diff options
Diffstat (limited to 'include/linux/netfilter_ipv4')
| -rw-r--r-- | include/linux/netfilter_ipv4/Kbuild | 1 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/ip_tables.h | 20 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/nf_nat.h | 58 |
3 files changed, 69 insertions, 10 deletions
diff --git a/include/linux/netfilter_ipv4/Kbuild b/include/linux/netfilter_ipv4/Kbuild index f9930c87fff3..c3b45480ecf7 100644 --- a/include/linux/netfilter_ipv4/Kbuild +++ b/include/linux/netfilter_ipv4/Kbuild @@ -12,3 +12,4 @@ header-y += ipt_ah.h header-y += ipt_ecn.h header-y += ipt_realm.h header-y += ipt_ttl.h +header-y += nf_nat.h diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h index 64a5d95c58e8..db79231914ce 100644 --- a/include/linux/netfilter_ipv4/ip_tables.h +++ b/include/linux/netfilter_ipv4/ip_tables.h @@ -81,12 +81,12 @@ struct ipt_ip { unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ]; /* Protocol, 0 = ANY */ - u_int16_t proto; + __u16 proto; /* Flags word */ - u_int8_t flags; + __u8 flags; /* Inverse flags */ - u_int8_t invflags; + __u8 invflags; }; /* Values for "flag" field in struct ipt_ip (general ip structure). */ @@ -114,9 +114,9 @@ struct ipt_entry { unsigned int nfcache; /* Size of ipt_entry + matches */ - u_int16_t target_offset; + __u16 target_offset; /* Size of ipt_entry + matches + target */ - u_int16_t next_offset; + __u16 next_offset; /* Back pointer */ unsigned int comefrom; @@ -149,9 +149,9 @@ struct ipt_entry { /* ICMP matching stuff */ struct ipt_icmp { - u_int8_t type; /* type to match */ - u_int8_t code[2]; /* range of code */ - u_int8_t invflags; /* Inverse flags */ + __u8 type; /* type to match */ + __u8 code[2]; /* range of code */ + __u8 invflags; /* Inverse flags */ }; /* Values for "inv" field for struct ipt_icmp. */ @@ -288,8 +288,8 @@ extern unsigned int ipt_do_table(struct sk_buff *skb, struct compat_ipt_entry { struct ipt_ip ip; compat_uint_t nfcache; - u_int16_t target_offset; - u_int16_t next_offset; + __u16 target_offset; + __u16 next_offset; compat_uint_t comefrom; struct compat_xt_counters counters; unsigned char elems[0]; diff --git a/include/linux/netfilter_ipv4/nf_nat.h b/include/linux/netfilter_ipv4/nf_nat.h new file mode 100644 index 000000000000..7a861d09fc86 --- /dev/null +++ b/include/linux/netfilter_ipv4/nf_nat.h @@ -0,0 +1,58 @@ +#ifndef _LINUX_NF_NAT_H +#define _LINUX_NF_NAT_H + +#include <linux/types.h> + +#define IP_NAT_RANGE_MAP_IPS 1 +#define IP_NAT_RANGE_PROTO_SPECIFIED 2 +#define IP_NAT_RANGE_PROTO_RANDOM 4 +#define IP_NAT_RANGE_PERSISTENT 8 + +/* The protocol-specific manipulable parts of the tuple. */ +union nf_conntrack_man_proto { + /* Add other protocols here. */ + __be16 all; + + struct { + __be16 port; + } tcp; + struct { + __be16 port; + } udp; + struct { + __be16 id; + } icmp; + struct { + __be16 port; + } dccp; + struct { + __be16 port; + } sctp; + struct { + __be16 key; /* GRE key is 32bit, PPtP only uses 16bit */ + } gre; +}; + +/* Single range specification. */ +struct nf_nat_range { + /* Set to OR of flags above. */ + unsigned int flags; + + /* Inclusive: network order. */ + __be32 min_ip, max_ip; + + /* Inclusive: network order */ + union nf_conntrack_man_proto min, max; +}; + +/* For backwards compat: don't use in modern code. */ +struct nf_nat_multi_range_compat { + unsigned int rangesize; /* Must be 1. */ + + /* hangs off end. */ + struct nf_nat_range range[1]; +}; + +#define nf_nat_multi_range nf_nat_multi_range_compat + +#endif |