1 /* 2 * 25-Jul-1998 Major changes to allow for ip chain table 3 * 4 * 3-Jan-2000 Named tables to allow packet selection for different uses. 5 */ 6 7 /* 8 * Format of an IP6 firewall descriptor 9 * 10 * src, dst, src_mask, dst_mask are always stored in network byte order. 11 * flags are stored in host byte order (of course). 12 * Port numbers are stored in HOST byte order. 13 */ 14 #ifndef _IP6_TABLES_H 15 #define _IP6_TABLES_H 16 17 #include <linux/if.h> 18 #include <linux/in6.h> 19 #include <linux/ipv6.h> 20 #include <linux/skbuff.h> 21 22 #include <linux/init.h> 23 #include <uapi/linux/netfilter_ipv6/ip6_tables.h> 24 25 extern void ip6t_init(void) __init; 26 27 extern void *ip6t_alloc_initial_table(const struct xt_table *); 28 extern struct xt_table *ip6t_register_table(struct net *net, 29 const struct xt_table *table, 30 const struct ip6t_replace *repl); 31 extern void ip6t_unregister_table(struct net *net, struct xt_table *table); 32 extern unsigned int ip6t_do_table(struct sk_buff *skb, 33 const struct nf_hook_state *state, 34 struct xt_table *table); 35 36 /* Check for an extension */ 37 static inline int ip6t_ext_hdr(u8 nexthdr)38ip6t_ext_hdr(u8 nexthdr) 39 { return (nexthdr == IPPROTO_HOPOPTS) || 40 (nexthdr == IPPROTO_ROUTING) || 41 (nexthdr == IPPROTO_FRAGMENT) || 42 (nexthdr == IPPROTO_ESP) || 43 (nexthdr == IPPROTO_AH) || 44 (nexthdr == IPPROTO_NONE) || 45 (nexthdr == IPPROTO_DSTOPTS); 46 } 47 48 #ifdef CONFIG_COMPAT 49 #include <net/compat.h> 50 51 struct compat_ip6t_entry { 52 struct ip6t_ip6 ipv6; 53 compat_uint_t nfcache; 54 __u16 target_offset; 55 __u16 next_offset; 56 compat_uint_t comefrom; 57 struct compat_xt_counters counters; 58 unsigned char elems[0]; 59 }; 60 61 static inline struct xt_entry_target * compat_ip6t_get_target(struct compat_ip6t_entry * e)62compat_ip6t_get_target(struct compat_ip6t_entry *e) 63 { 64 return (void *)e + e->target_offset; 65 } 66 67 #endif /* CONFIG_COMPAT */ 68 #endif /* _IP6_TABLES_H */ 69