aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/linux/netfilter/nf_conntrack_tcp.h6
-rw-r--r--include/linux/netfilter/nfnetlink.h4
-rw-r--r--include/linux/netfilter/nfnetlink_compat.h7
-rw-r--r--include/linux/netfilter/nfnetlink_log.h32
-rw-r--r--include/linux/netfilter/nfnetlink_queue.h24
-rw-r--r--include/linux/netfilter/x_tables.h30
-rw-r--r--include/linux/netfilter/xt_CLASSIFY.h4
-rw-r--r--include/linux/netfilter/xt_CONNMARK.h8
-rw-r--r--include/linux/netfilter/xt_CONNSECMARK.h4
-rw-r--r--include/linux/netfilter/xt_DSCP.h7
-rw-r--r--include/linux/netfilter/xt_MARK.h6
-rw-r--r--include/linux/netfilter/xt_NFLOG.h12
-rw-r--r--include/linux/netfilter/xt_NFQUEUE.h4
-rw-r--r--include/linux/netfilter/xt_RATEEST.h6
-rw-r--r--include/linux/netfilter/xt_SECMARK.h6
-rw-r--r--include/linux/netfilter/xt_TCPMSS.h4
-rw-r--r--include/linux/netfilter/xt_connbytes.h6
-rw-r--r--include/linux/netfilter/xt_connmark.h8
-rw-r--r--include/linux/netfilter/xt_conntrack.h12
-rw-r--r--include/linux/netfilter/xt_dccp.h14
-rw-r--r--include/linux/netfilter/xt_dscp.h12
-rw-r--r--include/linux/netfilter/xt_esp.h6
-rw-r--r--include/linux/netfilter/xt_hashlimit.h32
-rw-r--r--include/linux/netfilter/xt_iprange.h4
-rw-r--r--include/linux/netfilter/xt_length.h6
-rw-r--r--include/linux/netfilter/xt_limit.h10
-rw-r--r--include/linux/netfilter/xt_mark.h8
-rw-r--r--include/linux/netfilter/xt_multiport.h18
-rw-r--r--include/linux/netfilter/xt_owner.h8
-rw-r--r--include/linux/netfilter/xt_physdev.h6
-rw-r--r--include/linux/netfilter/xt_policy.h14
-rw-r--r--include/linux/netfilter/xt_rateest.h14
-rw-r--r--include/linux/netfilter/xt_realm.h8
-rw-r--r--include/linux/netfilter/xt_recent.h12
-rw-r--r--include/linux/netfilter/xt_sctp.h36
-rw-r--r--include/linux/netfilter/xt_statistic.h14
-rw-r--r--include/linux/netfilter/xt_string.h12
-rw-r--r--include/linux/netfilter/xt_tcpmss.h6
-rw-r--r--include/linux/netfilter/xt_tcpudp.h20
39 files changed, 260 insertions, 190 deletions
diff --git a/include/linux/netfilter/nf_conntrack_tcp.h b/include/linux/netfilter/nf_conntrack_tcp.h
index a049df4f2236..3066789b972a 100644
--- a/include/linux/netfilter/nf_conntrack_tcp.h
+++ b/include/linux/netfilter/nf_conntrack_tcp.h
@@ -2,6 +2,8 @@
2#define _NF_CONNTRACK_TCP_H 2#define _NF_CONNTRACK_TCP_H
3/* TCP tracking. */ 3/* TCP tracking. */
4 4
5#include <linux/types.h>
6
5/* This is exposed to userspace (ctnetlink) */ 7/* This is exposed to userspace (ctnetlink) */
6enum tcp_conntrack { 8enum tcp_conntrack {
7 TCP_CONNTRACK_NONE, 9 TCP_CONNTRACK_NONE,
@@ -34,8 +36,8 @@ enum tcp_conntrack {
34#define IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED 0x10 36#define IP_CT_TCP_FLAG_DATA_UNACKNOWLEDGED 0x10
35 37
36struct nf_ct_tcp_flags { 38struct nf_ct_tcp_flags {
37 u_int8_t flags; 39 __u8 flags;
38 u_int8_t mask; 40 __u8 mask;
39}; 41};
40 42
41#ifdef __KERNEL__ 43#ifdef __KERNEL__
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 7d8e0455ccac..e53546cfa353 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -25,8 +25,8 @@ enum nfnetlink_groups {
25/* General form of address family dependent message. 25/* General form of address family dependent message.
26 */ 26 */
27struct nfgenmsg { 27struct nfgenmsg {
28 u_int8_t nfgen_family; /* AF_xxx */ 28 __u8 nfgen_family; /* AF_xxx */
29 u_int8_t version; /* nfnetlink version */ 29 __u8 version; /* nfnetlink version */
30 __be16 res_id; /* resource id */ 30 __be16 res_id; /* resource id */
31}; 31};
32 32
diff --git a/include/linux/netfilter/nfnetlink_compat.h b/include/linux/netfilter/nfnetlink_compat.h
index e1451760c9cd..eda55cabceec 100644
--- a/include/linux/netfilter/nfnetlink_compat.h
+++ b/include/linux/netfilter/nfnetlink_compat.h
@@ -1,5 +1,8 @@
1#ifndef _NFNETLINK_COMPAT_H 1#ifndef _NFNETLINK_COMPAT_H
2#define _NFNETLINK_COMPAT_H 2#define _NFNETLINK_COMPAT_H
3
4#include <linux/types.h>
5
3#ifndef __KERNEL__ 6#ifndef __KERNEL__
4/* Old nfnetlink macros for userspace */ 7/* Old nfnetlink macros for userspace */
5 8
@@ -20,8 +23,8 @@
20 23
21struct nfattr 24struct nfattr
22{ 25{
23 u_int16_t nfa_len; 26 __u16 nfa_len;
24 u_int16_t nfa_type; /* we use 15 bits for the type, and the highest 27 __u16 nfa_type; /* we use 15 bits for the type, and the highest
25 * bit to indicate whether the payload is nested */ 28 * bit to indicate whether the payload is nested */
26}; 29};
27 30
diff --git a/include/linux/netfilter/nfnetlink_log.h b/include/linux/netfilter/nfnetlink_log.h
index f661731f3cb1..d3bab7a2c9b7 100644
--- a/include/linux/netfilter/nfnetlink_log.h
+++ b/include/linux/netfilter/nfnetlink_log.h
@@ -17,14 +17,14 @@ enum nfulnl_msg_types {
17 17
18struct nfulnl_msg_packet_hdr { 18struct nfulnl_msg_packet_hdr {
19 __be16 hw_protocol; /* hw protocol (network order) */ 19 __be16 hw_protocol; /* hw protocol (network order) */
20 u_int8_t hook; /* netfilter hook */ 20 __u8 hook; /* netfilter hook */
21 u_int8_t _pad; 21 __u8 _pad;
22}; 22};
23 23
24struct nfulnl_msg_packet_hw { 24struct nfulnl_msg_packet_hw {
25 __be16 hw_addrlen; 25 __be16 hw_addrlen;
26 u_int16_t _pad; 26 __u16 _pad;
27 u_int8_t hw_addr[8]; 27 __u8 hw_addr[8];
28}; 28};
29 29
30struct nfulnl_msg_packet_timestamp { 30struct nfulnl_msg_packet_timestamp {
@@ -35,12 +35,12 @@ struct nfulnl_msg_packet_timestamp {
35enum nfulnl_attr_type { 35enum nfulnl_attr_type {
36 NFULA_UNSPEC, 36 NFULA_UNSPEC,
37 NFULA_PACKET_HDR, 37 NFULA_PACKET_HDR,
38 NFULA_MARK, /* u_int32_t nfmark */ 38 NFULA_MARK, /* __u32 nfmark */
39 NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */ 39 NFULA_TIMESTAMP, /* nfulnl_msg_packet_timestamp */
40 NFULA_IFINDEX_INDEV, /* u_int32_t ifindex */ 40 NFULA_IFINDEX_INDEV, /* __u32 ifindex */
41 NFULA_IFINDEX_OUTDEV, /* u_int32_t ifindex */ 41 NFULA_IFINDEX_OUTDEV, /* __u32 ifindex */
42 NFULA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */ 42 NFULA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
43 NFULA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */ 43 NFULA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
44 NFULA_HWADDR, /* nfulnl_msg_packet_hw */ 44 NFULA_HWADDR, /* nfulnl_msg_packet_hw */
45 NFULA_PAYLOAD, /* opaque data payload */ 45 NFULA_PAYLOAD, /* opaque data payload */
