[GitHub/mt8127/android_kernel_alcatel_ttab.git] / include / linux / netfilter / x_tables.h

#ifndef _X_TABLES_H
#define _X_TABLES_H

#define XT_FUNCTION_MAXNAMELEN 30
#define XT_TABLE_MAXNAMELEN 32

/* The argument to IPT_SO_GET_REVISION_*.  Returns highest revision
 * kernel supports, if >= revision. */
struct xt_get_revision
{
	char name[XT_FUNCTION_MAXNAMELEN-1];

	u_int8_t revision;
};

/* CONTINUE verdict for targets */
#define XT_CONTINUE 0xFFFFFFFF

/* For standard target */
#define XT_RETURN (-NF_REPEAT - 1)

#define XT_ALIGN(s) (((s) + (__alignof__(u_int64_t)-1)) & ~(__alignof__(u_int64_t)-1))

/* Standard return verdict, or do jump. */
#define XT_STANDARD_TARGET ""
/* Error verdict. */
#define XT_ERROR_TARGET "ERROR"

/*
 * New IP firewall options for [gs]etsockopt at the RAW IP level.
 * Unlike BSD Linux inherits IP options so you don't have to use a raw
 * socket for this. Instead we check rights in the calls. */
#define XT_BASE_CTL		64	/* base for firewall socket options */

#define XT_SO_SET_REPLACE	(XT_BASE_CTL)
#define XT_SO_SET_ADD_COUNTERS	(XT_BASE_CTL + 1)
#define XT_SO_SET_MAX		XT_SO_SET_ADD_COUNTERS

#define XT_SO_GET_INFO			(XT_BASE_CTL)
#define XT_SO_GET_ENTRIES		(XT_BASE_CTL + 1)
#define XT_SO_GET_REVISION_MATCH	(XT_BASE_CTL + 2)
#define XT_SO_GET_REVISION_TARGET	(XT_BASE_CTL + 3)
#define XT_SO_GET_MAX			XT_SO_GET_REVISION_TARGET

#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0)
#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0)

struct xt_counters
{
	u_int64_t pcnt, bcnt;			/* Packet and byte counters */
};

/* The argument to IPT_SO_ADD_COUNTERS. */
struct xt_counters_info
{
	/* Which table. */
	char name[XT_TABLE_MAXNAMELEN];

	unsigned int num_counters;

	/* The counters (actually `number' of these). */
	struct xt_counters counters[0];
};

#define XT_INV_PROTO		0x40	/* Invert the sense of PROTO. */

#ifdef __KERNEL__

#include <linux/netdevice.h>

#define ASSERT_READ_LOCK(x)
#define ASSERT_WRITE_LOCK(x)
#include <linux/netfilter_ipv4/listhelp.h>

struct xt_match
{
	struct list_head list;

	const char name[XT_FUNCTION_MAXNAMELEN-1];

	u_int8_t revision;

	/* Return true or false: return FALSE and set *hotdrop = 1 to
           force immediate packet drop. */
	/* Arguments changed since 2.6.9, as this must now handle
	   non-linear skb, using skb_header_pointer and
	   skb_ip_make_writable. */
	int (*match)(const struct sk_buff *skb,
		     const struct net_device *in,
		     const struct net_device *out,
		     const void *matchinfo,
		     int offset,
		     unsigned int protoff,
		     int *hotdrop);

	/* Called when user tries to insert an entry of this type. */
	/* Should return true or false. */
	int (*checkentry)(const char *tablename,
			  const void *ip,
			  void *matchinfo,
			  unsigned int matchinfosize,
			  unsigned int hook_mask);

	/* Called when entry of this type deleted. */
	void (*destroy)(void *matchinfo, unsigned int matchinfosize);

	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
	struct module *me;
};

/* Registration hooks for targets. */
struct xt_target
{
	struct list_head list;

	const char name[XT_FUNCTION_MAXNAMELEN-1];

	u_int8_t revision;

	/* Returns verdict. Argument order changed since 2.6.9, as this
	   must now handle non-linear skbs, using skb_copy_bits and
	   skb_ip_make_writable. */
	unsigned int (*target)(struct sk_buff **pskb,
			       const struct net_device *in,
			       const struct net_device *out,
			       unsigned int hooknum,
			       const void *targinfo,
			       void *userdata);

	/* Called when user tries to insert an entry of this type:
           hook_mask is a bitmask of hooks from which it can be
           called. */
	/* Should return true or false. */
	int (*checkentry)(const char *tablename,
			  const void *entry,
			  void *targinfo,
			  unsigned int targinfosize,
			  unsigned int hook_mask);

	/* Called when entry of this type deleted. */
	void (*destroy)(void *targinfo, unsigned int targinfosize);

	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
	struct module *me;
};

/* Furniture shopping... */
struct xt_table
{
	struct list_head list;

	/* A unique name... */
	char name[XT_TABLE_MAXNAMELEN];

	/* What hooks you will enter on */
	unsigned int valid_hooks;

	/* Lock for the curtain */
	rwlock_t lock;

