netfilter_ipv4.h
@@ -36,7 +36,6 @@
36#define NFC_IP_DST_PT 0x0400 36#define NFC_IP_DST_PT 0x0400
37/* Something else about the proto */ 37/* Something else about the proto */
38#define NFC_IP_PROTO_UNKNOWN 0x2000 38#define NFC_IP_PROTO_UNKNOWN 0x2000
39#endif /* ! __KERNEL__ */
40 39
41/* IP Hooks */ 40/* IP Hooks */
42/* After promisc drops, checksum checks. */ 41/* After promisc drops, checksum checks. */
@@ -50,6 +49,7 @@
50/* Packets about to hit the wire. */ 49/* Packets about to hit the wire. */
51#define NF_IP_POST_ROUTING 4 50#define NF_IP_POST_ROUTING 4
52#define NF_IP_NUMHOOKS 5 51#define NF_IP_NUMHOOKS 5
52#endif /* ! __KERNEL__ */
53 53
54enum nf_ip_hook_priorities { 54enum nf_ip_hook_priorities {
55 NF_IP_PRI_FIRST = INT_MIN, 55 NF_IP_PRI_FIRST = INT_MIN,
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index d79ed69cbc1f..54da61603eff 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -156,10 +156,10 @@ struct ipt_getinfo
156 unsigned int valid_hooks; 156 unsigned int valid_hooks;
157 157
158 /* Hook entry points: one per netfilter hook. */ 158 /* Hook entry points: one per netfilter hook. */
159 unsigned int hook_entry[NF_IP_NUMHOOKS]; 159 unsigned int hook_entry[NF_INET_NUMHOOKS];
160 160
161 /* Underflow points. */ 161 /* Underflow points. */
162 unsigned int underflow[NF_IP_NUMHOOKS]; 162 unsigned int underflow[NF_INET_NUMHOOKS];
163 163
164 /* Number of entries */ 164 /* Number of entries */
165 unsigned int num_entries; 165 unsigned int num_entries;
@@ -185,10 +185,10 @@ struct ipt_replace
185 unsigned int size; 185 unsigned int size;
186 186
187 /* Hook entry points. */ 187 /* Hook entry points. */
188 unsigned int hook_entry[NF_IP_NUMHOOKS]; 188 unsigned int hook_entry[NF_INET_NUMHOOKS];
189 189
190 /* Underflow points. */ 190 /* Underflow points. */
191 unsigned int underflow[NF_IP_NUMHOOKS]; 191 unsigned int underflow[NF_INET_NUMHOOKS];
192 192
193 /* Information about old entries: */ 193 /* Information about old entries: */
194 /* Number of counters (must be equal to current number of entries). */ 194 /* Number of counters (must be equal to current number of entries). */
diff --git a/include/linux/netfilter_ipv6.h b/include/linux/netfilter_ipv6.h
index 66ca8e3100dc..3475a65dae9b 100644
--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -40,8 +40,6 @@
40#define NFC_IP6_DST_PT 0x0400 40#define NFC_IP6_DST_PT 0x0400
41/* Something else about the proto */ 41/* Something else about the proto */
42#define NFC_IP6_PROTO_UNKNOWN 0x2000 42#define NFC_IP6_PROTO_UNKNOWN 0x2000
43#endif /* ! __KERNEL__ */
44
45 43
46/* IP6 Hooks */ 44/* IP6 Hooks */
47/* After promisc drops, checksum checks. */ 45/* After promisc drops, checksum checks. */
@@ -55,6 +53,7 @@
55/* Packets about to hit the wire. */ 53/* Packets about to hit the wire. */
56#define NF_IP6_POST_ROUTING 4 54#define NF_IP6_POST_ROUTING 4
57#define NF_IP6_NUMHOOKS 5 55#define NF_IP6_NUMHOOKS 5
56#endif /* ! __KERNEL__ */
58 57
59 58
60enum nf_ip6_hook_priorities { 59enum nf_ip6_hook_priorities {
diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h
index 7dc481ce7cba..2e98654188b3 100644
--- a/include/linux/netfilter_ipv6/ip6_tables.h
+++ b/include/linux/netfilter_ipv6/ip6_tables.h
@@ -216,10 +216,10 @@ struct ip6t_getinfo
216 unsigned int valid_hooks; 216 unsigned int valid_hooks;
217 217
218 /* Hook entry points: one per netfilter hook. */ 218 /* Hook entry points: one per netfilter hook. */
219 unsigned int hook_entry[NF_IP6_NUMHOOKS]; 219 unsigned int hook_entry[NF_INET_NUMHOOKS];
220 220
221 /* Underflow points. */ 221 /* Underflow points. */
222 unsigned int underflow[NF_IP6_NUMHOOKS]; 222 unsigned int underflow[NF_INET_NUMHOOKS];
223 223
224 /* Number of entries */ 224 /* Number of entries */
225 unsigned int num_entries; 225 unsigned int num_entries;
@@ -245,10 +245,10 @@ struct ip6t_replace
245 unsigned int size; 245 unsigned int size;
246 246
247 /* Hook entry points. */ 247 /* Hook entry points. */
248 unsigned int hook_entry[NF_IP6_NUMHOOKS]; 248 unsigned int hook_entry[NF_INET_NUMHOOKS];
249 249
250 /* Underflow points. */ 250 /* Underflow points. */
251 unsigned int underflow[NF_IP6_NUMHOOKS]; 251 unsigned int underflow[NF_INET_NUMHOOKS];
252 252
253 /* Information about old entries: */ 253 /* Information about old entries: */
254 /* Number of counters (must be equal to current number of entries). */ 254 /* Number of counters (must be equal to current number of entries). */
diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
index 6ae52f7c9f55..76da32292bcd 100644
--- a/include/net/netfilter/nf_nat.h
+++ b/include/net/netfilter/nf_nat.h
@@ -12,7 +12,8 @@ enum nf_nat_manip_type
12}; 12};
13 13
14/* SRC manip occurs POST_ROUTING or LOCAL_IN */ 14/* SRC manip occurs POST_ROUTING or LOCAL_IN */
15#define HOOK2MANIP(hooknum) ((hooknum) != NF_IP_POST_ROUTING && (hooknum) != NF_IP_LOCAL_IN) 15#define HOOK2MANIP(hooknum) ((hooknum) != NF_INET_POST_ROUTING && \
16 (hooknum) != NF_INET_LOCAL_IN)
16 17
17#define IP_NAT_RANGE_MAP_IPS 1 18#define IP_NAT_RANGE_MAP_IPS 1
18#define IP_NAT_RANGE_PROTO_SPECIFIED 2 19#define IP_NAT_RANGE_PROTO_SPECIFIED 2
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-10 01:52:50 -0500