46 NFULA_PREFIX, /* string prefix */ 46 NFULA_PREFIX, /* string prefix */
@@ -65,23 +65,23 @@ enum nfulnl_msg_config_cmds {
65}; 65};
66 66
67struct nfulnl_msg_config_cmd { 67struct nfulnl_msg_config_cmd {
68 u_int8_t command; /* nfulnl_msg_config_cmds */ 68 __u8 command; /* nfulnl_msg_config_cmds */
69} __attribute__ ((packed)); 69} __attribute__ ((packed));
70 70
71struct nfulnl_msg_config_mode { 71struct nfulnl_msg_config_mode {
72 __be32 copy_range; 72 __be32 copy_range;
73 u_int8_t copy_mode; 73 __u8 copy_mode;
74 u_int8_t _pad; 74 __u8 _pad;
75} __attribute__ ((packed)); 75} __attribute__ ((packed));
76 76
77enum nfulnl_attr_config { 77enum nfulnl_attr_config {
78 NFULA_CFG_UNSPEC, 78 NFULA_CFG_UNSPEC,
79 NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */ 79 NFULA_CFG_CMD, /* nfulnl_msg_config_cmd */
80 NFULA_CFG_MODE, /* nfulnl_msg_config_mode */ 80 NFULA_CFG_MODE, /* nfulnl_msg_config_mode */
81 NFULA_CFG_NLBUFSIZ, /* u_int32_t buffer size */ 81 NFULA_CFG_NLBUFSIZ, /* __u32 buffer size */
82 NFULA_CFG_TIMEOUT, /* u_int32_t in 1/100 s */ 82 NFULA_CFG_TIMEOUT, /* __u32 in 1/100 s */
83 NFULA_CFG_QTHRESH, /* u_int32_t */ 83 NFULA_CFG_QTHRESH, /* __u32 */
84 NFULA_CFG_FLAGS, /* u_int16_t */ 84 NFULA_CFG_FLAGS, /* __u16 */
85 __NFULA_CFG_MAX 85 __NFULA_CFG_MAX
86}; 86};
87#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1) 87#define NFULA_CFG_MAX (__NFULA_CFG_MAX -1)
diff --git a/include/linux/netfilter/nfnetlink_queue.h b/include/linux/netfilter/nfnetlink_queue.h
index 83e789633e35..2455fe5f4e01 100644
--- a/include/linux/netfilter/nfnetlink_queue.h
+++ b/include/linux/netfilter/nfnetlink_queue.h
@@ -15,13 +15,13 @@ enum nfqnl_msg_types {
15struct nfqnl_msg_packet_hdr { 15struct nfqnl_msg_packet_hdr {
16 __be32 packet_id; /* unique ID of packet in queue */ 16 __be32 packet_id; /* unique ID of packet in queue */
17 __be16 hw_protocol; /* hw protocol (network order) */ 17 __be16 hw_protocol; /* hw protocol (network order) */
18 u_int8_t hook; /* netfilter hook */ 18 __u8 hook; /* netfilter hook */
19} __attribute__ ((packed)); 19} __attribute__ ((packed));
20 20
21struct nfqnl_msg_packet_hw { 21struct nfqnl_msg_packet_hw {
22 __be16 hw_addrlen; 22 __be16 hw_addrlen;
23 u_int16_t _pad; 23 __u16 _pad;
24 u_int8_t hw_addr[8]; 24 __u8 hw_addr[8];
25}; 25};
26 26
27struct nfqnl_msg_packet_timestamp { 27struct nfqnl_msg_packet_timestamp {
@@ -33,12 +33,12 @@ enum nfqnl_attr_type {
33 NFQA_UNSPEC, 33 NFQA_UNSPEC,
34 NFQA_PACKET_HDR, 34 NFQA_PACKET_HDR,
35 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */ 35 NFQA_VERDICT_HDR, /* nfqnl_msg_verdict_hrd */
36 NFQA_MARK, /* u_int32_t nfmark */ 36 NFQA_MARK, /* __u32 nfmark */
37 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */ 37 NFQA_TIMESTAMP, /* nfqnl_msg_packet_timestamp */
38 NFQA_IFINDEX_INDEV, /* u_int32_t ifindex */ 38 NFQA_IFINDEX_INDEV, /* __u32 ifindex */
39 NFQA_IFINDEX_OUTDEV, /* u_int32_t ifindex */ 39 NFQA_IFINDEX_OUTDEV, /* __u32 ifindex */
40 NFQA_IFINDEX_PHYSINDEV, /* u_int32_t ifindex */ 40 NFQA_IFINDEX_PHYSINDEV, /* __u32 ifindex */
41 NFQA_IFINDEX_PHYSOUTDEV, /* u_int32_t ifindex */ 41 NFQA_IFINDEX_PHYSOUTDEV, /* __u32 ifindex */
42 NFQA_HWADDR, /* nfqnl_msg_packet_hw */ 42 NFQA_HWADDR, /* nfqnl_msg_packet_hw */
43 NFQA_PAYLOAD, /* opaque data payload */ 43 NFQA_PAYLOAD, /* opaque data payload */
44 44
@@ -61,8 +61,8 @@ enum nfqnl_msg_config_cmds {
61}; 61};
62 62
63struct nfqnl_msg_config_cmd { 63struct nfqnl_msg_config_cmd {
64 u_int8_t command; /* nfqnl_msg_config_cmds */ 64 __u8 command; /* nfqnl_msg_config_cmds */
65 u_int8_t _pad; 65 __u8 _pad;
66 __be16 pf; /* AF_xxx for PF_[UN]BIND */ 66 __be16 pf; /* AF_xxx for PF_[UN]BIND */
67}; 67};
68 68
@@ -74,7 +74,7 @@ enum nfqnl_config_mode {
74 74
75struct nfqnl_msg_config_params { 75struct nfqnl_msg_config_params {
76 __be32 copy_range; 76 __be32 copy_range;
77 u_int8_t copy_mode; /* enum nfqnl_config_mode */ 77 __u8 copy_mode; /* enum nfqnl_config_mode */
78} __attribute__ ((packed)); 78} __attribute__ ((packed));
79 79
80 80
@@ -82,7 +82,7 @@ enum nfqnl_attr_config {
82 NFQA_CFG_UNSPEC, 82 NFQA_CFG_UNSPEC,
83 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */ 83 NFQA_CFG_CMD, /* nfqnl_msg_config_cmd */
84 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */ 84 NFQA_CFG_PARAMS, /* nfqnl_msg_config_params */
85 NFQA_CFG_QUEUE_MAXLEN, /* u_int32_t */ 85 NFQA_CFG_QUEUE_MAXLEN, /* __u32 */
86 __NFQA_CFG_MAX 86 __NFQA_CFG_MAX
87}; 87};
88#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1) 88#define NFQA_CFG_MAX (__NFQA_CFG_MAX-1)
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index c7ee8744d26b..33fd9c949d80 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -1,6 +1,8 @@
1#ifndef _X_TABLES_H 1#ifndef _X_TABLES_H
2#define _X_TABLES_H 2#define _X_TABLES_H
3 3
4#include <linux/types.h>
5
4#define XT_FUNCTION_MAXNAMELEN 30 6#define XT_FUNCTION_MAXNAMELEN 30
5#define XT_TABLE_MAXNAMELEN 32 7#define XT_TABLE_MAXNAMELEN 32
6 8
@@ -8,22 +10,22 @@ struct xt_entry_match
8{ 10{
9 union { 11 union {
10 struct { 12 struct {
11 u_int16_t match_size; 13 __u16 match_size;
12 14
13 /* Used by userspace */ 15 /* Used by userspace */
14 char name[XT_FUNCTION_MAXNAMELEN-1]; 16 char name[XT_FUNCTION_MAXNAMELEN-1];
15 17
16 u_int8_t revision; 18 __u8 revision;
17 } user; 19 } user;
18 struct { 20 struct {
19 u_int16_t match_size; 21 __u16 match_size;
20 22
21 /* Used inside the kernel */ 23 /* Used inside the kernel */
22 struct xt_match *match; 24 struct xt_match *match;
23 } kernel; 25 } kernel;
24 26
25 /* Total length */ 27 /* Total length */
26 u_int16_t match_size; 28 __u16 match_size;
27 } u; 29 } u;
28 30
29 unsigned char data[0]; 31 unsigned char data[0];
@@ -33,22 +35,22 @@ struct xt_entry_target
33{ 35{
34 union { 36 union {
35 struct { 37 struct {
36 u_int16_t target_size; 38 __u16 target_size;
37 39
38 /* Used by userspace */ 40 /* Used by userspace */
39 char name[XT_FUNCTION_MAXNAMELEN-1]; 41 char name[XT_FUNCTION_MAXNAMELEN-1];
40 42
41 u_int8_t revision; 43 __u8 revision;
42 } user; 44 } user;
43 struct { 45 struct {
44 u_int16_t target_size; 46 __u16 target_size;
45 47
46 /* Used inside the kernel */ 48 /* Used inside the kernel */
47 struct xt_target *target; 49 struct xt_target *target;
