diff options
Diffstat (limited to 'sysroot/usr/include/linux/netfilter')
32 files changed, 1315 insertions, 0 deletions
diff --git a/sysroot/usr/include/linux/netfilter/nf_conntrack_common.h b/sysroot/usr/include/linux/netfilter/nf_conntrack_common.h new file mode 100644 index 0000000..69177fc --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nf_conntrack_common.h @@ -0,0 +1,114 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NF_CONNTRACK_COMMON_H +#define _NF_CONNTRACK_COMMON_H + +enum ip_conntrack_info +{ + + IP_CT_ESTABLISHED, + + IP_CT_RELATED, + + IP_CT_NEW, + + IP_CT_IS_REPLY, + + IP_CT_NUMBER = IP_CT_IS_REPLY * 2 - 1 +}; + +enum ip_conntrack_status { + + IPS_EXPECTED_BIT = 0, + IPS_EXPECTED = (1 << IPS_EXPECTED_BIT), + + IPS_SEEN_REPLY_BIT = 1, + IPS_SEEN_REPLY = (1 << IPS_SEEN_REPLY_BIT), + + IPS_ASSURED_BIT = 2, + IPS_ASSURED = (1 << IPS_ASSURED_BIT), + + IPS_CONFIRMED_BIT = 3, + IPS_CONFIRMED = (1 << IPS_CONFIRMED_BIT), + + IPS_SRC_NAT_BIT = 4, + IPS_SRC_NAT = (1 << IPS_SRC_NAT_BIT), + + IPS_DST_NAT_BIT = 5, + IPS_DST_NAT = (1 << IPS_DST_NAT_BIT), + + IPS_NAT_MASK = (IPS_DST_NAT | IPS_SRC_NAT), + + IPS_SEQ_ADJUST_BIT = 6, + IPS_SEQ_ADJUST = (1 << IPS_SEQ_ADJUST_BIT), + + IPS_SRC_NAT_DONE_BIT = 7, + IPS_SRC_NAT_DONE = (1 << IPS_SRC_NAT_DONE_BIT), + + IPS_DST_NAT_DONE_BIT = 8, + IPS_DST_NAT_DONE = (1 << IPS_DST_NAT_DONE_BIT), + + IPS_NAT_DONE_MASK = (IPS_DST_NAT_DONE | IPS_SRC_NAT_DONE), + + IPS_DYING_BIT = 9, + IPS_DYING = (1 << IPS_DYING_BIT), + + IPS_FIXED_TIMEOUT_BIT = 10, + IPS_FIXED_TIMEOUT = (1 << IPS_FIXED_TIMEOUT_BIT), +}; + +enum ip_conntrack_events +{ + + IPCT_NEW_BIT = 0, + IPCT_NEW = (1 << IPCT_NEW_BIT), + + IPCT_RELATED_BIT = 1, + IPCT_RELATED = (1 << IPCT_RELATED_BIT), + + IPCT_DESTROY_BIT = 2, + IPCT_DESTROY = (1 << IPCT_DESTROY_BIT), + + IPCT_REFRESH_BIT = 3, + IPCT_REFRESH = (1 << IPCT_REFRESH_BIT), + + IPCT_STATUS_BIT = 4, + IPCT_STATUS = (1 << IPCT_STATUS_BIT), + + IPCT_PROTOINFO_BIT = 5, + IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT), + + IPCT_PROTOINFO_VOLATILE_BIT = 6, + IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT), + + IPCT_HELPER_BIT = 7, + IPCT_HELPER = (1 << IPCT_HELPER_BIT), + + IPCT_HELPINFO_BIT = 8, + IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT), + + IPCT_HELPINFO_VOLATILE_BIT = 9, + IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT), + + IPCT_NATINFO_BIT = 10, + IPCT_NATINFO = (1 << IPCT_NATINFO_BIT), + + IPCT_COUNTER_FILLING_BIT = 11, + IPCT_COUNTER_FILLING = (1 << IPCT_COUNTER_FILLING_BIT), +}; + +enum ip_conntrack_expect_events { + IPEXP_NEW_BIT = 0, + IPEXP_NEW = (1 << IPEXP_NEW_BIT), +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nf_conntrack_ftp.h b/sysroot/usr/include/linux/netfilter/nf_conntrack_ftp.h new file mode 100644 index 0000000..ff815a7 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nf_conntrack_ftp.h @@ -0,0 +1,27 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NF_CONNTRACK_FTP_H +#define _NF_CONNTRACK_FTP_H + +enum ip_ct_ftp_type +{ + + IP_CT_FTP_PORT, + + IP_CT_FTP_PASV, + + IP_CT_FTP_EPRT, + + IP_CT_FTP_EPSV, +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nf_conntrack_sctp.h b/sysroot/usr/include/linux/netfilter/nf_conntrack_sctp.h new file mode 100644 index 0000000..15768b2 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nf_conntrack_sctp.h @@ -0,0 +1,37 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NF_CONNTRACK_SCTP_H +#define _NF_CONNTRACK_SCTP_H + +#include <linux/netfilter/nf_conntrack_tuple_common.h> + +enum sctp_conntrack { + SCTP_CONNTRACK_NONE, + SCTP_CONNTRACK_CLOSED, + SCTP_CONNTRACK_COOKIE_WAIT, + SCTP_CONNTRACK_COOKIE_ECHOED, + SCTP_CONNTRACK_ESTABLISHED, + SCTP_CONNTRACK_SHUTDOWN_SENT, + SCTP_CONNTRACK_SHUTDOWN_RECD, + SCTP_CONNTRACK_SHUTDOWN_ACK_SENT, + SCTP_CONNTRACK_MAX +}; + +struct ip_ct_sctp +{ + enum sctp_conntrack state; + + u_int32_t vtag[IP_CT_DIR_MAX]; + u_int32_t ttag[IP_CT_DIR_MAX]; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nf_conntrack_tcp.h b/sysroot/usr/include/linux/netfilter/nf_conntrack_tcp.h new file mode 100644 index 0000000..227f902 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nf_conntrack_tcp.h @@ -0,0 +1,36 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NF_CONNTRACK_TCP_H +#define _NF_CONNTRACK_TCP_H + +enum tcp_conntrack { + TCP_CONNTRACK_NONE, + TCP_CONNTRACK_SYN_SENT, + TCP_CONNTRACK_SYN_RECV, + TCP_CONNTRACK_ESTABLISHED, + TCP_CONNTRACK_FIN_WAIT, + TCP_CONNTRACK_CLOSE_WAIT, + TCP_CONNTRACK_LAST_ACK, + TCP_CONNTRACK_TIME_WAIT, + TCP_CONNTRACK_CLOSE, + TCP_CONNTRACK_LISTEN, + TCP_CONNTRACK_MAX, + TCP_CONNTRACK_IGNORE +}; + +#define IP_CT_TCP_FLAG_WINDOW_SCALE 0x01 + +#define IP_CT_TCP_FLAG_SACK_PERM 0x02 + +#define IP_CT_TCP_FLAG_CLOSE_INIT 0x03 + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nf_conntrack_tuple_common.h b/sysroot/usr/include/linux/netfilter/nf_conntrack_tuple_common.h new file mode 100644 index 0000000..f282543 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nf_conntrack_tuple_common.h @@ -0,0 +1,24 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NF_CONNTRACK_TUPLE_COMMON_H +#define _NF_CONNTRACK_TUPLE_COMMON_H + +enum ip_conntrack_dir +{ + IP_CT_DIR_ORIGINAL, + IP_CT_DIR_REPLY, + IP_CT_DIR_MAX +}; + +#define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nfnetlink.h b/sysroot/usr/include/linux/netfilter/nfnetlink.h new file mode 100644 index 0000000..4544cab --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nfnetlink.h @@ -0,0 +1,84 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _NFNETLINK_H +#define _NFNETLINK_H +#include <linux/types.h> + +#define NF_NETLINK_CONNTRACK_NEW 0x00000001 +#define NF_NETLINK_CONNTRACK_UPDATE 0x00000002 +#define NF_NETLINK_CONNTRACK_DESTROY 0x00000004 +#define NF_NETLINK_CONNTRACK_EXP_NEW 0x00000008 +#define NF_NETLINK_CONNTRACK_EXP_UPDATE 0x00000010 +#define NF_NETLINK_CONNTRACK_EXP_DESTROY 0x00000020 + +enum nfnetlink_groups { + NFNLGRP_NONE, +#define NFNLGRP_NONE NFNLGRP_NONE + NFNLGRP_CONNTRACK_NEW, +#define NFNLGRP_CONNTRACK_NEW NFNLGRP_CONNTRACK_NEW + NFNLGRP_CONNTRACK_UPDATE, +#define NFNLGRP_CONNTRACK_UPDATE NFNLGRP_CONNTRACK_UPDATE + NFNLGRP_CONNTRACK_DESTROY, +#define NFNLGRP_CONNTRACK_DESTROY NFNLGRP_CONNTRACK_DESTROY + NFNLGRP_CONNTRACK_EXP_NEW, +#define NFNLGRP_CONNTRACK_EXP_NEW NFNLGRP_CONNTRACK_EXP_NEW + NFNLGRP_CONNTRACK_EXP_UPDATE, +#define NFNLGRP_CONNTRACK_EXP_UPDATE NFNLGRP_CONNTRACK_EXP_UPDATE + NFNLGRP_CONNTRACK_EXP_DESTROY, +#define NFNLGRP_CONNTRACK_EXP_DESTROY NFNLGRP_CONNTRACK_EXP_DESTROY + __NFNLGRP_MAX, +}; +#define NFNLGRP_MAX (__NFNLGRP_MAX - 1) + +struct nfattr +{ + u_int16_t nfa_len; + u_int16_t nfa_type; +} __attribute__ ((packed)); + +#define NFNL_NFA_NEST 0x8000 +#define NFA_TYPE(attr) ((attr)->nfa_type & 0x7fff) + +#define NFA_ALIGNTO 4 +#define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) & ~(NFA_ALIGNTO - 1)) +#define NFA_OK(nfa,len) ((len) > 0 && (nfa)->nfa_len >= sizeof(struct nfattr) && (nfa)->nfa_len <= (len)) +#define NFA_NEXT(nfa,attrlen) ((attrlen) -= NFA_ALIGN((nfa)->nfa_len), (struct nfattr *)(((char *)(nfa)) + NFA_ALIGN((nfa)->nfa_len))) +#define NFA_LENGTH(len) (NFA_ALIGN(sizeof(struct nfattr)) + (len)) +#define NFA_SPACE(len) NFA_ALIGN(NFA_LENGTH(len)) +#define NFA_DATA(nfa) ((void *)(((char *)(nfa)) + NFA_LENGTH(0))) +#define NFA_PAYLOAD(nfa) ((int)((nfa)->nfa_len) - NFA_LENGTH(0)) +#define NFA_NEST(skb, type) ({ struct nfattr *__start = (struct nfattr *) (skb)->tail; NFA_PUT(skb, (NFNL_NFA_NEST | type), 0, NULL); __start; }) +#define NFA_NEST_END(skb, start) ({ (start)->nfa_len = ((skb)->tail - (unsigned char *) (start)); (skb)->len; }) +#define NFA_NEST_CANCEL(skb, start) ({ if (start) skb_trim(skb, (unsigned char *) (start) - (skb)->data); -1; }) + +struct nfgenmsg { + u_int8_t nfgen_family; + u_int8_t version; + u_int16_t res_id; +} __attribute__ ((packed)); + +#define NFNETLINK_V0 0 + +#define NFM_NFA(n) ((struct nfattr *)(((char *)(n)) + NLMSG_ALIGN(sizeof(struct nfgenmsg)))) +#define NFM_PAYLOAD(n) NLMSG_PAYLOAD(n, sizeof(struct nfgenmsg)) + +#define NFNL_SUBSYS_ID(x) ((x & 0xff00) >> 8) +#define NFNL_MSG_TYPE(x) (x & 0x00ff) + +#define NFNL_SUBSYS_NONE 0 +#define NFNL_SUBSYS_CTNETLINK 1 +#define NFNL_SUBSYS_CTNETLINK_EXP 2 +#define NFNL_SUBSYS_QUEUE 3 +#define NFNL_SUBSYS_ULOG 4 +#define NFNL_SUBSYS_COUNT 5 + +#endif diff --git a/sysroot/usr/include/linux/netfilter/nfnetlink_conntrack.h b/sysroot/usr/include/linux/netfilter/nfnetlink_conntrack.h new file mode 100644 index 0000000..105dd09 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/nfnetlink_conntrack.h @@ -0,0 +1,146 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _IPCONNTRACK_NETLINK_H +#define _IPCONNTRACK_NETLINK_H +#include <linux/netfilter/nfnetlink.h> + +enum cntl_msg_types { + IPCTNL_MSG_CT_NEW, + IPCTNL_MSG_CT_GET, + IPCTNL_MSG_CT_DELETE, + IPCTNL_MSG_CT_GET_CTRZERO, + + IPCTNL_MSG_MAX +}; + +enum ctnl_exp_msg_types { + IPCTNL_MSG_EXP_NEW, + IPCTNL_MSG_EXP_GET, + IPCTNL_MSG_EXP_DELETE, + + IPCTNL_MSG_EXP_MAX +}; + +enum ctattr_type { + CTA_UNSPEC, + CTA_TUPLE_ORIG, + CTA_TUPLE_REPLY, + CTA_STATUS, + CTA_PROTOINFO, + CTA_HELP, + CTA_NAT_SRC, +#define CTA_NAT CTA_NAT_SRC + CTA_TIMEOUT, + CTA_MARK, + CTA_COUNTERS_ORIG, + CTA_COUNTERS_REPLY, + CTA_USE, + CTA_ID, + CTA_NAT_DST, + __CTA_MAX +}; +#define CTA_MAX (__CTA_MAX - 1) + +enum ctattr_tuple { + CTA_TUPLE_UNSPEC, + CTA_TUPLE_IP, + CTA_TUPLE_PROTO, + __CTA_TUPLE_MAX +}; +#define CTA_TUPLE_MAX (__CTA_TUPLE_MAX - 1) + +enum ctattr_ip { + CTA_IP_UNSPEC, + CTA_IP_V4_SRC, + CTA_IP_V4_DST, + CTA_IP_V6_SRC, + CTA_IP_V6_DST, + __CTA_IP_MAX +}; +#define CTA_IP_MAX (__CTA_IP_MAX - 1) + +enum ctattr_l4proto { + CTA_PROTO_UNSPEC, + CTA_PROTO_NUM, + CTA_PROTO_SRC_PORT, + CTA_PROTO_DST_PORT, + CTA_PROTO_ICMP_ID, + CTA_PROTO_ICMP_TYPE, + CTA_PROTO_ICMP_CODE, + CTA_PROTO_ICMPV6_ID, + CTA_PROTO_ICMPV6_TYPE, + CTA_PROTO_ICMPV6_CODE, + __CTA_PROTO_MAX +}; +#define CTA_PROTO_MAX (__CTA_PROTO_MAX - 1) + +enum ctattr_protoinfo { + CTA_PROTOINFO_UNSPEC, + CTA_PROTOINFO_TCP, + __CTA_PROTOINFO_MAX +}; +#define CTA_PROTOINFO_MAX (__CTA_PROTOINFO_MAX - 1) + +enum ctattr_protoinfo_tcp { + CTA_PROTOINFO_TCP_UNSPEC, + CTA_PROTOINFO_TCP_STATE, + __CTA_PROTOINFO_TCP_MAX +}; +#define CTA_PROTOINFO_TCP_MAX (__CTA_PROTOINFO_TCP_MAX - 1) + +enum ctattr_counters { + CTA_COUNTERS_UNSPEC, + CTA_COUNTERS_PACKETS, + CTA_COUNTERS_BYTES, + CTA_COUNTERS32_PACKETS, + CTA_COUNTERS32_BYTES, + __CTA_COUNTERS_MAX +}; +#define CTA_COUNTERS_MAX (__CTA_COUNTERS_MAX - 1) + +enum ctattr_nat { + CTA_NAT_UNSPEC, + CTA_NAT_MINIP, + CTA_NAT_MAXIP, + CTA_NAT_PROTO, + __CTA_NAT_MAX +}; +#define CTA_NAT_MAX (__CTA_NAT_MAX - 1) + +enum ctattr_protonat { + CTA_PROTONAT_UNSPEC, + CTA_PROTONAT_PORT_MIN, + CTA_PROTONAT_PORT_MAX, + __CTA_PROTONAT_MAX +}; +#define CTA_PROTONAT_MAX (__CTA_PROTONAT_MAX - 1) + +enum ctattr_expect { + CTA_EXPECT_UNSPEC, + CTA_EXPECT_MASTER, + CTA_EXPECT_TUPLE, + CTA_EXPECT_MASK, + CTA_EXPECT_TIMEOUT, + CTA_EXPECT_ID, + CTA_EXPECT_HELP_NAME, + __CTA_EXPECT_MAX +}; +#define CTA_EXPECT_MAX (__CTA_EXPECT_MAX - 1) + +enum ctattr_help { + CTA_HELP_UNSPEC, + CTA_HELP_NAME, + __CTA_HELP_MAX +}; +#define CTA_HELP_MAX (__CTA_HELP_MAX - 1) + +#endif diff --git a/sysroot/usr/include/linux/netfilter/x_tables.h b/sysroot/usr/include/linux/netfilter/x_tables.h new file mode 100644 index 0000000..234181f --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/x_tables.h @@ -0,0 +1,125 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _X_TABLES_H +#define _X_TABLES_H + +#define XT_FUNCTION_MAXNAMELEN 30 +#define XT_TABLE_MAXNAMELEN 32 + +struct xt_entry_match +{ + union { + struct { + u_int16_t match_size; + + char name[XT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; + } user; + struct { + u_int16_t match_size; + + struct xt_match *match; + } kernel; + + u_int16_t match_size; + } u; + + unsigned char data[0]; +}; + +struct xt_entry_target +{ + union { + struct { + u_int16_t target_size; + + char name[XT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; + } user; + struct { + u_int16_t target_size; + + struct xt_target *target; + } kernel; + + u_int16_t target_size; + } u; + + unsigned char data[0]; +}; + +struct xt_standard_target +{ + struct xt_entry_target target; + int verdict; +}; + +struct xt_get_revision +{ + char name[XT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; +}; + +#define XT_CONTINUE 0xFFFFFFFF + +#define XT_RETURN (-NF_REPEAT - 1) + +struct _xt_align +{ + u_int8_t u8; + u_int16_t u16; + u_int32_t u32; + u_int64_t u64; +}; + +#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) & ~(__alignof__(struct _xt_align)-1)) + +#define XT_STANDARD_TARGET "" + +#define XT_ERROR_TARGET "ERROR" + +#define XT_BASE_CTL 64 + +#define XT_SO_SET_REPLACE (XT_BASE_CTL) +#define XT_SO_SET_ADD_COUNTERS (XT_BASE_CTL + 1) +#define XT_SO_SET_MAX XT_SO_SET_ADD_COUNTERS + +#define XT_SO_GET_INFO (XT_BASE_CTL) +#define XT_SO_GET_ENTRIES (XT_BASE_CTL + 1) +#define XT_SO_GET_REVISION_MATCH (XT_BASE_CTL + 2) +#define XT_SO_GET_REVISION_TARGET (XT_BASE_CTL + 3) +#define XT_SO_GET_MAX XT_SO_GET_REVISION_TARGET + +#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0) +#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0) + +struct xt_counters +{ + u_int64_t pcnt, bcnt; +}; + +struct xt_counters_info +{ + + char name[XT_TABLE_MAXNAMELEN]; + + unsigned int num_counters; + + struct xt_counters counters[0]; +}; + +#define XT_INV_PROTO 0x40 + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_CLASSIFY.h b/sysroot/usr/include/linux/netfilter/xt_CLASSIFY.h new file mode 100644 index 0000000..1e9f61e --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_CLASSIFY.h @@ -0,0 +1,19 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_CLASSIFY_H +#define _XT_CLASSIFY_H + +struct xt_classify_target_info { + u_int32_t priority; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_CONNSECMARK.h b/sysroot/usr/include/linux/netfilter/xt_CONNSECMARK.h new file mode 100644 index 0000000..5e16b2e --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_CONNSECMARK.h @@ -0,0 +1,24 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_CONNSECMARK_H_target +#define _XT_CONNSECMARK_H_target + +enum { + CONNSECMARK_SAVE = 1, + CONNSECMARK_RESTORE, +}; + +struct xt_connsecmark_target_info { + u_int8_t mode; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_NFQUEUE.h b/sysroot/usr/include/linux/netfilter/xt_NFQUEUE.h new file mode 100644 index 0000000..1f0cacb --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_NFQUEUE.h @@ -0,0 +1,19 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_NFQ_TARGET_H +#define _XT_NFQ_TARGET_H + +struct xt_NFQ_info { + u_int16_t queuenum; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_SECMARK.h b/sysroot/usr/include/linux/netfilter/xt_SECMARK.h new file mode 100644 index 0000000..a91d32c --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_SECMARK.h @@ -0,0 +1,30 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_SECMARK_H_target +#define _XT_SECMARK_H_target + +#define SECMARK_MODE_SEL 0x01 +#define SECMARK_SELCTX_MAX 256 + +struct xt_secmark_target_selinux_info { + u_int32_t selsid; + char selctx[SECMARK_SELCTX_MAX]; +}; + +struct xt_secmark_target_info { + u_int8_t mode; + union { + struct xt_secmark_target_selinux_info sel; + } u; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_comment.h b/sysroot/usr/include/linux/netfilter/xt_comment.h new file mode 100644 index 0000000..6ea26fc --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_comment.h @@ -0,0 +1,21 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_COMMENT_H +#define _XT_COMMENT_H + +#define XT_MAX_COMMENT_LEN 256 + +struct xt_comment_info { + unsigned char comment[XT_MAX_COMMENT_LEN]; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_connbytes.h b/sysroot/usr/include/linux/netfilter/xt_connbytes.h new file mode 100644 index 0000000..8cc80e1 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_connbytes.h @@ -0,0 +1,36 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_CONNBYTES_H +#define _XT_CONNBYTES_H + +enum xt_connbytes_what { + XT_CONNBYTES_PKTS, + XT_CONNBYTES_BYTES, + XT_CONNBYTES_AVGPKT, +}; + +enum xt_connbytes_direction { + XT_CONNBYTES_DIR_ORIGINAL, + XT_CONNBYTES_DIR_REPLY, + XT_CONNBYTES_DIR_BOTH, +}; + +struct xt_connbytes_info +{ + struct { + aligned_u64 from; + aligned_u64 to; + } count; + u_int8_t what; + u_int8_t direction; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_conntrack.h b/sysroot/usr/include/linux/netfilter/xt_conntrack.h new file mode 100644 index 0000000..aa9bde2 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_conntrack.h @@ -0,0 +1,66 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_CONNTRACK_H +#define _XT_CONNTRACK_H + +#include <linux/netfilter/nf_conntrack_tuple_common.h> +#include <linux/in.h> + +#define XT_CONNTRACK_STATE_BIT(ctinfo) (1 << ((ctinfo)%IP_CT_IS_REPLY+1)) +#define XT_CONNTRACK_STATE_INVALID (1 << 0) + +#define XT_CONNTRACK_STATE_SNAT (1 << (IP_CT_NUMBER + 1)) +#define XT_CONNTRACK_STATE_DNAT (1 << (IP_CT_NUMBER + 2)) +#define XT_CONNTRACK_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 3)) + +#define XT_CONNTRACK_STATE 0x01 +#define XT_CONNTRACK_PROTO 0x02 +#define XT_CONNTRACK_ORIGSRC 0x04 +#define XT_CONNTRACK_ORIGDST 0x08 +#define XT_CONNTRACK_REPLSRC 0x10 +#define XT_CONNTRACK_REPLDST 0x20 +#define XT_CONNTRACK_STATUS 0x40 +#define XT_CONNTRACK_EXPIRES 0x80 + +struct ip_conntrack_old_tuple +{ + struct { + __u32 ip; + union { + __u16 all; + } u; + } src; + + struct { + __u32 ip; + union { + __u16 all; + } u; + + __u16 protonum; + } dst; +}; + +struct xt_conntrack_info +{ + unsigned int statemask, statusmask; + + struct