aboutsummaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter_bridge/ebt_ip6.h
diff options
context:
space:
mode:
authorKuo-lang Tseng <kuo-lang.tseng@intel.com>2008-06-09 15:55:45 -0700
committerDavid S. Miller <davem@davemloft.net>2008-06-09 15:55:45 -0700
commit93f65158723ceb7078ee9a0fd4830c0de00f4b9e (patch)
tree0c40629695055a983d969490b9291e5b38ae6b4d /include/linux/netfilter_bridge/ebt_ip6.h
parentaf_iucv: exploit target message class support of IUCV (diff)
downloadlinux-dev-93f65158723ceb7078ee9a0fd4830c0de00f4b9e.tar.xz
linux-dev-93f65158723ceb7078ee9a0fd4830c0de00f4b9e.zip
netfilter: ebtables: add IPv6 support
It implements matching functions for IPv6 address & traffic class (merged from the patch sent by Jan Engelhardt [jengelh@computergmbh.de] http://marc.info/?l=netfilter-devel&m=120182168424052&w=2), protocol, and layer-4 port id. Corresponding watcher logging function is also added for IPv6. Signed-off-by: Kuo-lang Tseng <kuo-lang.tseng@intel.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/netfilter_bridge/ebt_ip6.h')
-rw-r--r--include/linux/netfilter_bridge/ebt_ip6.h40
1 files changed, 40 insertions, 0 deletions
diff --git a/include/linux/netfilter_bridge/ebt_ip6.h b/include/linux/netfilter_bridge/ebt_ip6.h
new file mode 100644
index 000000000000..2273c3ae33ca
--- /dev/null
+++ b/include/linux/netfilter_bridge/ebt_ip6.h
@@ -0,0 +1,40 @@
+/*
+ * ebt_ip6
+ *
+ * Authors:
+ * Kuo-Lang Tseng <kuo-lang.tseng@intel.com>
+ * Manohar Castelino <manohar.r.castelino@intel.com>
+ *
+ * Jan 11, 2008
+ *
+ */
+
+#ifndef __LINUX_BRIDGE_EBT_IP6_H
+#define __LINUX_BRIDGE_EBT_IP6_H
+
+#define EBT_IP6_SOURCE 0x01
+#define EBT_IP6_DEST 0x02
+#define EBT_IP6_TCLASS 0x04
+#define EBT_IP6_PROTO 0x08
+#define EBT_IP6_SPORT 0x10
+#define EBT_IP6_DPORT 0x20
+#define EBT_IP6_MASK (EBT_IP6_SOURCE | EBT_IP6_DEST | EBT_IP6_TCLASS |\
+ EBT_IP6_PROTO | EBT_IP6_SPORT | EBT_IP6_DPORT)
+#define EBT_IP6_MATCH "ip6"
+
+/* the same values are used for the invflags */
+struct ebt_ip6_info
+{
+ struct in6_addr saddr;
+ struct in6_addr daddr;
+ struct in6_addr smsk;
+ struct in6_addr dmsk;
+ uint8_t tclass;
+ uint8_t protocol;
+ uint8_t bitmask;
+ uint8_t invflags;
+ uint16_t sport[2];
+ uint16_t dport[2];
+};
+
+#endif