48 } kernel; 50 } kernel;
49 51
50 /* Total length */ 52 /* Total length */
51 u_int16_t target_size; 53 __u16 target_size;
52 } u; 54 } u;
53 55
54 unsigned char data[0]; 56 unsigned char data[0];
@@ -74,7 +76,7 @@ struct xt_get_revision
74{ 76{
75 char name[XT_FUNCTION_MAXNAMELEN-1]; 77 char name[XT_FUNCTION_MAXNAMELEN-1];
76 78
77 u_int8_t revision; 79 __u8 revision;
78}; 80};
79 81
80/* CONTINUE verdict for targets */ 82/* CONTINUE verdict for targets */
@@ -90,10 +92,10 @@ struct xt_get_revision
90 */ 92 */
91struct _xt_align 93struct _xt_align
92{ 94{
93 u_int8_t u8; 95 __u8 u8;
94 u_int16_t u16; 96 __u16 u16;
95 u_int32_t u32; 97 __u32 u32;
96 u_int64_t u64; 98 __u64 u64;
97}; 99};
98 100
99#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 101#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \
@@ -109,7 +111,7 @@ struct _xt_align
109 111
110struct xt_counters 112struct xt_counters
111{ 113{
112 u_int64_t pcnt, bcnt; /* Packet and byte counters */ 114 __u64 pcnt, bcnt; /* Packet and byte counters */
113}; 115};
114 116
115/* The argument to IPT_SO_ADD_COUNTERS. */ 117/* The argument to IPT_SO_ADD_COUNTERS. */
diff --git a/include/linux/netfilter/xt_CLASSIFY.h b/include/linux/netfilter/xt_CLASSIFY.h
index 58111355255d..a813bf14dd63 100644
--- a/include/linux/netfilter/xt_CLASSIFY.h
+++ b/include/linux/netfilter/xt_CLASSIFY.h
@@ -1,8 +1,10 @@
1#ifndef _XT_CLASSIFY_H 1#ifndef _XT_CLASSIFY_H
2#define _XT_CLASSIFY_H 2#define _XT_CLASSIFY_H
3 3
4#include <linux/types.h>
5
4struct xt_classify_target_info { 6struct xt_classify_target_info {
5 u_int32_t priority; 7 __u32 priority;
6}; 8};
7 9
8#endif /*_XT_CLASSIFY_H */ 10#endif /*_XT_CLASSIFY_H */
diff --git a/include/linux/netfilter/xt_CONNMARK.h b/include/linux/netfilter/xt_CONNMARK.h
index 4e58ba43c289..7635c8ffdadb 100644
--- a/include/linux/netfilter/xt_CONNMARK.h
+++ b/include/linux/netfilter/xt_CONNMARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNMARK_H_target 1#ifndef _XT_CONNMARK_H_target
2#define _XT_CONNMARK_H_target 2#define _XT_CONNMARK_H_target
3 3
4#include <linux/types.h>
5
4/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 6/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
5 * by Henrik Nordstrom <hno@marasystems.com> 7 * by Henrik Nordstrom <hno@marasystems.com>
6 * 8 *
@@ -19,12 +21,12 @@ enum {
19struct xt_connmark_target_info { 21struct xt_connmark_target_info {
20 unsigned long mark; 22 unsigned long mark;
21 unsigned long mask; 23 unsigned long mask;
22 u_int8_t mode; 24 __u8 mode;
23}; 25};
24 26
25struct xt_connmark_tginfo1 { 27struct xt_connmark_tginfo1 {
26 u_int32_t ctmark, ctmask, nfmask; 28 __u32 ctmark, ctmask, nfmask;
27 u_int8_t mode; 29 __u8 mode;
28}; 30};
29 31
30#endif /*_XT_CONNMARK_H_target*/ 32#endif /*_XT_CONNMARK_H_target*/
diff --git a/include/linux/netfilter/xt_CONNSECMARK.h b/include/linux/netfilter/xt_CONNSECMARK.h
index c6bd75469ba2..b973ff80fa1e 100644
--- a/include/linux/netfilter/xt_CONNSECMARK.h
+++ b/include/linux/netfilter/xt_CONNSECMARK.h
@@ -1,13 +1,15 @@
1#ifndef _XT_CONNSECMARK_H_target 1#ifndef _XT_CONNSECMARK_H_target
2#define _XT_CONNSECMARK_H_target 2#define _XT_CONNSECMARK_H_target
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 CONNSECMARK_SAVE = 1, 7 CONNSECMARK_SAVE = 1,
6 CONNSECMARK_RESTORE, 8 CONNSECMARK_RESTORE,
7}; 9};
8 10
9struct xt_connsecmark_target_info { 11struct xt_connsecmark_target_info {
10 u_int8_t mode; 12 __u8 mode;
11}; 13};
12 14
13#endif /*_XT_CONNSECMARK_H_target */ 15#endif /*_XT_CONNSECMARK_H_target */
diff --git a/include/linux/netfilter/xt_DSCP.h b/include/linux/netfilter/xt_DSCP.h
index 14da1968e2c6..648e0b3bed29 100644
--- a/include/linux/netfilter/xt_DSCP.h
+++ b/include/linux/netfilter/xt_DSCP.h
@@ -11,15 +11,16 @@
11#ifndef _XT_DSCP_TARGET_H 11#ifndef _XT_DSCP_TARGET_H
12#define _XT_DSCP_TARGET_H 12#define _XT_DSCP_TARGET_H
13#include <linux/netfilter/xt_dscp.h> 13#include <linux/netfilter/xt_dscp.h>
14#include <linux/types.h>
14 15
15/* target info */ 16/* target info */
16struct xt_DSCP_info { 17struct xt_DSCP_info {
17 u_int8_t dscp; 18 __u8 dscp;
18}; 19};
19 20
20struct xt_tos_target_info { 21struct xt_tos_target_info {
21 u_int8_t tos_value; 22 __u8 tos_value;
22 u_int8_t tos_mask; 23 __u8 tos_mask;
23}; 24};
24 25
25#endif /* _XT_DSCP_TARGET_H */ 26#endif /* _XT_DSCP_TARGET_H */
diff --git a/include/linux/netfilter/xt_MARK.h b/include/linux/netfilter/xt_MARK.h
index 778b278fd9f2..028304bcc0b1 100644
--- a/include/linux/netfilter/xt_MARK.h
+++ b/include/linux/netfilter/xt_MARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_MARK_H_target 1#ifndef _XT_MARK_H_target
2#define _XT_MARK_H_target 2#define _XT_MARK_H_target
3 3
4#include <linux/types.h>
5
4/* Version 0 */ 6/* Version 0 */
5struct xt_mark_target_info { 7struct xt_mark_target_info {
6 unsigned long mark; 8 unsigned long mark;
@@ -15,11 +17,11 @@ enum {
15 17
16struct xt_mark_target_info_v1 { 18struct xt_mark_target_info_v1 {
17 unsigned long mark; 19 unsigned long mark;
18 u_int8_t mode; 20 __u8 mode;
19}; 21};
20 22
21struct xt_mark_tginfo2 { 23struct xt_mark_tginfo2 {
22 u_int32_t mark, mask; 24 __u32 mark, mask;
23}; 25};
24 26
25#endif /*_XT_MARK_H_target */ 27#endif /*_XT_MARK_H_target */
diff --git a/include/linux/netfilter/xt_NFLOG.h b/include/linux/netfilter/xt_NFLOG.h
index cdcd0ed58f7a..eaac7b5226e9 100644
--- a/include/linux/netfilter/xt_NFLOG.h
+++ b/include/linux/netfilter/xt_NFLOG.h
@@ -1,17 +1,19 @@
1#ifndef _XT_NFLOG_TARGET 1#ifndef _XT_NFLOG_TARGET
2#define _XT_NFLOG_TARGET 2#define _XT_NFLOG_TARGET
3 3
4#include <linux/types.h>
5
4#define XT_NFLOG_DEFAULT_GROUP 0x1 6#define XT_NFLOG_DEFAULT_GROUP 0x1
5#define XT_NFLOG_DEFAULT_THRESHOLD 1 7#define XT_NFLOG_DEFAULT_THRESHOLD 1
6 8
7#define XT_NFLOG_MASK 0x0 9#define XT_NFLOG_MASK 0x0
8 10
9struct xt_nflog_info { 11struct xt_nflog_info {
10 u_int32_t len; 12 __u32 len;
11 u_int16_t group; 13 __u16 group;
12 u_int16_t threshold; 14 __u16 threshold;
13 u_int16_t flags; 15 __u16 flags;
14 u_int16_t pad; 16 __u16 pad;
15 char prefix[64]; 17 char prefix[64];
16}; 18};
17 19
diff --git a/include/linux/netfilter/xt_NFQUEUE.h b/include/linux/netfilter/xt_NFQUEUE.h
index 9a9af79f74d2..982a89f78272 100644
