logo

oasis-root

Compiled tree of Oasis Linux based on own branch at <https://hacktivis.me/git/oasis/> git clone https://anongit.hacktivis.me/git/oasis-root.git

x_tables.h (4464B)

    

  1. /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
  2. #ifndef _X_TABLES_H
  3. #define _X_TABLES_H
  4. #include <linux/const.h>
  5. #include <linux/types.h>
  7. #define XT_FUNCTION_MAXNAMELEN 30
  8. #define XT_EXTENSION_MAXNAMELEN 29
  9. #define XT_TABLE_MAXNAMELEN 32
  11. struct xt_entry_match {
  12. 	union {
  13. 		struct {
  14. 			__u16 match_size;
  16. 			/* Used by userspace */
  17. 			char name[XT_EXTENSION_MAXNAMELEN];
  18. 			__u8 revision;
  19. 		} user;
  20. 		struct {
  21. 			__u16 match_size;
  23. 			/* Used inside the kernel */
  24. 			struct xt_match *match;
  25. 		} kernel;
  27. 		/* Total length */
  28. 		__u16 match_size;
  29. 	} u;
  31. 	unsigned char data[];
  32. };
  34. struct xt_entry_target {
  35. 	union {
  36. 		struct {
  37. 			__u16 target_size;
  39. 			/* Used by userspace */
  40. 			char name[XT_EXTENSION_MAXNAMELEN];
  41. 			__u8 revision;
  42. 		} user;
  43. 		struct {
  44. 			__u16 target_size;
  46. 			/* Used inside the kernel */
  47. 			struct xt_target *target;
  48. 		} kernel;
  50. 		/* Total length */
  51. 		__u16 target_size;
  52. 	} u;
  54. 	unsigned char data[0];
  55. };
  57. #define XT_TARGET_INIT(__name, __size)					       \
  58. {									       \
  59. 	.target.u.user = {						       \
  60. 		.target_size	= XT_ALIGN(__size),			       \
  61. 		.name		= __name,				       \
  62. 	},								       \
  63. }
  65. struct xt_standard_target {
  66. 	struct xt_entry_target target;
  67. 	int verdict;
  68. };
  70. struct xt_error_target {
  71. 	struct xt_entry_target target;
  72. 	char errorname[XT_FUNCTION_MAXNAMELEN];
  73. };
  75. /* The argument to IPT_SO_GET_REVISION_*.  Returns highest revision
  76.  * kernel supports, if >= revision. */
  77. struct xt_get_revision {
  78. 	char name[XT_EXTENSION_MAXNAMELEN];
  79. 	__u8 revision;
  80. };
  82. /* CONTINUE verdict for targets */
  83. #define XT_CONTINUE 0xFFFFFFFF
  85. /* For standard target */
  86. #define XT_RETURN (-NF_REPEAT - 1)
  88. /* this is a dummy structure to find out the alignment requirement for a struct
  89.  * containing all the fundamental data types that are used in ipt_entry,
  90.  * ip6t_entry and arpt_entry.  This sucks, and it is a hack.  It will be my
  91.  * personal pleasure to remove it -HW
  92.  */
  93. struct _xt_align {
  94. 	__u8 u8;
  95. 	__u16 u16;
  96. 	__u32 u32;
  97. 	__u64 u64;
  98. };
  100. #define XT_ALIGN(s) __ALIGN_KERNEL((s), __alignof__(struct _xt_align))
  102. /* Standard return verdict, or do jump. */
  103. #define XT_STANDARD_TARGET ""
  104. /* Error verdict. */
  105. #define XT_ERROR_TARGET "ERROR"
  107. #define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0)
  108. #define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0)
  110. struct xt_counters {
  111. 	__u64 pcnt, bcnt;			/* Packet and byte counters */
  112. };
  114. /* The argument to IPT_SO_ADD_COUNTERS. */
  115. struct xt_counters_info {
  116. 	/* Which table. */
  117. 	char name[XT_TABLE_MAXNAMELEN];
  119. 	unsigned int num_counters;
  121. 	/* The counters (actually `number' of these). */
  122. 	struct xt_counters counters[];
  123. };
  125. #define XT_INV_PROTO		0x40	/* Invert the sense of PROTO. */
  127. /* fn returns 0 to continue iteration */
  128. #define XT_MATCH_ITERATE(type, e, fn, args...)			\
  129. ({								\
  130. 	unsigned int __i;					\
  131. 	int __ret = 0;						\
  132. 	struct xt_entry_match *__m;				\
  133. 								\
  134. 	for (__i = sizeof(type);				\
  135. 	     __i < (e)->target_offset;				\
  136. 	     __i += __m->u.match_size) {			\
  137. 		__m = (void *)e + __i;				\
  138. 								\
  139. 		__ret = fn(__m , ## args);			\
  140. 		if (__ret != 0)					\
  141. 			break;					\
  142. 	}							\
  143. 	__ret;							\
  144. })
  146. /* fn returns 0 to continue iteration */
  147. #define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \
  148. ({								\
  149. 	unsigned int __i, __n;					\
  150. 	int __ret = 0;						\
  151. 	type *__entry;						\
  152. 								\
  153. 	for (__i = 0, __n = 0; __i < (size);			\
  154. 	     __i += __entry->next_offset, __n++) { 		\
  155. 		__entry = (void *)(entries) + __i;		\
  156. 		if (__n < n)					\
  157. 			continue;				\
  158. 								\
  159. 		__ret = fn(__entry , ## args);			\
  160. 		if (__ret != 0)					\
  161. 			break;					\
  162. 	}							\
  163. 	__ret;							\
  164. })
  166. /* fn returns 0 to continue iteration */
  167. #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \
  168. 	XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args)
  171. /* pos is normally a struct ipt_entry/ip6t_entry/etc. */
  172. #define xt_entry_foreach(pos, ehead, esize) \
  173. 	for ((pos) = (typeof(pos))(ehead); \
  174. 	     (pos) < (typeof(pos))((char *)(ehead) + (esize)); \
  175. 	     (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset))
  177. /* can only be xt_entry_match, so no use of typeof here */
  178. #define xt_ematch_foreach(pos, entry) \
  179. 	for ((pos) = (struct xt_entry_match *)entry->elems; \
  180. 	     (pos) < (struct xt_entry_match *)((char *)(entry) + \
  181. 	             (entry)->target_offset); \
  182. 	     (pos) = (struct xt_entry_match *)((char *)(pos) + \
  183. 	             (pos)->u.match_size))
  186. #endif /* _X_TABLES_H */