diff options
Diffstat (limited to 'iptables/nft-shared.h')
| -rw-r--r-- | iptables/nft-shared.h | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index bee99a7d..da4ba9d2 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -8,6 +8,7 @@ #include <libnftnl/chain.h> #include <linux/netfilter_arp/arp_tables.h> +#include <linux/netfilter/nf_tables.h> #include "xshared.h" @@ -98,7 +99,6 @@ struct nft_family_ops { void (*print_rule)(struct nft_handle *h, struct nftnl_rule *r, unsigned int num, unsigned int format); void (*save_rule)(const void *data, unsigned int format); - void (*save_counters)(const void *data); void (*save_chain)(const struct nftnl_chain *c, const char *policy); void (*proto_parse)(struct iptables_command_state *cs, struct xtables_args *args); @@ -109,8 +109,6 @@ struct nft_family_ops { void (*rule_to_cs)(struct nft_handle *h, const struct nftnl_rule *r, struct iptables_command_state *cs); void (*clear_cs)(struct iptables_command_state *cs); - bool (*rule_find)(struct nft_handle *h, struct nftnl_rule *r, - void *data); int (*xlate)(const void *data, struct xt_xlate *xl); }; @@ -124,7 +122,7 @@ void add_cmp_u16(struct nftnl_rule *r, uint16_t val, uint32_t op); void add_cmp_u32(struct nftnl_rule *r, uint32_t val, uint32_t op); void add_iniface(struct nftnl_rule *r, char *iface, uint32_t op); void add_outiface(struct nftnl_rule *r, char *iface, uint32_t op); -void add_addr(struct nftnl_rule *r, int offset, +void add_addr(struct nftnl_rule *r, enum nft_payload_bases base, int offset, void *data, void *mask, size_t len, uint32_t op); void add_proto(struct nftnl_rule *r, int offset, size_t len, uint8_t proto, uint32_t op); @@ -162,7 +160,6 @@ void save_rule_details(const struct iptables_command_state *cs, unsigned const char *iniface_mask, const char *outiface, unsigned const char *outiface_mask); -void save_counters(const void *data); void nft_ipv46_save_chain(const struct nftnl_chain *c, const char *policy); void save_matches_and_target(const struct iptables_command_state *cs, bool goto_flag, const void *fw, @@ -171,8 +168,6 @@ void save_matches_and_target(const struct iptables_command_state *cs, struct nft_family_ops *nft_family_ops_lookup(int family); void nft_ipv46_parse_target(struct xtables_target *t, void *data); -bool nft_ipv46_rule_find(struct nft_handle *h, struct nftnl_rule *r, - void *data); bool compare_matches(struct xtables_rule_match *mt1, struct xtables_rule_match *mt2); bool compare_targets(struct xtables_target *tg1, struct xtables_target *tg2); @@ -231,7 +226,8 @@ struct nft_xt_restore_cb { int (*chain_restore)(struct nft_handle *h, const char *chain, const char *table); - int (*table_flush)(struct nft_handle *h, const char *table); + int (*table_flush)(struct nft_handle *h, const char *table, + bool verbose); int (*do_command)(struct nft_handle *h, int argc, char *argv[], char **table, bool restore); @@ -252,4 +248,8 @@ void xtables_restore_parse(struct nft_handle *h, const struct nft_xt_restore_parse *p); void nft_check_xt_legacy(int family, bool is_ipt_save); + +#define min(x, y) ((x) < (y) ? (x) : (y)) +#define max(x, y) ((x) > (y) ? (x) : (y)) + #endif |