ip_conntrack_old_tuple tuple[IP_CT_DIR_MAX]; + struct in_addr sipmsk[IP_CT_DIR_MAX], dipmsk[IP_CT_DIR_MAX]; + + unsigned long expires_min, expires_max; + + u_int8_t flags; + + u_int8_t invflags; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_dccp.h b/sysroot/usr/include/linux/netfilter/xt_dccp.h new file mode 100644 index 0000000..8a10e67 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_dccp.h @@ -0,0 +1,34 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_DCCP_H_ +#define _XT_DCCP_H_ + +#define XT_DCCP_SRC_PORTS 0x01 +#define XT_DCCP_DEST_PORTS 0x02 +#define XT_DCCP_TYPE 0x04 +#define XT_DCCP_OPTION 0x08 + +#define XT_DCCP_VALID_FLAGS 0x0f + +struct xt_dccp_info { + u_int16_t dpts[2]; + u_int16_t spts[2]; + + u_int16_t flags; + u_int16_t invflags; + + u_int16_t typemask; + u_int8_t option; +}; + +#endif + diff --git a/sysroot/usr/include/linux/netfilter/xt_esp.h b/sysroot/usr/include/linux/netfilter/xt_esp.h new file mode 100644 index 0000000..175c47e --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_esp.h @@ -0,0 +1,24 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_ESP_H +#define _XT_ESP_H + +struct xt_esp +{ + u_int32_t spis[2]; + u_int8_t invflags; +}; + +#define XT_ESP_INV_SPI 0x01 +#define XT_ESP_INV_MASK 0x01 + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_helper.h b/sysroot/usr/include/linux/netfilter/xt_helper.h new file mode 100644 index 0000000..6ffa451 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_helper.h @@ -0,0 +1,19 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_HELPER_H +#define _XT_HELPER_H + +struct xt_helper_info { + int invert; + char name[30]; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_length.h b/sysroot/usr/include/linux/netfilter/xt_length.h new file mode 100644 index 0000000..12db6c7 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_length.h @@ -0,0 +1,20 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_LENGTH_H +#define _XT_LENGTH_H + +struct xt_length_info { + u_int16_t min, max; + u_int8_t invert; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_limit.h b/sysroot/usr/include/linux/netfilter/xt_limit.h new file mode 100644 index 0000000..f9fb37f --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_limit.h @@ -0,0 +1,27 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_RATE_H +#define _XT_RATE_H + +#define XT_LIMIT_SCALE 10000 + +struct xt_rateinfo { + u_int32_t avg; + u_int32_t burst; + + unsigned long prev; + u_int32_t credit; + u_int32_t credit_cap, cost; + + struct xt_rateinfo *master; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_mac.h b/sysroot/usr/include/linux/netfilter/xt_mac.h new file mode 100644 index 0000000..2473aab --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_mac.h @@ -0,0 +1,19 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_MAC_H +#define _XT_MAC_H + +struct xt_mac_info { + unsigned char srcaddr[ETH_ALEN]; + int invert; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_multiport.h b/sysroot/usr/include/linux/netfilter/xt_multiport.h new file mode 100644 index 0000000..f17979a --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_multiport.h @@ -0,0 +1,40 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_MULTIPORT_H +#define _XT_MULTIPORT_H + +enum xt_multiport_flags +{ + XT_MULTIPORT_SOURCE, + XT_MULTIPORT_DESTINATION, + XT_MULTIPORT_EITHER +}; + +#define XT_MULTI_PORTS 15 + +struct xt_multiport +{ + u_int8_t flags; + u_int8_t count; + u_int16_t ports[XT_MULTI_PORTS]; +}; + +struct xt_multiport_v1 +{ + u_int8_t