diff options
author | Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> | 2006-04-01 05:22:54 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2006-04-01 05:22:54 -0500 |
commit | a89ecb6a2ef732d04058d87801e2b6bd7e5c7089 (patch) | |
tree | c84c5b3167c116f0c419a2bbb04877bdac38dd07 /include | |
parent | dc5ab2faece3b7473931357db7f63f596678481d (diff) |
[NETFILTER]: x_tables: unify IPv4/IPv6 multiport match
This unifies ipt_multiport and ip6t_multiport to xt_multiport.
As a result, this addes support for inversion and port range match
to IPv6 packets.
Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/xt_multiport.h | 30 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ipt_multiport.h | 31 | ||||
-rw-r--r-- | include/linux/netfilter_ipv6/ip6t_multiport.h | 25 |
3 files changed, 47 insertions, 39 deletions
diff --git a/include/linux/netfilter/xt_multiport.h b/include/linux/netfilter/xt_multiport.h new file mode 100644 index 000000000000..d49ee4183710 --- /dev/null +++ b/include/linux/netfilter/xt_multiport.h | |||
@@ -0,0 +1,30 @@ | |||
1 | #ifndef _XT_MULTIPORT_H | ||
2 | #define _XT_MULTIPORT_H | ||
3 | |||
4 | enum xt_multiport_flags | ||
5 | { | ||
6 | XT_MULTIPORT_SOURCE, | ||
7 | XT_MULTIPORT_DESTINATION, | ||
8 | XT_MULTIPORT_EITHER | ||
9 | }; | ||
10 | |||
11 | #define XT_MULTI_PORTS 15 | ||
12 | |||
13 | /* Must fit inside union xt_matchinfo: 16 bytes */ | ||
14 | struct xt_multiport | ||
15 | { | ||
16 | u_int8_t flags; /* Type of comparison */ | ||
17 | u_int8_t count; /* Number of ports */ | ||
18 | u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ | ||
19 | }; | ||
20 | |||
21 | struct xt_multiport_v1 | ||
22 | { | ||
23 | u_int8_t flags; /* Type of comparison */ | ||
24 | u_int8_t count; /* Number of ports */ | ||
25 | u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ | ||
26 | u_int8_t pflags[XT_MULTI_PORTS]; /* Port flags */ | ||
27 | u_int8_t invert; /* Invert flag */ | ||
28 | }; | ||
29 | |||
30 | #endif /*_XT_MULTIPORT_H*/ | ||
diff --git a/include/linux/netfilter_ipv4/ipt_multiport.h b/include/linux/netfilter_ipv4/ipt_multiport.h index e6b6fff811df..55fe85eca88c 100644 --- a/include/linux/netfilter_ipv4/ipt_multiport.h +++ b/include/linux/netfilter_ipv4/ipt_multiport.h | |||
@@ -1,30 +1,15 @@ | |||
1 | #ifndef _IPT_MULTIPORT_H | 1 | #ifndef _IPT_MULTIPORT_H |
2 | #define _IPT_MULTIPORT_H | 2 | #define _IPT_MULTIPORT_H |
3 | #include <linux/netfilter_ipv4/ip_tables.h> | ||
4 | 3 | ||
5 | enum ipt_multiport_flags | 4 | #include <linux/netfilter/xt_multiport.h> |
6 | { | ||
7 | IPT_MULTIPORT_SOURCE, | ||
8 | IPT_MULTIPORT_DESTINATION, | ||
9 | IPT_MULTIPORT_EITHER | ||
10 | }; | ||
11 | 5 | ||
12 | #define IPT_MULTI_PORTS 15 | 6 | #define IPT_MULTIPORT_SOURCE XT_MULTIPORT_SOURCE |
7 | #define IPT_MULTIPORT_DESTINATION XT_MULTIPORT_DESTINATION | ||
8 | #define IPT_MULTIPORT_EITHER XT_MULTIPORT_EITHER | ||
13 | 9 | ||
14 | /* Must fit inside union ipt_matchinfo: 16 bytes */ | 10 | #define IPT_MULTI_PORTS XT_MULTI_PORTS |
15 | struct ipt_multiport | 11 | |
16 | { | 12 | #define ipt_multiport xt_multiport |
17 | u_int8_t flags; /* Type of comparison */ | 13 | #define ipt_multiport_v1 xt_multiport_v1 |
18 | u_int8_t count; /* Number of ports */ | ||
19 | u_int16_t ports[IPT_MULTI_PORTS]; /* Ports */ | ||
20 | }; | ||
21 | 14 | ||
22 | struct ipt_multiport_v1 | ||
23 | { | ||
24 | u_int8_t flags; /* Type of comparison */ | ||
25 | u_int8_t count; /* Number of ports */ | ||
26 | u_int16_t ports[IPT_MULTI_PORTS]; /* Ports */ | ||
27 | u_int8_t pflags[IPT_MULTI_PORTS]; /* Port flags */ | ||
28 | u_int8_t invert; /* Invert flag */ | ||
29 | }; | ||
30 | #endif /*_IPT_MULTIPORT_H*/ | 15 | #endif /*_IPT_MULTIPORT_H*/ |
diff --git a/include/linux/netfilter_ipv6/ip6t_multiport.h b/include/linux/netfilter_ipv6/ip6t_multiport.h index efe4954a8681..042c92661cee 100644 --- a/include/linux/netfilter_ipv6/ip6t_multiport.h +++ b/include/linux/netfilter_ipv6/ip6t_multiport.h | |||
@@ -1,21 +1,14 @@ | |||
1 | #ifndef _IP6T_MULTIPORT_H | 1 | #ifndef _IP6T_MULTIPORT_H |
2 | #define _IP6T_MULTIPORT_H | 2 | #define _IP6T_MULTIPORT_H |
3 | #include <linux/netfilter_ipv6/ip6_tables.h> | ||
4 | 3 | ||
5 | enum ip6t_multiport_flags | 4 | #include <linux/netfilter/xt_multiport.h> |
6 | { | ||
7 | IP6T_MULTIPORT_SOURCE, | ||
8 | IP6T_MULTIPORT_DESTINATION, | ||
9 | IP6T_MULTIPORT_EITHER | ||
10 | }; | ||
11 | 5 | ||
12 | #define IP6T_MULTI_PORTS 15 | 6 | #define IP6T_MULTIPORT_SOURCE XT_MULTIPORT_SOURCE |
7 | #define IP6T_MULTIPORT_DESTINATION XT_MULTIPORT_DESTINATION | ||
8 | #define IP6T_MULTIPORT_EITHER XT_MULTIPORT_EITHER | ||
13 | 9 | ||
14 | /* Must fit inside union ip6t_matchinfo: 16 bytes */ | 10 | #define IP6T_MULTI_PORTS XT_MULTI_PORTS |
15 | struct ip6t_multiport | 11 | |
16 | { | 12 | #define ip6t_multiport xt_multiport |
17 | u_int8_t flags; /* Type of comparison */ | 13 | |
18 | u_int8_t count; /* Number of ports */ | 14 | #endif /*_IP6T_MULTIPORT_H*/ |
19 | u_int16_t ports[IP6T_MULTI_PORTS]; /* Ports */ | ||
20 | }; | ||
21 | #endif /*_IPT_MULTIPORT_H*/ | ||