Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
1da177e4 LT |
2 | /* |
3 | * 25-Jul-1998 Major changes to allow for ip chain table | |
4 | * | |
5 | * 3-Jan-2000 Named tables to allow packet selection for different uses. | |
6 | */ | |
7 | ||
8 | /* | |
9 | * Format of an IP6 firewall descriptor | |
10 | * | |
11 | * src, dst, src_mask, dst_mask are always stored in network byte order. | |
12 | * flags are stored in host byte order (of course). | |
13 | * Port numbers are stored in HOST byte order. | |
14 | */ | |
1da177e4 LT |
15 | #ifndef _IP6_TABLES_H |
16 | #define _IP6_TABLES_H | |
17 | ||
1da177e4 | 18 | #include <linux/if.h> |
1da177e4 LT |
19 | #include <linux/in6.h> |
20 | #include <linux/ipv6.h> | |
21 | #include <linux/skbuff.h> | |
1da177e4 LT |
22 | |
23 | #include <linux/init.h> | |
ff1e1756 DH |
24 | #include <uapi/linux/netfilter_ipv6/ip6_tables.h> |
25 | ||
1da177e4 LT |
26 | extern void ip6t_init(void) __init; |
27 | ||
e3eaa991 | 28 | extern void *ip6t_alloc_initial_table(const struct xt_table *); |
a67dd266 FW |
29 | int ip6t_register_table(struct net *net, const struct xt_table *table, |
30 | const struct ip6t_replace *repl, | |
31 | const struct nf_hook_ops *ops, struct xt_table **res); | |
32 | void ip6t_unregister_table(struct net *net, struct xt_table *table, | |
33 | const struct nf_hook_ops *ops); | |
3db05fea | 34 | extern unsigned int ip6t_do_table(struct sk_buff *skb, |
8f8a3715 | 35 | const struct nf_hook_state *state, |
e60a13e0 | 36 | struct xt_table *table); |
1da177e4 LT |
37 | |
38 | /* Check for an extension */ | |
95ad2f87 PNA |
39 | static inline int |
40 | ip6t_ext_hdr(u8 nexthdr) | |
41 | { return (nexthdr == IPPROTO_HOPOPTS) || | |
42 | (nexthdr == IPPROTO_ROUTING) || | |
43 | (nexthdr == IPPROTO_FRAGMENT) || | |
44 | (nexthdr == IPPROTO_ESP) || | |
45 | (nexthdr == IPPROTO_AH) || | |
46 | (nexthdr == IPPROTO_NONE) || | |
47 | (nexthdr == IPPROTO_DSTOPTS); | |
48 | } | |
49 | ||
3bc3fe5e PM |
50 | #ifdef CONFIG_COMPAT |
51 | #include <net/compat.h> | |
52 | ||
d94d9fee | 53 | struct compat_ip6t_entry { |
3bc3fe5e PM |
54 | struct ip6t_ip6 ipv6; |
55 | compat_uint_t nfcache; | |
7ff30c43 BH |
56 | __u16 target_offset; |
57 | __u16 next_offset; | |
3bc3fe5e PM |
58 | compat_uint_t comefrom; |
59 | struct compat_xt_counters counters; | |
60 | unsigned char elems[0]; | |
61 | }; | |
62 | ||
87a2e70d | 63 | static inline struct xt_entry_target * |
3bc3fe5e PM |
64 | compat_ip6t_get_target(struct compat_ip6t_entry *e) |
65 | { | |
66 | return (void *)e + e->target_offset; | |
67 | } | |
68 | ||
3bc3fe5e | 69 | #endif /* CONFIG_COMPAT */ |
1da177e4 | 70 | #endif /* _IP6_TABLES_H */ |