OpenCores
URL https://opencores.org/ocsvn/hf-risc/hf-risc/trunk

Subversion Repositories hf-risc

[/] [hf-risc/] [trunk/] [tools/] [riscv-gnu-toolchain-master/] [linux-headers/] [include/] [linux/] [netfilter_arp/] [arp_tables.h] - Blame information for rev 13

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 13 serginhofr 
/*
2 
 *      Format of an ARP firewall descriptor
3 
 *
4 
 *      src, tgt, src_mask, tgt_mask, arpop, arpop_mask are always stored in
5 
 *      network byte order.
6 
 *      flags are stored in host byte order (of course).
7 
 */
8 
 
9 
#ifndef _ARPTABLES_H
10 
#define _ARPTABLES_H
11 
 
12 
#include <linux/types.h>
13 
 
14 
#include <linux/netfilter_arp.h>
15 
 
16 
#include <linux/netfilter/x_tables.h>
17 
 
18 
#define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
19 
#define ARPT_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN
20 
#define arpt_entry_target xt_entry_target
21 
#define arpt_standard_target xt_standard_target
22 
#define arpt_error_target xt_error_target
23 
#define ARPT_CONTINUE XT_CONTINUE
24 
#define ARPT_RETURN XT_RETURN
25 
#define arpt_counters_info xt_counters_info
26 
#define arpt_counters xt_counters
27 
#define ARPT_STANDARD_TARGET XT_STANDARD_TARGET
28 
#define ARPT_ERROR_TARGET XT_ERROR_TARGET
29 
#define ARPT_ENTRY_ITERATE(entries, size, fn, args...) \
30 
        XT_ENTRY_ITERATE(struct arpt_entry, entries, size, fn, ## args)
31 
 
32 
#define ARPT_DEV_ADDR_LEN_MAX 16
33 
 
34 
struct arpt_devaddr_info {
35 
        char addr[ARPT_DEV_ADDR_LEN_MAX];
36 
        char mask[ARPT_DEV_ADDR_LEN_MAX];
37 
};
38 
 
39 
/* Yes, Virginia, you have to zero the padding. */
40 
struct arpt_arp {
41 
        /* Source and target IP addr */
42 
        struct in_addr src, tgt;
43 
        /* Mask for src and target IP addr */
44 
        struct in_addr smsk, tmsk;
45 
 
46 
        /* Device hw address length, src+target device addresses */
47 
        __u8 arhln, arhln_mask;
48 
        struct arpt_devaddr_info src_devaddr;
49 
        struct arpt_devaddr_info tgt_devaddr;
50 
 
51 
        /* ARP operation code. */
52 
        __be16 arpop, arpop_mask;
53 
 
54 
        /* ARP hardware address and protocol address format. */
55 
        __be16 arhrd, arhrd_mask;
56 
        __be16 arpro, arpro_mask;
57 
 
58 
        /* The protocol address length is only accepted if it is 4
59 
         * so there is no use in offering a way to do filtering on it.
60 
         */
61 
 
62 
        char iniface[IFNAMSIZ], outiface[IFNAMSIZ];
63 
        unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ];
64 
 
65 
        /* Flags word */
66 
        __u8 flags;
67 
        /* Inverse flags */
68 
        __u16 invflags;
69 
};
70 
 
71 
/* Values for "flag" field in struct arpt_ip (general arp structure).
72 
 * No flags defined yet.
73 
 */
74 
#define ARPT_F_MASK             0x00    /* All possible flag bits mask. */
75 
 
76 
/* Values for "inv" field in struct arpt_arp. */
77 
#define ARPT_INV_VIA_IN         0x0001  /* Invert the sense of IN IFACE. */
78 
#define ARPT_INV_VIA_OUT        0x0002  /* Invert the sense of OUT IFACE */
79 
#define ARPT_INV_SRCIP          0x0004  /* Invert the sense of SRC IP. */
80 
#define ARPT_INV_TGTIP          0x0008  /* Invert the sense of TGT IP. */
81 
#define ARPT_INV_SRCDEVADDR     0x0010  /* Invert the sense of SRC DEV ADDR. */
82 
#define ARPT_INV_TGTDEVADDR     0x0020  /* Invert the sense of TGT DEV ADDR. */
83 
#define ARPT_INV_ARPOP          0x0040  /* Invert the sense of ARP OP. */
84 
#define ARPT_INV_ARPHRD         0x0080  /* Invert the sense of ARP HRD. */
85 
#define ARPT_INV_ARPPRO         0x0100  /* Invert the sense of ARP PRO. */
86 
#define ARPT_INV_ARPHLN         0x0200  /* Invert the sense of ARP HLN. */
87 
#define ARPT_INV_MASK           0x03FF  /* All possible flag bits mask. */
88 
 