	/* Man behind the curtain... */
	//struct ip6t_table_info *private;
	void *private;

	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
	struct module *me;

	int af;		/* address/protocol family */
};

#include <linux/netfilter_ipv4.h>

/* The table itself */
struct xt_table_info
{
	/* Size per table */
	unsigned int size;
	/* Number of entries: FIXME. --RR */
	unsigned int number;
	/* Initial number of entries. Needed for module usage count */
	unsigned int initial_entries;

	/* Entry points and underflows */
	unsigned int hook_entry[NF_IP_NUMHOOKS];
	unsigned int underflow[NF_IP_NUMHOOKS];

	/* ipt_entry tables: one per CPU */
	char *entries[NR_CPUS];
};

extern int xt_register_target(int af, struct xt_target *target);
extern void xt_unregister_target(int af, struct xt_target *target);
extern int xt_register_match(int af, struct xt_match *target);
extern void xt_unregister_match(int af, struct xt_match *target);

extern int xt_register_table(struct xt_table *table,
			     struct xt_table_info *bootstrap,
			     struct xt_table_info *newinfo);
extern void *xt_unregister_table(struct xt_table *table);

extern struct xt_table_info *xt_replace_table(struct xt_table *table,
					      unsigned int num_counters,
					      struct xt_table_info *newinfo,
					      int *error);

extern struct xt_match *xt_find_match(int af, const char *name, u8 revision);
extern struct xt_target *xt_find_target(int af, const char *name, u8 revision);
extern struct xt_target *xt_request_find_target(int af, const char *name, 
						u8 revision);
extern int xt_find_revision(int af, const char *name, u8 revision, int target,
			    int *err);

extern struct xt_table *xt_find_table_lock(int af, const char *name);
extern void xt_table_unlock(struct xt_table *t);

extern int xt_proto_init(int af);
extern void xt_proto_fini(int af);

extern struct xt_table_info *xt_alloc_table_info(unsigned int size);
extern void xt_free_table_info(struct xt_table_info *info);