--- a/include/linux/netfilter/xt_NFQUEUE.h
+++ b/include/linux/netfilter/xt_NFQUEUE.h
@@ -8,9 +8,11 @@
8#ifndef _XT_NFQ_TARGET_H 8#ifndef _XT_NFQ_TARGET_H
9#define _XT_NFQ_TARGET_H 9#define _XT_NFQ_TARGET_H
10 10
11#include <linux/types.h>
12
11/* target info */ 13/* target info */
12struct xt_NFQ_info { 14struct xt_NFQ_info {
13 u_int16_t queuenum; 15 __u16 queuenum;
14}; 16};
15 17
16#endif /* _XT_NFQ_TARGET_H */ 18#endif /* _XT_NFQ_TARGET_H */
diff --git a/include/linux/netfilter/xt_RATEEST.h b/include/linux/netfilter/xt_RATEEST.h
index f79e3133cbea..6605e20ad8cf 100644
--- a/include/linux/netfilter/xt_RATEEST.h
+++ b/include/linux/netfilter/xt_RATEEST.h
@@ -1,10 +1,12 @@
1#ifndef _XT_RATEEST_TARGET_H 1#ifndef _XT_RATEEST_TARGET_H
2#define _XT_RATEEST_TARGET_H 2#define _XT_RATEEST_TARGET_H
3 3
4#include <linux/types.h>
5
4struct xt_rateest_target_info { 6struct xt_rateest_target_info {
5 char name[IFNAMSIZ]; 7 char name[IFNAMSIZ];
6 int8_t interval; 8 __s8 interval;
7 u_int8_t ewma_log; 9 __u8 ewma_log;
8 10
9 /* Used internally by the kernel */ 11 /* Used internally by the kernel */
10 struct xt_rateest *est __attribute__((aligned(8))); 12 struct xt_rateest *est __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_SECMARK.h b/include/linux/netfilter/xt_SECMARK.h
index c53fbffa997d..6fcd3448b186 100644
--- a/include/linux/netfilter/xt_SECMARK.h
+++ b/include/linux/netfilter/xt_SECMARK.h
@@ -1,6 +1,8 @@
1#ifndef _XT_SECMARK_H_target 1#ifndef _XT_SECMARK_H_target
2#define _XT_SECMARK_H_target 2#define _XT_SECMARK_H_target
3 3
4#include <linux/types.h>
5
4/* 6/*
5 * This is intended for use by various security subsystems (but not 7 * This is intended for use by various security subsystems (but not
6 * at the same time). 8 * at the same time).
@@ -12,12 +14,12 @@
12#define SECMARK_SELCTX_MAX 256 14#define SECMARK_SELCTX_MAX 256
13 15
14struct xt_secmark_target_selinux_info { 16struct xt_secmark_target_selinux_info {
15 u_int32_t selsid; 17 __u32 selsid;
16 char selctx[SECMARK_SELCTX_MAX]; 18 char selctx[SECMARK_SELCTX_MAX];
17}; 19};
18 20
19struct xt_secmark_target_info { 21struct xt_secmark_target_info {
20 u_int8_t mode; 22 __u8 mode;
21 union { 23 union {
22 struct xt_secmark_target_selinux_info sel; 24 struct xt_secmark_target_selinux_info sel;
23 } u; 25 } u;
diff --git a/include/linux/netfilter/xt_TCPMSS.h b/include/linux/netfilter/xt_TCPMSS.h
index 53a292cd47f3..9a6960afc134 100644
--- a/include/linux/netfilter/xt_TCPMSS.h
+++ b/include/linux/netfilter/xt_TCPMSS.h
@@ -1,8 +1,10 @@
1#ifndef _XT_TCPMSS_H 1#ifndef _XT_TCPMSS_H
2#define _XT_TCPMSS_H 2#define _XT_TCPMSS_H
3 3
4#include <linux/types.h>
5
4struct xt_tcpmss_info { 6struct xt_tcpmss_info {
5 u_int16_t mss; 7 __u16 mss;
6}; 8};
7 9
8#define XT_TCPMSS_CLAMP_PMTU 0xffff 10#define XT_TCPMSS_CLAMP_PMTU 0xffff
diff --git a/include/linux/netfilter/xt_connbytes.h b/include/linux/netfilter/xt_connbytes.h
index c022c989754d..52bd6153b996 100644
--- a/include/linux/netfilter/xt_connbytes.h
+++ b/include/linux/netfilter/xt_connbytes.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNBYTES_H 1#ifndef _XT_CONNBYTES_H
2#define _XT_CONNBYTES_H 2#define _XT_CONNBYTES_H
3 3
4#include <linux/types.h>
5
4enum xt_connbytes_what { 6enum xt_connbytes_what {
5 XT_CONNBYTES_PKTS, 7 XT_CONNBYTES_PKTS,
6 XT_CONNBYTES_BYTES, 8 XT_CONNBYTES_BYTES,
@@ -19,7 +21,7 @@ struct xt_connbytes_info
19 aligned_u64 from; /* count to be matched */ 21 aligned_u64 from; /* count to be matched */
20 aligned_u64 to; /* count to be matched */ 22 aligned_u64 to; /* count to be matched */
21 } count; 23 } count;
22 u_int8_t what; /* ipt_connbytes_what */ 24 __u8 what; /* ipt_connbytes_what */
23 u_int8_t direction; /* ipt_connbytes_direction */ 25 __u8 direction; /* ipt_connbytes_direction */
24}; 26};
25#endif 27#endif
diff --git a/include/linux/netfilter/xt_connmark.h b/include/linux/netfilter/xt_connmark.h
index 359ef86918dc..571e266d004c 100644
--- a/include/linux/netfilter/xt_connmark.h
+++ b/include/linux/netfilter/xt_connmark.h
@@ -1,6 +1,8 @@
1#ifndef _XT_CONNMARK_H 1#ifndef _XT_CONNMARK_H
2#define _XT_CONNMARK_H 2#define _XT_CONNMARK_H
3 3
4#include <linux/types.h>
5
4/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 6/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
5 * by Henrik Nordstrom <hno@marasystems.com> 7 * by Henrik Nordstrom <hno@marasystems.com>
6 * 8 *
@@ -12,12 +14,12 @@
12 14
13struct xt_connmark_info { 15struct xt_connmark_info {
14 unsigned long mark, mask; 16 unsigned long mark, mask;
15 u_int8_t invert; 17 __u8 invert;
16}; 18};
17 19
18struct xt_connmark_mtinfo1 { 20struct xt_connmark_mtinfo1 {
19 u_int32_t mark, mask; 21 __u32 mark, mask;
20 u_int8_t invert; 22 __u8 invert;
21}; 23};
22 24
23#endif /*_XT_CONNMARK_H*/ 25#endif /*_XT_CONNMARK_H*/
diff --git a/include/linux/netfilter/xt_conntrack.h b/include/linux/netfilter/xt_conntrack.h
index 8f5345275393..3430c7751948 100644
--- a/include/linux/netfilter/xt_conntrack.h
+++ b/include/linux/netfilter/xt_conntrack.h
@@ -63,9 +63,9 @@ struct xt_conntrack_info
63 unsigned long expires_min, expires_max; 63 unsigned long expires_min, expires_max;
64 64
65 /* Flags word */ 65 /* Flags word */
66 u_int8_t flags; 66 __u8 flags;
67 /* Inverse flags */ 67 /* Inverse flags */
68 u_int8_t invflags; 68 __u8 invflags;
69}; 69};
70 70
71struct xt_conntrack_mtinfo1 { 71struct xt_conntrack_mtinfo1 {
@@ -73,12 +73,12 @@ struct xt_conntrack_mtinfo1 {
73 union nf_inet_addr origdst_addr, origdst_mask; 73 union nf_inet_addr origdst_addr, origdst_mask;
74 union nf_inet_addr replsrc_addr, replsrc_mask; 74 union nf_inet_addr replsrc_addr, replsrc_mask;
75 union nf_inet_addr repldst_addr, repldst_mask; 75 union nf_inet_addr repldst_addr, repldst_mask;
76 u_int32_t expires_min, expires_max; 76 __u32 expires_min, expires_max;
77 u_int16_t l4proto; 77 __u16 l4proto;
78 __be16 origsrc_port, origdst_port; 78 __be16 origsrc_port, origdst_port;
79 __be16 replsrc_port, repldst_port; 79 __be16 replsrc_port, repldst_port;
80 u_int16_t match_flags, invert_flags; 80 __u16 match_flags, invert_flags;
81 u_int8_t state_mask, status_mask; 81 __u8 state_mask, status_mask;
82}; 82};
83 83
84#endif /*_XT_CONNTRACK_H*/ 84#endif /*_XT_CONNTRACK_H*/
