1 #ifndef _X_TABLES_H 2 #define _X_TABLES_H 3 4 #define XT_FUNCTION_MAXNAMELEN 30 5 #define XT_TABLE_MAXNAMELEN 32 6 7 struct xt_entry_match 8 { 9 union { 10 struct { 11 u_int16_t match_size; 12 13 /* Used by userspace */ 14 char name[XT_FUNCTION_MAXNAMELEN-1]; 15 16 u_int8_t revision; 17 } user; 18 struct { 19 u_int16_t match_size; 20 21 /* Used inside the kernel */ 22 struct xt_match *match; 23 } kernel; 24 25 /* Total length */ 26 u_int16_t match_size; 27 } u; 28 29 unsigned char data[0]; 30 }; 31 32 struct xt_entry_target 33 { 34 union { 35 struct { 36 u_int16_t target_size; 37 38 /* Used by userspace */ 39 char name[XT_FUNCTION_MAXNAMELEN-1]; 40 41 u_int8_t revision; 42 } user; 43 struct { 44 u_int16_t target_size; 45 46 /* Used inside the kernel */ 47 struct xt_target *target; 48 } kernel; 49 50 /* Total length */ 51 u_int16_t target_size; 52 } u; 53 54 unsigned char data[0]; 55 }; 56 57 #define XT_TARGET_INIT(__name, __size) \ 58 { \ 59 .target.u.user = { \ 60 .target_size = XT_ALIGN(__size), \ 61 .name = __name, \ 62 }, \ 63 } 64 65 struct xt_standard_target 66 { 67 struct xt_entry_target target; 68 int verdict; 69 }; 70 71 /* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 72 * kernel supports, if >= revision. */ 73 struct xt_get_revision 74 { 75 char name[XT_FUNCTION_MAXNAMELEN-1]; 76 77 u_int8_t revision; 78 }; 79 80 /* CONTINUE verdict for targets */ 81 #define XT_CONTINUE 0xFFFFFFFF 82 83 /* For standard target */ 84 #define XT_RETURN (-NF_REPEAT - 1) 85 86 /* this is a dummy structure to find out the alignment requirement for a struct 87 * containing all the fundamental data types that are used in ipt_entry, 88 * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 89 * personal pleasure to remove it -HW 90 */ 91 struct _xt_align 92 { 93 u_int8_t u8; 94 u_int16_t u16; 95 u_int32_t u32; 96 u_int64_t u64; 97 }; 98 99 #define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \ 100 & ~(__alignof__(struct _xt_align)-1)) 101 102 /* Standard return verdict, or do jump. */ 103 #define XT_STANDARD_TARGET "" 104 /* Error verdict. */ 105 #define XT_ERROR_TARGET "ERROR" 106 107 #define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 108 #define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 109 110 struct xt_counters 111 { 112 u_int64_t pcnt, bcnt; /* Packet and byte counters */ 113 }; 114 115 /* The argument to IPT_SO_ADD_COUNTERS. */ 116 struct xt_counters_info 117 { 118 /* Which table. */ 119 char name[XT_TABLE_MAXNAMELEN]; 120 121 unsigned int num_counters; 122 123 /* The counters (actually `number' of these). */ 124 struct xt_counters counters[0]; 125 }; 126 127 #define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 128 129 /* fn returns 0 to continue iteration */ 130 #define XT_MATCH_ITERATE(type, e, fn, args...) \ 131 ({ \ 132 unsigned int __i; \ 133 int __ret = 0; \ 134 struct xt_entry_match *__m; \ 135 \ 136 for (__i = sizeof(type); \ 137 __i < (e)->target_offset; \ 138 __i += __m->u.match_size) { \ 139 __m = (void *)e + __i; \ 140 \ 141 __ret = fn(__m , ## args); \ 142 if (__ret != 0) \ 143 break; \ 144 } \ 145 __ret; \ 146 }) 147 148 /* fn returns 0 to continue iteration */ 149 #define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 150 ({ \ 151 unsigned int __i, __n; \ 152 int __ret = 0; \ 153 type *__entry; \ 154 \ 155 for (__i = 0, __n = 0; __i < (size); \ 156 __i += __entry->next_offset, __n++) { \ 157 __entry = (void *)(entries) + __i; \ 158 if (__n < n) \ 159 continue; \ 160 \ 161 __ret = fn(__entry , ## args); \ 162 if (__ret != 0) \ 163 break; \ 164 } \ 165 __ret; \ 166 }) 167 168 /* fn returns 0 to continue iteration */ 169 #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 170 XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 171 172 173 #endif /* _X_TABLES_H */ 174