1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2*4882a593Smuzhiyun #ifndef __LINUX_FIB_RULES_H 3*4882a593Smuzhiyun #define __LINUX_FIB_RULES_H 4*4882a593Smuzhiyun 5*4882a593Smuzhiyun #include <linux/types.h> 6*4882a593Smuzhiyun #include <linux/rtnetlink.h> 7*4882a593Smuzhiyun 8*4882a593Smuzhiyun /* rule is permanent, and cannot be deleted */ 9*4882a593Smuzhiyun #define FIB_RULE_PERMANENT 0x00000001 10*4882a593Smuzhiyun #define FIB_RULE_INVERT 0x00000002 11*4882a593Smuzhiyun #define FIB_RULE_UNRESOLVED 0x00000004 12*4882a593Smuzhiyun #define FIB_RULE_IIF_DETACHED 0x00000008 13*4882a593Smuzhiyun #define FIB_RULE_DEV_DETACHED FIB_RULE_IIF_DETACHED 14*4882a593Smuzhiyun #define FIB_RULE_OIF_DETACHED 0x00000010 15*4882a593Smuzhiyun 16*4882a593Smuzhiyun /* try to find source address in routing lookups */ 17*4882a593Smuzhiyun #define FIB_RULE_FIND_SADDR 0x00010000 18*4882a593Smuzhiyun 19*4882a593Smuzhiyun struct fib_rule_hdr { 20*4882a593Smuzhiyun __u8 family; 21*4882a593Smuzhiyun __u8 dst_len; 22*4882a593Smuzhiyun __u8 src_len; 23*4882a593Smuzhiyun __u8 tos; 24*4882a593Smuzhiyun 25*4882a593Smuzhiyun __u8 table; 26*4882a593Smuzhiyun __u8 res1; /* reserved */ 27*4882a593Smuzhiyun __u8 res2; /* reserved */ 28*4882a593Smuzhiyun __u8 action; 29*4882a593Smuzhiyun 30*4882a593Smuzhiyun __u32 flags; 31*4882a593Smuzhiyun }; 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun struct fib_rule_uid_range { 34*4882a593Smuzhiyun __u32 start; 35*4882a593Smuzhiyun __u32 end; 36*4882a593Smuzhiyun }; 37*4882a593Smuzhiyun 38*4882a593Smuzhiyun struct fib_rule_port_range { 39*4882a593Smuzhiyun __u16 start; 40*4882a593Smuzhiyun __u16 end; 41*4882a593Smuzhiyun }; 42*4882a593Smuzhiyun 43*4882a593Smuzhiyun enum { 44*4882a593Smuzhiyun FRA_UNSPEC, 45*4882a593Smuzhiyun FRA_DST, /* destination address */ 46*4882a593Smuzhiyun FRA_SRC, /* source address */ 47*4882a593Smuzhiyun FRA_IIFNAME, /* interface name */ 48*4882a593Smuzhiyun #define FRA_IFNAME FRA_IIFNAME 49*4882a593Smuzhiyun FRA_GOTO, /* target to jump to (FR_ACT_GOTO) */ 50*4882a593Smuzhiyun FRA_UNUSED2, 51*4882a593Smuzhiyun FRA_PRIORITY, /* priority/preference */ 52*4882a593Smuzhiyun FRA_UNUSED3, 53*4882a593Smuzhiyun FRA_UNUSED4, 54*4882a593Smuzhiyun FRA_UNUSED5, 55*4882a593Smuzhiyun FRA_FWMARK, /* mark */ 56*4882a593Smuzhiyun FRA_FLOW, /* flow/class id */ 57*4882a593Smuzhiyun FRA_TUN_ID, 58*4882a593Smuzhiyun FRA_SUPPRESS_IFGROUP, 59*4882a593Smuzhiyun FRA_SUPPRESS_PREFIXLEN, 60*4882a593Smuzhiyun FRA_TABLE, /* Extended table id */ 61*4882a593Smuzhiyun FRA_FWMASK, /* mask for netfilter mark */ 62*4882a593Smuzhiyun FRA_OIFNAME, 63*4882a593Smuzhiyun FRA_PAD, 64*4882a593Smuzhiyun FRA_L3MDEV, /* iif or oif is l3mdev goto its table */ 65*4882a593Smuzhiyun FRA_UID_RANGE, /* UID range */ 66*4882a593Smuzhiyun FRA_PROTOCOL, /* Originator of the rule */ 67*4882a593Smuzhiyun FRA_IP_PROTO, /* ip proto */ 68*4882a593Smuzhiyun FRA_SPORT_RANGE, /* sport */ 69*4882a593Smuzhiyun FRA_DPORT_RANGE, /* dport */ 70*4882a593Smuzhiyun __FRA_MAX 71*4882a593Smuzhiyun }; 72*4882a593Smuzhiyun 73*4882a593Smuzhiyun #define FRA_MAX (__FRA_MAX - 1) 74*4882a593Smuzhiyun 75*4882a593Smuzhiyun enum { 76*4882a593Smuzhiyun FR_ACT_UNSPEC, 77*4882a593Smuzhiyun FR_ACT_TO_TBL, /* Pass to fixed table */ 78*4882a593Smuzhiyun FR_ACT_GOTO, /* Jump to another rule */ 79*4882a593Smuzhiyun FR_ACT_NOP, /* No operation */ 80*4882a593Smuzhiyun FR_ACT_RES3, 81*4882a593Smuzhiyun FR_ACT_RES4, 82*4882a593Smuzhiyun FR_ACT_BLACKHOLE, /* Drop without notification */ 83*4882a593Smuzhiyun FR_ACT_UNREACHABLE, /* Drop with ENETUNREACH */ 84*4882a593Smuzhiyun FR_ACT_PROHIBIT, /* Drop with EACCES */ 85*4882a593Smuzhiyun __FR_ACT_MAX, 86*4882a593Smuzhiyun }; 87*4882a593Smuzhiyun 88*4882a593Smuzhiyun #define FR_ACT_MAX (__FR_ACT_MAX - 1) 89*4882a593Smuzhiyun 90*4882a593Smuzhiyun #endif 91