Back to home page

OSCL-LXR
 
 

     

0001 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
0002 #ifndef _UAPI__LINUX_NETFILTER_H
0003 #define _UAPI__LINUX_NETFILTER_H
0004 
0005 #include <linux/types.h>
0006 #include <linux/compiler.h>
0007 #include <linux/in.h>
0008 #include <linux/in6.h>
0009 
0010 /* Responses from hook functions. */
0011 #define NF_DROP 0
0012 #define NF_ACCEPT 1
0013 #define NF_STOLEN 2
0014 #define NF_QUEUE 3
0015 #define NF_REPEAT 4
0016 #define NF_STOP 5   /* Deprecated, for userspace nf_queue compatibility. */
0017 #define NF_MAX_VERDICT NF_STOP
0018 
0019 /* we overload the higher bits for encoding auxiliary data such as the queue
0020  * number or errno values. Not nice, but better than additional function
0021  * arguments. */
0022 #define NF_VERDICT_MASK 0x000000ff
0023 
0024 /* extra verdict flags have mask 0x0000ff00 */
0025 #define NF_VERDICT_FLAG_QUEUE_BYPASS    0x00008000
0026 
0027 /* queue number (NF_QUEUE) or errno (NF_DROP) */
0028 #define NF_VERDICT_QMASK 0xffff0000
0029 #define NF_VERDICT_QBITS 16
0030 
0031 #define NF_QUEUE_NR(x) ((((x) << 16) & NF_VERDICT_QMASK) | NF_QUEUE)
0032 
0033 #define NF_DROP_ERR(x) (((-x) << 16) | NF_DROP)
0034 
0035 /* only for userspace compatibility */
0036 #ifndef __KERNEL__
0037 
0038 /* NF_VERDICT_BITS should be 8 now, but userspace might break if this changes */
0039 #define NF_VERDICT_BITS 16
0040 #endif
0041 
0042 enum nf_inet_hooks {
0043     NF_INET_PRE_ROUTING,
0044     NF_INET_LOCAL_IN,
0045     NF_INET_FORWARD,
0046     NF_INET_LOCAL_OUT,
0047     NF_INET_POST_ROUTING,
0048     NF_INET_NUMHOOKS,
0049     NF_INET_INGRESS = NF_INET_NUMHOOKS,
0050 };
0051 
0052 enum nf_dev_hooks {
0053     NF_NETDEV_INGRESS,
0054     NF_NETDEV_EGRESS,
0055     NF_NETDEV_NUMHOOKS
0056 };
0057 
0058 enum {
0059     NFPROTO_UNSPEC =  0,
0060     NFPROTO_INET   =  1,
0061     NFPROTO_IPV4   =  2,
0062     NFPROTO_ARP    =  3,
0063     NFPROTO_NETDEV =  5,
0064     NFPROTO_BRIDGE =  7,
0065     NFPROTO_IPV6   = 10,
0066     NFPROTO_DECNET = 12,
0067     NFPROTO_NUMPROTO,
0068 };
0069 
0070 union nf_inet_addr {
0071     __u32       all[4];
0072     __be32      ip;
0073     __be32      ip6[4];
0074     struct in_addr  in;
0075     struct in6_addr in6;
0076 };
0077 
0078 #endif /* _UAPI__LINUX_NETFILTER_H */
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.1.0 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!