#endif /* __KERNEL__ */

#endif /* _X_TABLES_H */
Commit	Line	Data
2e4e6a17 HW	1	#ifndef _X_TABLES_H
	2	#define _X_TABLES_H
	3
	4	#define XT_FUNCTION_MAXNAMELEN 30
	5	#define XT_TABLE_MAXNAMELEN 32
	6
	7	/* The argument to IPT_SO_GET_REVISION_*. Returns highest revision
	8	* kernel supports, if >= revision. */
	9	struct xt_get_revision
	10	{
	11	char name[XT_FUNCTION_MAXNAMELEN-1];
	12
	13	u_int8_t revision;
	14	};
	15
	16	/* CONTINUE verdict for targets */
	17	#define XT_CONTINUE 0xFFFFFFFF
	18
	19	/* For standard target */
	20	#define XT_RETURN (-NF_REPEAT - 1)
	21
4f2d7680	22	#define XT_ALIGN(s) (((s) + (__alignof__(u_int64_t)-1)) & ~(__alignof__(u_int64_t)-1))
2e4e6a17 HW	23
	24	/* Standard return verdict, or do jump. */
	25	#define XT_STANDARD_TARGET ""
	26	/* Error verdict. */
	27	#define XT_ERROR_TARGET "ERROR"
	28
	29	/*
	30	* New IP firewall options for [gs]etsockopt at the RAW IP level.
	31	* Unlike BSD Linux inherits IP options so you don't have to use a raw
	32	* socket for this. Instead we check rights in the calls. */
	33	#define XT_BASE_CTL 64 /* base for firewall socket options */
	34
	35	#define XT_SO_SET_REPLACE (XT_BASE_CTL)
	36	#define XT_SO_SET_ADD_COUNTERS (XT_BASE_CTL + 1)
	37	#define XT_SO_SET_MAX XT_SO_SET_ADD_COUNTERS
	38
	39	#define XT_SO_GET_INFO (XT_BASE_CTL)
	40	#define XT_SO_GET_ENTRIES (XT_BASE_CTL + 1)
	41	#define XT_SO_GET_REVISION_MATCH (XT_BASE_CTL + 2)
	42	#define XT_SO_GET_REVISION_TARGET (XT_BASE_CTL + 3)
	43	#define XT_SO_GET_MAX XT_SO_GET_REVISION_TARGET
	44
	45	#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0)
	46	#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0)
	47
	48	struct xt_counters
	49	{
	50	u_int64_t pcnt, bcnt; /* Packet and byte counters */
	51	};
	52
	53	/* The argument to IPT_SO_ADD_COUNTERS. */
	54	struct xt_counters_info
	55	{
	56	/* Which table. */
	57	char name[XT_TABLE_MAXNAMELEN];
	58
	59	unsigned int num_counters;
	60
	61	/* The counters (actually `number' of these). */
	62	struct xt_counters counters[0];
	63	};
	64
	65	#define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */
	66
	67	#ifdef __KERNEL__
	68
	69	#include <linux/netdevice.h>
	70
	71	#define ASSERT_READ_LOCK(x)
	72	#define ASSERT_WRITE_LOCK(x)
	73	#include <linux/netfilter_ipv4/listhelp.h>
	74
	75	struct xt_match
	76	{
	77	struct list_head list;
	78
	79	const char name[XT_FUNCTION_MAXNAMELEN-1];
	80
	81	u_int8_t revision;
	82
	83	/* Return true or false: return FALSE and set *hotdrop = 1 to
	84	force immediate packet drop. */
	85	/* Arguments changed since 2.6.9, as this must now handle
	86	non-linear skb, using skb_header_pointer and
87	skb_ip_make_writable. */
88	int (match)(const struct sk_buff skb,
89	const struct net_device *in,
90	const struct net_device *out,
91	const void *matchinfo,
92	int offset,
93	unsigned int protoff,
94	int *hotdrop);
95
96	/* Called when user tries to insert an entry of this type. */
97	/* Should return true or false. */
98	int (checkentry)(const char tablename,
99	const void *ip,
100	void *matchinfo,
101	unsigned int matchinfosize,
102	unsigned int hook_mask);
103
104	/* Called when entry of this type deleted. */
105	void (destroy)(void matchinfo, unsigned int matchinfosize);
106
107	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
108	struct module *me;
109	};
110
111	/* Registration hooks for targets. */
112	struct xt_target
113	{
114	struct list_head list;
115
116	const char name[XT_FUNCTION_MAXNAMELEN-1];
117
118	u_int8_t revision;
119
120	/* Returns verdict. Argument order changed since 2.6.9, as this
121	must now handle non-linear skbs, using skb_copy_bits and
122	skb_ip_make_writable. */
123	unsigned int (target)(struct sk_buff *pskb,
124	const struct net_device *in,
125	const struct net_device *out,
126	unsigned int hooknum,
127	const void *targinfo,
128	void *userdata);
129
130	/* Called when user tries to insert an entry of this type:
131	hook_mask is a bitmask of hooks from which it can be
132	called. */
133	/* Should return true or false. */
134	int (checkentry)(const char tablename,
135	const void *entry,
136	void *targinfo,
137	unsigned int targinfosize,
138	unsigned int hook_mask);
139
140	/* Called when entry of this type deleted. */
141	void (destroy)(void targinfo, unsigned int targinfosize);
142
143	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
144	struct module *me;
145	};
146
147	/* Furniture shopping... */
148	struct xt_table
149	{
150	struct list_head list;
151
152	/* A unique name... */
153	char name[XT_TABLE_MAXNAMELEN];
154
155	/* What hooks you will enter on */
156	unsigned int valid_hooks;
157
158	/* Lock for the curtain */
159	rwlock_t lock;
160
161	/* Man behind the curtain... */
162	//struct ip6t_table_info *private;
163	void *private;
164
165	/* Set this to THIS_MODULE if you are a module, otherwise NULL */
166	struct module *me;
167
168	int af; /* address/protocol family */
169	};
170
171	#include <linux/netfilter_ipv4.h>
172
173	/* The table itself */
174	struct xt_table_info
175	{
176	/* Size per table */
177	unsigned int size;
178	/* Number of entries: FIXME. --RR */
179	unsigned int number;
180	/* Initial number of entries. Needed for module usage count */
181	unsigned int initial_entries;
182
183	/* Entry points and underflows */
184	unsigned int hook_entry[NF_IP_NUMHOOKS];
185	unsigned int underflow[NF_IP_NUMHOOKS];
186
187	/* ipt_entry tables: one per CPU */
188	char *entries[NR_CPUS];
189	};
190
191	extern int xt_register_target(int af, struct xt_target *target);
192	extern void xt_unregister_target(int af, struct xt_target *target);
193	extern int xt_register_match(int af, struct xt_match *target);
194	extern void xt_unregister_match(int af, struct xt_match *target);
195
196	extern int xt_register_table(struct xt_table *table,
197	struct xt_table_info *bootstrap,
198	struct xt_table_info *newinfo);
199	extern void xt_unregister_table(struct xt_table table);
200
201	extern struct xt_table_info xt_replace_table(struct xt_table table,
202	unsigned int num_counters,
203	struct xt_table_info *newinfo,
204	int *error);
205
206	extern struct xt_match xt_find_match(int af, const char name, u8 revision);
207	extern struct xt_target xt_find_target(int af, const char name, u8 revision);
208	extern struct xt_target xt_request_find_target(int af, const char name,
209	u8 revision);
210	extern int xt_find_revision(int af, const char *name, u8 revision, int target,
211	int *err);
212
213	extern struct xt_table xt_find_table_lock(int af, const char name);
214	extern void xt_table_unlock(struct xt_table *t);
215
216	extern int xt_proto_init(int af);
217	extern void xt_proto_fini(int af);
218
219	extern struct xt_table_info *xt_alloc_table_info(unsigned int size);
220	extern void xt_free_table_info(struct xt_table_info *info);
221
222	#endif /* __KERNEL__ */
223
224	#endif /* _X_TABLES_H */