include/linux/netfilter/xt_policy.h

   1 #ifndef _XT_POLICY_H
   2 #define _XT_POLICY_H
   3
   4 #define XT_POLICY_MAX_ELEM      4
   5
   6 enum xt_policy_flags
   7 {
   8         XT_POLICY_MATCH_IN      = 0x1,
   9         XT_POLICY_MATCH_OUT     = 0x2,
  10         XT_POLICY_MATCH_NONE    = 0x4,
  11         XT_POLICY_MATCH_STRICT  = 0x8,
  12 };
  13
  14 enum xt_policy_modes
  15 {
  16         XT_POLICY_MODE_TRANSPORT,
  17         XT_POLICY_MODE_TUNNEL
  18 };
  19
  20 struct xt_policy_spec
  21 {
  22         u_int8_t        saddr:1,
  23                         daddr:1,
  24                         proto:1,
  25                         mode:1,
  26                         spi:1,
  27                         reqid:1;
  28 };
  29
  30 union xt_policy_addr
  31 {
  32         struct in_addr  a4;
  33         struct in6_addr a6;
  34 };
  35
  36 struct xt_policy_elem
  37 {
  38         union xt_policy_addr    saddr;
  39         union xt_policy_addr    smask;
  40         union xt_policy_addr    daddr;
  41         union xt_policy_addr    dmask;
  42         __be32                  spi;
  43         u_int32_t               reqid;
  44         u_int8_t                proto;
  45         u_int8_t                mode;
  46
  47         struct xt_policy_spec   match;
  48         struct xt_policy_spec   invert;
  49 };
  50
  51 struct xt_policy_info
  52 {
  53         struct xt_policy_elem pol[XT_POLICY_MAX_ELEM];
  54         u_int16_t flags;
  55         u_int16_t len;
  56 };
  57
  58 #endif /* _XT_POLICY_H */