flags; + u_int8_t count; + u_int16_t ports[XT_MULTI_PORTS]; + u_int8_t pflags[XT_MULTI_PORTS]; + u_int8_t invert; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_physdev.h b/sysroot/usr/include/linux/netfilter/xt_physdev.h new file mode 100644 index 0000000..d0ca032 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_physdev.h @@ -0,0 +1,31 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_PHYSDEV_H +#define _XT_PHYSDEV_H + +#define XT_PHYSDEV_OP_IN 0x01 +#define XT_PHYSDEV_OP_OUT 0x02 +#define XT_PHYSDEV_OP_BRIDGED 0x04 +#define XT_PHYSDEV_OP_ISIN 0x08 +#define XT_PHYSDEV_OP_ISOUT 0x10 +#define XT_PHYSDEV_OP_MASK (0x20 - 1) + +struct xt_physdev_info { + char physindev[IFNAMSIZ]; + char in_mask[IFNAMSIZ]; + char physoutdev[IFNAMSIZ]; + char out_mask[IFNAMSIZ]; + u_int8_t invert; + u_int8_t bitmask; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_pkttype.h b/sysroot/usr/include/linux/netfilter/xt_pkttype.h new file mode 100644 index 0000000..32527b8 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_pkttype.h @@ -0,0 +1,19 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_PKTTYPE_H +#define _XT_PKTTYPE_H + +struct xt_pkttype_info { + int pkttype; + int invert; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_quota.h b/sysroot/usr/include/linux/netfilter/xt_quota.h new file mode 100644 index 0000000..d34752d --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_quota.h @@ -0,0 +1,27 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_QUOTA_H +#define _XT_QUOTA_H + +enum xt_quota_flags { + XT_QUOTA_INVERT = 0x1, +}; +#define XT_QUOTA_MASK 0x1 + +struct xt_quota_info { + u_int32_t flags; + u_int32_t pad; + aligned_u64 quota; + struct xt_quota_info *master; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_realm.h b/sysroot/usr/include/linux/netfilter/xt_realm.h new file mode 100644 index 0000000..1a2a3cf --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_realm.h @@ -0,0 +1,21 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_REALM_H +#define _XT_REALM_H + +struct xt_realm_info { + u_int32_t id; + u_int32_t mask; + u_int8_t invert; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_sctp.h b/sysroot/usr/include/linux/netfilter/xt_sctp.h new file mode 100644 index 0000000..f79c3b6 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_sctp.h @@ -0,0 +1,68 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_SCTP_H_ +#define _XT_SCTP_H_ + +#define XT_SCTP_SRC_PORTS 0x01 +#define XT_SCTP_DEST_PORTS 0x02 +#define XT_SCTP_CHUNK_TYPES 0x04 + +#define XT_SCTP_VALID_FLAGS 0x07 + +#define ELEMCOUNT(x) (sizeof(x)/sizeof(x[0])) + +struct xt_sctp_flag_info { + u_int8_t chunktype; + u_int8_t flag; + u_int8_t flag_mask; +}; + +#define XT_NUM_SCTP_FLAGS 4 + +struct xt_sctp_info { + u_int16_t dpts[2]; + u_int16_t spts[2]; + + u_int32_t chunkmap[256 / sizeof (u_int32_t)]; + +#define SCTP_CHUNK_MATCH_ANY 0x01 +#define SCTP_CHUNK_MATCH_ALL 0x02 +#define SCTP_CHUNK_MATCH_ONLY 0x04 + + u_int32_t chunk_match_type; + struct xt_sctp_flag_info flag_info[XT_NUM_SCTP_FLAGS]; + int flag_count; + + u_int32_t flags; + u_int32_t invflags; +}; + +#define bytes(type) (sizeof(type) * 8) + +#define SCTP_CHUNKMAP_SET(chunkmap, type) do { chunkmap[type / bytes(u_int32_t)] |= 1 << (type % bytes(u_int32_t)); } while (0) + +#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) do { chunkmap[type / bytes(u_int32_t)] &= ~(1 << (type % bytes(u_int32_t))); } while (0) + +#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) ({ (chunkmap[type / bytes (u_int32_t)] & (1 << (type % bytes (u_int32_t)))) ? 