diff --git a/include/linux/netfilter/xt_dccp.h b/include/linux/netfilter/xt_dccp.h
index e0221b9d32cb..a579e1b6f040 100644
--- a/include/linux/netfilter/xt_dccp.h
+++ b/include/linux/netfilter/xt_dccp.h
@@ -1,6 +1,8 @@
1#ifndef _XT_DCCP_H_ 1#ifndef _XT_DCCP_H_
2#define _XT_DCCP_H_ 2#define _XT_DCCP_H_
3 3
4#include <linux/types.h>
5
4#define XT_DCCP_SRC_PORTS 0x01 6#define XT_DCCP_SRC_PORTS 0x01
5#define XT_DCCP_DEST_PORTS 0x02 7#define XT_DCCP_DEST_PORTS 0x02
6#define XT_DCCP_TYPE 0x04 8#define XT_DCCP_TYPE 0x04
@@ -9,14 +11,14 @@
9#define XT_DCCP_VALID_FLAGS 0x0f 11#define XT_DCCP_VALID_FLAGS 0x0f
10 12
11struct xt_dccp_info { 13struct xt_dccp_info {
12 u_int16_t dpts[2]; /* Min, Max */ 14 __u16 dpts[2]; /* Min, Max */
13 u_int16_t spts[2]; /* Min, Max */ 15 __u16 spts[2]; /* Min, Max */
14 16
15 u_int16_t flags; 17 __u16 flags;
16 u_int16_t invflags; 18 __u16 invflags;
17 19
18 u_int16_t typemask; 20 __u16 typemask;
19 u_int8_t option; 21 __u8 option;
20}; 22};
21 23
22#endif /* _XT_DCCP_H_ */ 24#endif /* _XT_DCCP_H_ */
diff --git a/include/linux/netfilter/xt_dscp.h b/include/linux/netfilter/xt_dscp.h
index f49bc1a648dc..15f8932ad5ce 100644
--- a/include/linux/netfilter/xt_dscp.h
+++ b/include/linux/netfilter/xt_dscp.h
@@ -10,20 +10,22 @@
10#ifndef _XT_DSCP_H 10#ifndef _XT_DSCP_H
11#define _XT_DSCP_H 11#define _XT_DSCP_H
12 12
13#include <linux/types.h>
14
13#define XT_DSCP_MASK 0xfc /* 11111100 */ 15#define XT_DSCP_MASK 0xfc /* 11111100 */
14#define XT_DSCP_SHIFT 2 16#define XT_DSCP_SHIFT 2
15#define XT_DSCP_MAX 0x3f /* 00111111 */ 17#define XT_DSCP_MAX 0x3f /* 00111111 */
16 18
17/* match info */ 19/* match info */
18struct xt_dscp_info { 20struct xt_dscp_info {
19 u_int8_t dscp; 21 __u8 dscp;
20 u_int8_t invert; 22 __u8 invert;
21}; 23};
22 24
23struct xt_tos_match_info { 25struct xt_tos_match_info {
24 u_int8_t tos_mask; 26 __u8 tos_mask;
25 u_int8_t tos_value; 27 __u8 tos_value;
26 u_int8_t invert; 28 __u8 invert;
27}; 29};
28 30
29#endif /* _XT_DSCP_H */ 31#endif /* _XT_DSCP_H */
diff --git a/include/linux/netfilter/xt_esp.h b/include/linux/netfilter/xt_esp.h
index 9380fb1c27da..ef6fa4747d0a 100644
--- a/include/linux/netfilter/xt_esp.h
+++ b/include/linux/netfilter/xt_esp.h
@@ -1,10 +1,12 @@
1#ifndef _XT_ESP_H 1#ifndef _XT_ESP_H
2#define _XT_ESP_H 2#define _XT_ESP_H
3 3
4#include <linux/types.h>
5
4struct xt_esp 6struct xt_esp
5{ 7{
6 u_int32_t spis[2]; /* Security Parameter Index */ 8 __u32 spis[2]; /* Security Parameter Index */
7 u_int8_t invflags; /* Inverse flags */ 9 __u8 invflags; /* Inverse flags */
8}; 10};
9 11
10/* Values for "invflags" field in struct xt_esp. */ 12/* Values for "invflags" field in struct xt_esp. */
diff --git a/include/linux/netfilter/xt_hashlimit.h b/include/linux/netfilter/xt_hashlimit.h
index 51b18d83b477..b1925b5925e9 100644
--- a/include/linux/netfilter/xt_hashlimit.h
+++ b/include/linux/netfilter/xt_hashlimit.h
@@ -1,6 +1,8 @@
1#ifndef _XT_HASHLIMIT_H 1#ifndef _XT_HASHLIMIT_H
2#define _XT_HASHLIMIT_H 2#define _XT_HASHLIMIT_H
3 3
4#include <linux/types.h>
5
4/* timings are in milliseconds. */ 6/* timings are in milliseconds. */
5#define XT_HASHLIMIT_SCALE 10000 7#define XT_HASHLIMIT_SCALE 10000
6/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490 8/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
@@ -18,15 +20,15 @@ enum {
18}; 20};
19 21
20struct hashlimit_cfg { 22struct hashlimit_cfg {
21 u_int32_t mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 23 __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */
22 u_int32_t avg; /* Average secs between packets * scale */ 24 __u32 avg; /* Average secs between packets * scale */
23 u_int32_t burst; /* Period multiplier for upper limit. */ 25 __u32 burst; /* Period multiplier for upper limit. */
24 26
25 /* user specified */ 27 /* user specified */
26 u_int32_t size; /* how many buckets */ 28 __u32 size; /* how many buckets */
27 u_int32_t max; /* max number of entries */ 29 __u32 max; /* max number of entries */
28 u_int32_t gc_interval; /* gc interval */ 30 __u32 gc_interval; /* gc interval */
29 u_int32_t expire; /* when do entries expire? */ 31 __u32 expire; /* when do entries expire? */
30}; 32};
31 33
32struct xt_hashlimit_info { 34struct xt_hashlimit_info {
@@ -42,17 +44,17 @@ struct xt_hashlimit_info {
42}; 44};
43 45
44struct hashlimit_cfg1 { 46struct hashlimit_cfg1 {
45 u_int32_t mode; /* bitmask of XT_HASHLIMIT_HASH_* */ 47 __u32 mode; /* bitmask of XT_HASHLIMIT_HASH_* */
46 u_int32_t avg; /* Average secs between packets * scale */ 48 __u32 avg; /* Average secs between packets * scale */
47 u_int32_t burst; /* Period multiplier for upper limit. */ 49 __u32 burst; /* Period multiplier for upper limit. */
48 50
49 /* user specified */ 51 /* user specified */
50 u_int32_t size; /* how many buckets */ 52 __u32 size; /* how many buckets */
51 u_int32_t max; /* max number of entries */ 53 __u32 max; /* max number of entries */
52 u_int32_t gc_interval; /* gc interval */ 54 __u32 gc_interval; /* gc interval */
53 u_int32_t expire; /* when do entries expire? */ 55 __u32 expire; /* when do entries expire? */
54 56
55 u_int8_t srcmask, dstmask; 57 __u8 srcmask, dstmask;
56}; 58};
57 59
58struct xt_hashlimit_mtinfo1 { 60struct xt_hashlimit_mtinfo1 {
diff --git a/include/linux/netfilter/xt_iprange.h b/include/linux/netfilter/xt_iprange.h
index a4299c7d3680..c1f21a779a45 100644
--- a/include/linux/netfilter/xt_iprange.h
+++ b/include/linux/netfilter/xt_iprange.h
@@ -1,6 +1,8 @@
1#ifndef _LINUX_NETFILTER_XT_IPRANGE_H 1#ifndef _LINUX_NETFILTER_XT_IPRANGE_H
2#define _LINUX_NETFILTER_XT_IPRANGE_H 1 2#define _LINUX_NETFILTER_XT_IPRANGE_H 1
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 IPRANGE_SRC = 1 << 0, /* match source IP address */ 7 IPRANGE_SRC = 1 << 0, /* match source IP address */
6 IPRANGE_DST = 1 << 1, /* match destination IP address */ 8 IPRANGE_DST = 1 << 1, /* match destination IP address */
@@ -11,7 +13,7 @@ enum {
11struct xt_iprange_mtinfo { 13struct xt_iprange_mtinfo {
12 union nf_inet_addr src_min, src_max; 14 union nf_inet_addr src_min, src_max;
13 union nf_inet_addr dst_min, dst_max; 15 union nf_inet_addr dst_min, dst_max;
14 u_int8_t flags; 16 __u8 flags;
15}; 17};
16 18
