Dr Andrew Scott
G7VAV
Senior Lecturer
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
School of Computing
and Communications
D35 InfoLab21
Lancaster University
Lancaster, LA1 4WA
United Kingdom
| June 2025 | ||||||
| Mo | Tu | We | Th | Fr | Sa | Su |
| 26 | 27 | 28 | 29 | 30 | 31 | 1 |
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 1 | 2 | 3 | 4 | 5 | 6 |
x_tables.h
001: #ifndef _X_TABLES_H 002: #define _X_TABLES_H 003: #include <linux/kernel.h> 004: #include <linux/types.h> 005: 006: #define XT_FUNCTION_MAXNAMELEN 30 007: #define XT_EXTENSION_MAXNAMELEN 29 008: #define XT_TABLE_MAXNAMELEN 32 009: 010: struct xt_entry_match { 011: union { 012: struct { 013: __u16 match_size; 014: 015: /* Used by userspace */ 016: char name[XT_EXTENSION_MAXNAMELEN]; 017: __u8 revision; 018: } user; 019: struct { 020: __u16 match_size; 021: 022: /* Used inside the kernel */ 023: struct xt_match *match; 024: } kernel; 025: 026: /* Total length */ 027: __u16 match_size; 028: } u; 029: 030: unsigned char data[0]; 031: }; 032: 033: struct xt_entry_target { 034: union { 035: struct { 036: __u16 target_size; 037: 038: /* Used by userspace */ 039: char name[XT_EXTENSION_MAXNAMELEN]; 040: __u8 revision; 041: } user; 042: struct { 043: __u16 target_size; 044: 045: /* Used inside the kernel */ 046: struct xt_target *target; 047: } kernel; 048: 049: /* Total length */ 050: __u16 target_size; 051: } u; 052: 053: unsigned char data[0]; 054: }; 055: 056: #define XT_TARGET_INIT(__name, __size) \ 057: { \ 058: .target.u.user = { \ 059: .target_size = XT_ALIGN(__size), \ 060: .name = __name, \ 061: }, \ 062: } 063: 064: struct xt_standard_target { 065: struct xt_entry_target target; 066: int verdict; 067: }; 068: 069: struct xt_error_target { 070: struct xt_entry_target target; 071: char errorname[XT_FUNCTION_MAXNAMELEN]; 072: }; 073: 074: /* The argument to IPT_SO_GET_REVISION_*. Returns highest revision 075: * kernel supports, if >= revision. */ 076: struct xt_get_revision { 077: char name[XT_EXTENSION_MAXNAMELEN]; 078: __u8 revision; 079: }; 080: 081: /* CONTINUE verdict for targets */ 082: #define XT_CONTINUE 0xFFFFFFFF 083: 084: /* For standard target */ 085: #define XT_RETURN (-NF_REPEAT - 1) 086: 087: /* this is a dummy structure to find out the alignment requirement for a struct 088: * containing all the fundamental data types that are used in ipt_entry, 089: * ip6t_entry and arpt_entry. This sucks, and it is a hack. It will be my 090: * personal pleasure to remove it -HW 091: */ 092: struct _xt_align { 093: __u8 u8; 094: __u16 u16; 095: __u32 u32; 096: __u64 u64; 097: }; 098: 099: #define XT_ALIGN(s) __ALIGN_KERNEL((s), __alignof__(struct _xt_align)) 100: 101: /* Standard return verdict, or do jump. */ 102: #define XT_STANDARD_TARGET "" 103: /* Error verdict. */ 104: #define XT_ERROR_TARGET "ERROR" 105: 106: #define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) 107: #define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) 108: 109: struct xt_counters { 110: __u64 pcnt, bcnt; /* Packet and byte counters */ 111: }; 112: 113: /* The argument to IPT_SO_ADD_COUNTERS. */ 114: struct xt_counters_info { 115: /* Which table. */ 116: char name[XT_TABLE_MAXNAMELEN]; 117: 118: unsigned int num_counters; 119: 120: /* The counters (actually `number' of these). */ 121: struct xt_counters counters[0]; 122: }; 123: 124: #define XT_INV_PROTO 0x40 /* Invert the sense of PROTO. */ 125: 126: /* fn returns 0 to continue iteration */ 127: #define XT_MATCH_ITERATE(type, e, fn, args...) \ 128: ({ \ 129: unsigned int __i; \ 130: int __ret = 0; \ 131: struct xt_entry_match *__m; \ 132: \ 133: for (__i = sizeof(type); \ 134: __i < (e)->target_offset; \ 135: __i += __m->u.match_size) { \ 136: __m = (void *)e + __i; \ 137: \ 138: __ret = fn(__m , ## args); \ 139: if (__ret != 0) \ 140: break; \ 141: } \ 142: __ret; \ 143: }) 144: 145: /* fn returns 0 to continue iteration */ 146: #define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \ 147: ({ \ 148: unsigned int __i, __n; \ 149: int __ret = 0; \ 150: type *__entry; \ 151: \ 152: for (__i = 0, __n = 0; __i < (size); \ 153: __i += __entry->next_offset, __n++) { \ 154: __entry = (void *)(entries) + __i; \ 155: if (__n < n) \ 156: continue; \ 157: \ 158: __ret = fn(__entry , ## args); \ 159: if (__ret != 0) \ 160: break; \ 161: } \ 162: __ret; \ 163: }) 164: 165: /* fn returns 0 to continue iteration */ 166: #define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \ 167: XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args) 168: 169: 170: /* pos is normally a struct ipt_entry/ip6t_entry/etc. */ 171: #define xt_entry_foreach(pos, ehead, esize) \ 172: for ((pos) = (typeof(pos))(ehead); \ 173: (pos) < (typeof(pos))((char *)(ehead) + (esize)); \ 174: (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset)) 175: 176: /* can only be xt_entry_match, so no use of typeof here */ 177: #define xt_ematch_foreach(pos, entry) \ 178: for ((pos) = (struct xt_entry_match *)entry->elems; \ 179: (pos) < (struct xt_entry_match *)((char *)(entry) + \ 180: (entry)->target_offset); \ 181: (pos) = (struct xt_entry_match *)((char *)(pos) + \ 182: (pos)->u.match_size)) 183: 184: 185: #endif /* _X_TABLES_H */ 186:
for client
(none)
© Andrew Scott 2006 -
2025,
All Rights Reserved
All Rights Reserved
Andrew Scott