89 
/* This structure defines each of the firewall rules.  Consists of 3
90 
   parts which are 1) general ARP header stuff 2) match specific
91 
   stuff 3) the target to perform if the rule matches */
92 
struct arpt_entry
93 
{
94 
        struct arpt_arp arp;
95 
 
96 
        /* Size of arpt_entry + matches */
97 
        __u16 target_offset;
98 
        /* Size of arpt_entry + matches + target */
99 
        __u16 next_offset;
100 
 
101 
        /* Back pointer */
102 
        unsigned int comefrom;
103 
 
104 
        /* Packet and byte counters. */
105 
        struct xt_counters counters;
106 
 
107 
        /* The matches (if any), then the target. */
108 
        unsigned char elems[0];
109 
};
110 
 
111 
/*
112 
 * New IP firewall options for [gs]etsockopt at the RAW IP level.
113 
 * Unlike BSD Linux inherits IP options so you don't have to use a raw
114 
 * socket for this. Instead we check rights in the calls.
115 
 *
116 
 * ATTENTION: check linux/in.h before adding new number here.
117 
 */
118 
#define ARPT_BASE_CTL           96
119 
 
120 
#define ARPT_SO_SET_REPLACE             (ARPT_BASE_CTL)
121 
#define ARPT_SO_SET_ADD_COUNTERS        (ARPT_BASE_CTL + 1)
122 
#define ARPT_SO_SET_MAX                 ARPT_SO_SET_ADD_COUNTERS
123 
 
124 
#define ARPT_SO_GET_INFO                (ARPT_BASE_CTL)
125 
#define ARPT_SO_GET_ENTRIES             (ARPT_BASE_CTL + 1)
126 
/* #define ARPT_SO_GET_REVISION_MATCH   (APRT_BASE_CTL + 2) */
127 
#define ARPT_SO_GET_REVISION_TARGET     (ARPT_BASE_CTL + 3)
128 
#define ARPT_SO_GET_MAX                 (ARPT_SO_GET_REVISION_TARGET)
129 
 
130 
/* The argument to ARPT_SO_GET_INFO */
131 
struct arpt_getinfo {
132 
        /* Which table: caller fills this in. */
133 
        char name[XT_TABLE_MAXNAMELEN];
134 
 
135 
        /* Kernel fills these in. */
136 
        /* Which hook entry points are valid: bitmask */
137 
        unsigned int valid_hooks;
138 
 
139 
        /* Hook entry points: one per netfilter hook. */
140 
        unsigned int hook_entry[NF_ARP_NUMHOOKS];
141 
 
142 
        /* Underflow points. */
143 
        unsigned int underflow[NF_ARP_NUMHOOKS];
144 
 
145 
        /* Number of entries */
146 
        unsigned int num_entries;
147 
 
148 
        /* Size of entries. */
149 
        unsigned int size;
150 
};
151 
 
152 
/* The argument to ARPT_SO_SET_REPLACE. */
153 
struct arpt_replace {
154 
        /* Which table. */
155 
        char name[XT_TABLE_MAXNAMELEN];
156 
 
157 
        /* Which hook entry points are valid: bitmask.  You can't
158 
           change this. */
159 
        unsigned int valid_hooks;
160 
 
161 
        /* Number of entries */
162 
        unsigned int num_entries;
163 
 
164 
        /* Total size of new entries */
165 
        unsigned int size;
166 
 
167 
        /* Hook entry points. */
168 
        unsigned int hook_entry[NF_ARP_NUMHOOKS];
169 
 
170 
        /* Underflow points. */
171 
        unsigned int underflow[NF_ARP_NUMHOOKS];
172 
 
173 
        /* Information about old entries: */
174 
        /* Number of counters (must be equal to current number of entries). */
175 
        unsigned int num_counters;
176 
        /* The old entries' counters. */
177 
        struct xt_counters *counters;
178 
 
179 
        /* The entries (hang off end: not really an array). */
180 
        struct arpt_entry entries[0];
181 
};
182 
 
183 
/* The argument to ARPT_SO_GET_ENTRIES. */
184 
struct arpt_get_entries {
185 
        /* Which table: user fills this in. */
186 
        char name[XT_TABLE_MAXNAMELEN];
187 
 
188 
        /* User fills this in: total entry size. */
189 
        unsigned int size;
190 
 
191 
        /* The entries. */
192 
        struct arpt_entry entrytable[0];
193 
};
194 
 
195 
/* Helper functions */
196 
static __inline__ struct xt_entry_target *arpt_get_target(struct arpt_entry *e)
197 
{
198 
        return (void *)e + e->target_offset;
199 
}
200 
 
201 
/*
202 
 *      Main firewall chains definitions and global var's definitions.
203 
 */
204 
#endif /* _ARPTABLES_H */

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.