17#endif /* _LINUX_NETFILTER_XT_IPRANGE_H */ 19#endif /* _LINUX_NETFILTER_XT_IPRANGE_H */
diff --git a/include/linux/netfilter/xt_length.h b/include/linux/netfilter/xt_length.h
index 7c2b439f73fe..b82ed7c4b1e0 100644
--- a/include/linux/netfilter/xt_length.h
+++ b/include/linux/netfilter/xt_length.h
@@ -1,9 +1,11 @@
1#ifndef _XT_LENGTH_H 1#ifndef _XT_LENGTH_H
2#define _XT_LENGTH_H 2#define _XT_LENGTH_H
3 3
4#include <linux/types.h>
5
4struct xt_length_info { 6struct xt_length_info {
5 u_int16_t min, max; 7 __u16 min, max;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9#endif /*_XT_LENGTH_H*/ 11#endif /*_XT_LENGTH_H*/
diff --git a/include/linux/netfilter/xt_limit.h b/include/linux/netfilter/xt_limit.h
index b3ce65375ecb..190e98b1f7c9 100644
--- a/include/linux/netfilter/xt_limit.h
+++ b/include/linux/netfilter/xt_limit.h
@@ -1,19 +1,21 @@
1#ifndef _XT_RATE_H 1#ifndef _XT_RATE_H
2#define _XT_RATE_H 2#define _XT_RATE_H
3 3
4#include <linux/types.h>
5
4/* timings are in milliseconds. */ 6/* timings are in milliseconds. */
5#define XT_LIMIT_SCALE 10000 7#define XT_LIMIT_SCALE 10000
6 8
7/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490 9/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
8 seconds, or one every 59 hours. */ 10 seconds, or one every 59 hours. */
9struct xt_rateinfo { 11struct xt_rateinfo {
10 u_int32_t avg; /* Average secs between packets * scale */ 12 __u32 avg; /* Average secs between packets * scale */
11 u_int32_t burst; /* Period multiplier for upper limit. */ 13 __u32 burst; /* Period multiplier for upper limit. */
12 14
13 /* Used internally by the kernel */ 15 /* Used internally by the kernel */
14 unsigned long prev; 16 unsigned long prev;
15 u_int32_t credit; 17 __u32 credit;
16 u_int32_t credit_cap, cost; 18 __u32 credit_cap, cost;
17 19
18 /* Ugly, ugly fucker. */ 20 /* Ugly, ugly fucker. */
19 struct xt_rateinfo *master; 21 struct xt_rateinfo *master;
diff --git a/include/linux/netfilter/xt_mark.h b/include/linux/netfilter/xt_mark.h
index fae74bc3f34e..6fa460a3cc29 100644
--- a/include/linux/netfilter/xt_mark.h
+++ b/include/linux/netfilter/xt_mark.h
@@ -1,14 +1,16 @@
1#ifndef _XT_MARK_H 1#ifndef _XT_MARK_H
2#define _XT_MARK_H 2#define _XT_MARK_H
3 3
4#include <linux/types.h>
5
4struct xt_mark_info { 6struct xt_mark_info {
5 unsigned long mark, mask; 7 unsigned long mark, mask;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9struct xt_mark_mtinfo1 { 11struct xt_mark_mtinfo1 {
10 u_int32_t mark, mask; 12 __u32 mark, mask;
11 u_int8_t invert; 13 __u8 invert;
12}; 14};
13 15
14#endif /*_XT_MARK_H*/ 16#endif /*_XT_MARK_H*/
diff --git a/include/linux/netfilter/xt_multiport.h b/include/linux/netfilter/xt_multiport.h
index d49ee4183710..185db499fcbc 100644
--- a/include/linux/netfilter/xt_multiport.h
+++ b/include/linux/netfilter/xt_multiport.h
@@ -1,6 +1,8 @@
1#ifndef _XT_MULTIPORT_H 1#ifndef _XT_MULTIPORT_H
2#define _XT_MULTIPORT_H 2#define _XT_MULTIPORT_H
3 3
4#include <linux/types.h>
5
4enum xt_multiport_flags 6enum xt_multiport_flags
5{ 7{
6 XT_MULTIPORT_SOURCE, 8 XT_MULTIPORT_SOURCE,
@@ -13,18 +15,18 @@ enum xt_multiport_flags
13/* Must fit inside union xt_matchinfo: 16 bytes */ 15/* Must fit inside union xt_matchinfo: 16 bytes */
14struct xt_multiport 16struct xt_multiport
15{ 17{
16 u_int8_t flags; /* Type of comparison */ 18 __u8 flags; /* Type of comparison */
17 u_int8_t count; /* Number of ports */ 19 __u8 count; /* Number of ports */
18 u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ 20 __u16 ports[XT_MULTI_PORTS]; /* Ports */
19}; 21};
20 22
21struct xt_multiport_v1 23struct xt_multiport_v1
22{ 24{
23 u_int8_t flags; /* Type of comparison */ 25 __u8 flags; /* Type of comparison */
24 u_int8_t count; /* Number of ports */ 26 __u8 count; /* Number of ports */
25 u_int16_t ports[XT_MULTI_PORTS]; /* Ports */ 27 __u16 ports[XT_MULTI_PORTS]; /* Ports */
26 u_int8_t pflags[XT_MULTI_PORTS]; /* Port flags */ 28 __u8 pflags[XT_MULTI_PORTS]; /* Port flags */
27 u_int8_t invert; /* Invert flag */ 29 __u8 invert; /* Invert flag */
28}; 30};
29 31
30#endif /*_XT_MULTIPORT_H*/ 32#endif /*_XT_MULTIPORT_H*/
diff --git a/include/linux/netfilter/xt_owner.h b/include/linux/netfilter/xt_owner.h
index c84e52cfe415..2081761714b5 100644
--- a/include/linux/netfilter/xt_owner.h
+++ b/include/linux/netfilter/xt_owner.h
@@ -1,6 +1,8 @@
1#ifndef _XT_OWNER_MATCH_H 1#ifndef _XT_OWNER_MATCH_H
2#define _XT_OWNER_MATCH_H 2#define _XT_OWNER_MATCH_H
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 XT_OWNER_UID = 1 << 0, 7 XT_OWNER_UID = 1 << 0,
6 XT_OWNER_GID = 1 << 1, 8 XT_OWNER_GID = 1 << 1,
@@ -8,9 +10,9 @@ enum {
8}; 10};
9 11
10struct xt_owner_match_info { 12struct xt_owner_match_info {
11 u_int32_t uid_min, uid_max; 13 __u32 uid_min, uid_max;
12 u_int32_t gid_min, gid_max; 14 __u32 gid_min, gid_max;
13 u_int8_t match, invert; 15 __u8 match, invert;
14}; 16};
15 17
16#endif /* _XT_OWNER_MATCH_H */ 18#endif /* _XT_OWNER_MATCH_H */
diff --git a/include/linux/netfilter/xt_physdev.h b/include/linux/netfilter/xt_physdev.h
index 25a7a1815b5b..8555e399886d 100644
--- a/include/linux/netfilter/xt_physdev.h
+++ b/include/linux/netfilter/xt_physdev.h
@@ -1,6 +1,8 @@
1#ifndef _XT_PHYSDEV_H 1#ifndef _XT_PHYSDEV_H
2#define _XT_PHYSDEV_H 2#define _XT_PHYSDEV_H
3 3
4#include <linux/types.h>
5
4#ifdef __KERNEL__ 6#ifdef __KERNEL__
5#include <linux/if.h> 7#include <linux/if.h>
6#endif 8#endif
@@ -17,8 +19,8 @@ struct xt_physdev_info {
17 char in_mask[IFNAMSIZ]; 19 char in_mask[IFNAMSIZ];
18 char physoutdev[IFNAMSIZ]; 20 char physoutdev[IFNAMSIZ];
19 char out_mask[IFNAMSIZ]; 21 char out_mask[IFNAMSIZ];
20 u_int8_t invert; 22 __u8 invert;
21 u_int8_t bitmask; 23 __u8 bitmask;
22}; 24};
23 25
24#endif /*_XT_PHYSDEV_H*/ 26#endif /*_XT_PHYSDEV_H*/
diff --git a/include/linux/netfilter/xt_policy.h b/include/linux/netfilter/xt_policy.h
index 053d8cc65464..7bb64e7c853d 100644
--- a/include/linux/netfilter/xt_policy.h
+++ b/include/linux/netfilter/xt_policy.h
@@ -1,6 +1,8 @@
1#ifndef _XT_POLICY_H 1#ifndef _XT_POLICY_H
2#define _XT_POLICY_H 2#define _XT_POLICY_H
3 3
4#include <linux/types.h>
5
4#define XT_POLICY_MAX_ELEM 4 6#define XT_POLICY_MAX_ELEM 4
5 7
6enum xt_policy_flags 8enum xt_policy_flags
@@ -19,7 +21,7 @@ enum xt_policy_modes
19 21
20struct xt_policy_spec 22struct xt_policy_spec
21{ 23{
22 u_int8_t saddr:1, 24 __u8 saddr:1,
23 daddr:1, 25 daddr:1,
24 proto:1, 26 proto:1,
25 mode:1, 27 mode:1,
@@ -55,9 +57,9 @@ struct xt_policy_elem
55#endif 57#endif
56 }; 58 };
57 __be32 spi; 59 __be32 spi;
58 u_int32_t reqid; 60 __u32 reqid;
59 u_int8_t proto; 61 __u8 proto;
60 u_int8_t mode; 62 __u8 mode;
61 63
62 struct xt_policy_spec match; 64 struct xt_policy_spec match;
63 struct xt_policy_spec invert; 65 struct xt_policy_spec invert;
@@ -66,8 +68,8 @@ struct xt_policy_elem
66struct xt_policy_info 68struct xt_policy_info
67{ 69{
68 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM]; 70 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM];
69 u_int16_t flags; 71 __u16 flags;
70 u_int16_t len; 72 __u16 len;
71}; 73};
72 74
73#endif /* _XT_POLICY_H */ 75#endif /* _XT_POLICY_H */
diff --git a/include/linux/netfilter/xt_rateest.h b/include/linux/netfilter/xt_rateest.h
index 2010cb74250f..d40a6196842a 100644
--- a/include/linux/netfilter/xt_rateest.h
+++ b/include/linux/netfilter/xt_rateest.h
@@ -1,6 +1,8 @@
1#ifndef _XT_RATEEST_MATCH_H 1#ifndef _XT_RATEEST_MATCH_H
2#define _XT_RATEEST_MATCH_H 2#define _XT_RATEEST_MATCH_H
3 3
4#include <linux/types.h>
5
4enum xt_rateest_match_flags { 6enum xt_rateest_match_flags {
5 XT_RATEEST_MATCH_INVERT = 1<<0, 7 XT_RATEEST_MATCH_INVERT = 1<<0,
6 XT_RATEEST_MATCH_ABS = 1<<1, 8 XT_RATEEST_MATCH_ABS = 1<<1,
@@ -20,12 +22,12 @@ enum xt_rateest_match_mode {
20struct xt_rateest_match_info { 22struct xt_rateest_match_info {
21 char name1[IFNAMSIZ]; 23 char name1[IFNAMSIZ];
22 char name2[IFNAMSIZ]; 24 char name2[IFNAMSIZ];
23 u_int16_t flags; 25 __u16 flags;
24 u_int16_t mode; 26 __u16 mode;
25 u_int32_t bps1; 27 __u32 bps1;
26 u_int32_t pps1; 28 __u32 pps1;
27 u_int32_t bps2; 29 __u32 bps2;
28 u_int32_t pps2; 30 __u32 pps2;
29 31
30 /* Used internally by the kernel */ 32 /* Used internally by the kernel */
31 struct xt_rateest *est1 __attribute__((aligned(8))); 33 struct xt_rateest *est1 __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_realm.h b/include/linux/netfilter/xt_realm.h
index 220e87245716..d4a82ee56a02 100644
--- a/include/linux/netfilter/xt_realm.h
+++ b/include/linux/netfilter/xt_realm.h
@@ -1,10 +1,12 @@
1#ifndef _XT_REALM_H 1#ifndef _XT_REALM_H
2#define _XT_REALM_H 2#define _XT_REALM_H
3 3
4#include <linux/types.h>
5
4struct xt_realm_info { 6struct xt_realm_info {
5 u_int32_t id; 7 __u32 id;
6 u_int32_t mask; 8 __u32 mask;
7 u_int8_t invert; 9 __u8 invert;
8}; 10};
9 11
10#endif /* _XT_REALM_H */ 12#endif /* _XT_REALM_H */
diff --git a/include/linux/netfilter/xt_recent.h b/include/linux/netfilter/xt_recent.h
index 5cfeb81c6794..d2c276609925 100644
--- a/include/linux/netfilter/xt_recent.h
+++ b/include/linux/netfilter/xt_recent.h
@@ -1,6 +1,8 @@
1#ifndef _LINUX_NETFILTER_XT_RECENT_H 1#ifndef _LINUX_NETFILTER_XT_RECENT_H
2#define _LINUX_NETFILTER_XT_RECENT_H 1 2#define _LINUX_NETFILTER_XT_RECENT_H 1
3 3
4#include <linux/types.h>
5
4enum { 6enum {
5 XT_RECENT_CHECK = 1 << 0, 7 XT_RECENT_CHECK = 1 << 0,
6 XT_RECENT_SET = 1 << 1, 8 XT_RECENT_SET = 1 << 1,
@@ -15,12 +17,12 @@ enum {
15}; 17};
16 18
17struct xt_recent_mtinfo { 19struct xt_recent_mtinfo {
18 u_int32_t seconds; 20 __u32 seconds;
19 u_int32_t hit_count; 21 __u32 hit_count;
20 u_int8_t check_set; 22 __u8 check_set;
21 u_int8_t invert; 23 __u8 invert;
22 char name[XT_RECENT_NAME_LEN]; 24 char name[XT_RECENT_NAME_LEN];
23 u_int8_t side; 25 __u8 side;
24}; 26};
25 27
26#endif /* _LINUX_NETFILTER_XT_RECENT_H */ 28#endif /* _LINUX_NETFILTER_XT_RECENT_H */
diff --git a/include/linux/netfilter/xt_sctp.h b/include/linux/netfilter/xt_sctp.h
index 32000ba6ecef..29287be696a2 100644
--- a/include/linux/netfilter/xt_sctp.h
+++ b/include/linux/netfilter/xt_sctp.h
@@ -1,6 +1,8 @@
1#ifndef _XT_SCTP_H_ 1#ifndef _XT_SCTP_H_
2#define _XT_SCTP_H_ 2#define _XT_SCTP_H_
3 3
4#include <linux/types.h>
5
4#define XT_SCTP_SRC_PORTS 0x01 6#define XT_SCTP_SRC_PORTS 0x01
5#define XT_SCTP_DEST_PORTS 0x02 7#define XT_SCTP_DEST_PORTS 0x02
6#define XT_SCTP_CHUNK_TYPES 0x04 8#define XT_SCTP_CHUNK_TYPES 0x04
@@ -8,49 +10,49 @@
8#define XT_SCTP_VALID_FLAGS 0x07 10#define XT_SCTP_VALID_FLAGS 0x07
9 11
10struct xt_sctp_flag_info { 12struct xt_sctp_flag_info {
11 u_int8_t chunktype; 13 __u8 chunktype;
12 u_int8_t flag; 14 __u8 flag;
13 u_int8_t flag_mask; 15 __u8 flag_mask;
14}; 16};
15 17
16#define XT_NUM_SCTP_FLAGS 4 18#define XT_NUM_SCTP_FLAGS 4
17 19
18struct xt_sctp_info { 20struct xt_sctp_info {
19 u_int16_t dpts[2]; /* Min, Max */ 21 __u16 dpts[2]; /* Min, Max */
20 u_int16_t spts[2]; /* Min, Max */ 22 __u16 spts[2]; /* Min, Max */
21 23
22 u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ 24 __u32 chunkmap[256 / sizeof (__u32)]; /* Bit mask of chunks to be matched according to RFC 2960 */
23 25
24#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */ 26#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */
25#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */ 27#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */
26#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */ 28#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */
27 29
28 u_int32_t chunk_match_type; 30 __u32 chunk_match_type;
29 struct xt_sctp_flag_info flag_info[XT_NUM_SCTP_FLAGS]; 31 struct xt_sctp_flag_info flag_info[XT_NUM_SCTP_FLAGS];
30 int flag_count; 32 int flag_count;
31 33
32 u_int32_t flags; 34 __u32 flags;
33 u_int32_t invflags; 35 __u32 invflags;
34}; 36};
35 37
36#define bytes(type) (sizeof(type) * 8) 38#define bytes(type) (sizeof(type) * 8)
37 39
38#define SCTP_CHUNKMAP_SET(chunkmap, type) \ 40#define SCTP_CHUNKMAP_SET(chunkmap, type) \
39 do { \ 41 do { \
40 (chunkmap)[type / bytes(u_int32_t)] |= \ 42 (chunkmap)[type / bytes(__u32)] |= \
41 1 << (type % bytes(u_int32_t)); \ 43 1 << (type % bytes(__u32)); \
42 } while (0) 44 } while (0)
43 45
44#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ 46#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \
45 do { \ 47 do { \
46 (chunkmap)[type / bytes(u_int32_t)] &= \ 48 (chunkmap)[type / bytes(__u32)] &= \
47 ~(1 << (type % bytes(u_int32_t))); \ 49 ~(1 << (type % bytes(__u32))); \
48 } while (0) 50 } while (0)
49 51
50#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ 52#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \
51({ \ 53({ \
52 ((chunkmap)[type / bytes (u_int32_t)] & \ 54 ((chunkmap)[type / bytes (__u32)] & \
53 (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ 55 (1 << (type % bytes (__u32)))) ? 1: 0; \
54}) 56})
55 57
56#define SCTP_CHUNKMAP_RESET(chunkmap) \ 58#define SCTP_CHUNKMAP_RESET(chunkmap) \
@@ -65,7 +67,7 @@ struct xt_sctp_info {
65#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ 67#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
66 __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap)) 68 __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap))
67static inline bool 69static inline bool
68__sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n) 70__sctp_chunkmap_is_clear(const __u32 *chunkmap, unsigned int n)
69{ 71{
70 unsigned int i; 72 unsigned int i;
71 for (i = 0; i < n; ++i) 73 for (i = 0; i < n; ++i)
@@ -77,7 +79,7 @@ __sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n)
77#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ 79#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
78 __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap)) 80 __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap))
79static inline bool 81static inline bool
80__sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n) 82__sctp_chunkmap_is_all_set(const __u32 *chunkmap, unsigned int n)
81{ 83{
82 unsigned int i; 84 unsigned int i;
83 for (i = 0; i < n; ++i) 85 for (i = 0; i < n; ++i)
diff --git a/include/linux/netfilter/xt_statistic.h b/include/linux/netfilter/xt_statistic.h
index 3d38bc975048..095f3c66f456 100644
--- a/include/linux/netfilter/xt_statistic.h
+++ b/include/linux/netfilter/xt_statistic.h
@@ -1,6 +1,8 @@
1#ifndef _XT_STATISTIC_H 1#ifndef _XT_STATISTIC_H
2#define _XT_STATISTIC_H 2#define _XT_STATISTIC_H
3 3
4#include <linux/types.h>
5
4enum xt_statistic_mode { 6enum xt_statistic_mode {
5 XT_STATISTIC_MODE_RANDOM, 7 XT_STATISTIC_MODE_RANDOM,
6 XT_STATISTIC_MODE_NTH, 8 XT_STATISTIC_MODE_NTH,
@@ -14,17 +16,17 @@ enum xt_statistic_flags {
14#define XT_STATISTIC_MASK 0x1 16#define XT_STATISTIC_MASK 0x1
15 17
16struct xt_statistic_info { 18struct xt_statistic_info {
17 u_int16_t mode; 19 __u16 mode;
18 u_int16_t flags; 20 __u16 flags;
19 union { 21 union {
20 struct { 22 struct {
21 u_int32_t probability; 23 __u32 probability;
22 } random; 24 } random;
23 struct { 25 struct {
24 u_int32_t every; 26 __u32 every;
25 u_int32_t packet; 27 __u32 packet;
26 /* Used internally by the kernel */ 28 /* Used internally by the kernel */
27 u_int32_t count; 29 __u32 count;
28 } nth; 30 } nth;
29 } u; 31 } u;
30 struct xt_statistic_info *master __attribute__((aligned(8))); 32 struct xt_statistic_info *master __attribute__((aligned(8)));
diff --git a/include/linux/netfilter/xt_string.h b/include/linux/netfilter/xt_string.h
index 8a6ba7bbef9f..ecbb95fc89ed 100644
--- a/include/linux/netfilter/xt_string.h
+++ b/include/linux/netfilter/xt_string.h
@@ -1,6 +1,8 @@
1#ifndef _XT_STRING_H 1#ifndef _XT_STRING_H
2#define _XT_STRING_H 2#define _XT_STRING_H
3 3
4#include <linux/types.h>
5
4#define XT_STRING_MAX_PATTERN_SIZE 128 6#define XT_STRING_MAX_PATTERN_SIZE 128
5#define XT_STRING_MAX_ALGO_NAME_SIZE 16 7#define XT_STRING_MAX_ALGO_NAME_SIZE 16
6 8
@@ -11,18 +13,18 @@ enum {
11 13
12struct xt_string_info 14struct xt_string_info
13{ 15{
14 u_int16_t from_offset; 16 __u16 from_offset;
15 u_int16_t to_offset; 17 __u16 to_offset;
16 char algo[XT_STRING_MAX_ALGO_NAME_SIZE]; 18 char algo[XT_STRING_MAX_ALGO_NAME_SIZE];
17 char pattern[XT_STRING_MAX_PATTERN_SIZE]; 19 char pattern[XT_STRING_MAX_PATTERN_SIZE];
18 u_int8_t patlen; 20 __u8 patlen;
19 union { 21 union {
20 struct { 22 struct {
21 u_int8_t invert; 23 __u8 invert;
22 } v0; 24 } v0;
23 25
24 struct { 26 struct {
25 u_int8_t flags; 27 __u8 flags;
26 } v1; 28 } v1;
27 } u; 29 } u;
28 30
diff --git a/include/linux/netfilter/xt_tcpmss.h b/include/linux/netfilter/xt_tcpmss.h
index e03274c4c790..fbac56b9e667 100644
--- a/include/linux/netfilter/xt_tcpmss.h
+++ b/include/linux/netfilter/xt_tcpmss.h
@@ -1,9 +1,11 @@
1#ifndef _XT_TCPMSS_MATCH_H 1#ifndef _XT_TCPMSS_MATCH_H
2#define _XT_TCPMSS_MATCH_H 2#define _XT_TCPMSS_MATCH_H
3 3
4#include <linux/types.h>
5
4struct xt_tcpmss_match_info { 6struct xt_tcpmss_match_info {
5 u_int16_t mss_min, mss_max; 7 __u16 mss_min, mss_max;
6 u_int8_t invert; 8 __u8 invert;
7}; 9};
8 10
9#endif /*_XT_TCPMSS_MATCH_H*/ 11#endif /*_XT_TCPMSS_MATCH_H*/
diff --git a/include/linux/netfilter/xt_tcpudp.h b/include/linux/netfilter/xt_tcpudp.h
index 78bc65f11adf..a490a0bc1d29 100644
--- a/include/linux/netfilter/xt_tcpudp.h
+++ b/include/linux/netfilter/xt_tcpudp.h
@@ -1,15 +1,17 @@
1#ifndef _XT_TCPUDP_H 1#ifndef _XT_TCPUDP_H
2#define _XT_TCPUDP_H 2#define _XT_TCPUDP_H
3 3
4#include <linux/types.h>
5
4/* TCP matching stuff */ 6/* TCP matching stuff */
5struct xt_tcp 7struct xt_tcp
6{ 8{
7 u_int16_t spts[2]; /* Source port range. */ 9 __u16 spts[2]; /* Source port range. */
8 u_int16_t dpts[2]; /* Destination port range. */ 10 __u16 dpts[2]; /* Destination port range. */
9 u_int8_t option; /* TCP Option iff non-zero*/ 11 __u8 option; /* TCP Option iff non-zero*/
10 u_int8_t flg_mask; /* TCP flags mask byte */ 12 __u8 flg_mask; /* TCP flags mask byte */
11 u_int8_t flg_cmp; /* TCP flags compare byte */ 13 __u8 flg_cmp; /* TCP flags compare byte */
12 u_int8_t invflags; /* Inverse flags */ 14 __u8 invflags; /* Inverse flags */
13}; 15};
14 16
15/* Values for "inv" field in struct ipt_tcp. */ 17/* Values for "inv" field in struct ipt_tcp. */
@@ -22,9 +24,9 @@ struct xt_tcp
22/* UDP matching stuff */ 24/* UDP matching stuff */
23struct xt_udp 25struct xt_udp
24{ 26{
25 u_int16_t spts[2]; /* Source port range. */ 27 __u16 spts[2]; /* Source port range. */
26 u_int16_t dpts[2]; /* Destination port range. */ 28 __u16 dpts[2]; /* Destination port range. */
27 u_int8_t invflags; /* Inverse flags */ 29 __u8 invflags; /* Inverse flags */
28}; 30};
29 31
30/* Values for "invflags" field in struct ipt_udp. */ 32/* Values for "invflags" field in struct ipt_udp. */
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-20 01:16:32 -0500