1: 0; }) + +#define SCTP_CHUNKMAP_RESET(chunkmap) do { int i; for (i = 0; i < ELEMCOUNT(chunkmap); i++) chunkmap[i] = 0; } while (0) + +#define SCTP_CHUNKMAP_SET_ALL(chunkmap) do { int i; for (i = 0; i < ELEMCOUNT(chunkmap); i++) chunkmap[i] = ~0; } while (0) + +#define SCTP_CHUNKMAP_COPY(destmap, srcmap) do { int i; for (i = 0; i < ELEMCOUNT(chunkmap); i++) destmap[i] = srcmap[i]; } while (0) + +#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) ({ int i; int flag = 1; for (i = 0; i < ELEMCOUNT(chunkmap); i++) { if (chunkmap[i]) { flag = 0; break; } } flag; }) + +#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) ({ int i; int flag = 1; for (i = 0; i < ELEMCOUNT(chunkmap); i++) { if (chunkmap[i] != ~0) { flag = 0; break; } } flag; }) + +#endif + diff --git a/sysroot/usr/include/linux/netfilter/xt_state.h b/sysroot/usr/include/linux/netfilter/xt_state.h new file mode 100644 index 0000000..6754776 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_state.h @@ -0,0 +1,24 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_STATE_H +#define _XT_STATE_H + +#define XT_STATE_BIT(ctinfo) (1 << ((ctinfo)%IP_CT_IS_REPLY+1)) +#define XT_STATE_INVALID (1 << 0) + +#define XT_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 1)) + +struct xt_state_info +{ + unsigned int statemask; +}; +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_statistic.h b/sysroot/usr/include/linux/netfilter/xt_statistic.h new file mode 100644 index 0000000..999b0a1 --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_statistic.h @@ -0,0 +1,43 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_STATISTIC_H +#define _XT_STATISTIC_H + +enum xt_statistic_mode { + XT_STATISTIC_MODE_RANDOM, + XT_STATISTIC_MODE_NTH, + __XT_STATISTIC_MODE_MAX +}; +#define XT_STATISTIC_MODE_MAX (__XT_STATISTIC_MODE_MAX - 1) + +enum xt_statistic_flags { + XT_STATISTIC_INVERT = 0x1, +}; +#define XT_STATISTIC_MASK 0x1 + +struct xt_statistic_info { + u_int16_t mode; + u_int16_t flags; + union { + struct { + u_int32_t probability; + } random; + struct { + u_int32_t every; + u_int32_t packet; + u_int32_t count; + } nth; + } u; + struct xt_statistic_info *master __attribute__((aligned(8))); +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_string.h b/sysroot/usr/include/linux/netfilter/xt_string.h new file mode 100644 index 0000000..a01018f --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_string.h @@ -0,0 +1,29 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_STRING_H +#define _XT_STRING_H + +#define XT_STRING_MAX_PATTERN_SIZE 128 +#define XT_STRING_MAX_ALGO_NAME_SIZE 16 + +struct xt_string_info +{ + u_int16_t from_offset; + u_int16_t to_offset; + char algo[XT_STRING_MAX_ALGO_NAME_SIZE]; + char pattern[XT_STRING_MAX_PATTERN_SIZE]; + u_int8_t patlen; + u_int8_t invert; + struct ts_config __attribute__((aligned(8))) *config; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_tcpmss.h b/sysroot/usr/include/linux/netfilter/xt_tcpmss.h new file mode 100644 index 0000000..33de0ee --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_tcpmss.h @@ -0,0 +1,20 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_TCPMSS_MATCH_H +#define _XT_TCPMSS_MATCH_H + +struct xt_tcpmss_match_info { + u_int16_t mss_min, mss_max; + u_int8_t invert; +}; + +#endif diff --git a/sysroot/usr/include/linux/netfilter/xt_tcpudp.h b/sysroot/usr/include/linux/netfilter/xt_tcpudp.h new file mode 100644 index 0000000..476fffb --- /dev/null +++ b/sysroot/usr/include/linux/netfilter/xt_tcpudp.h @@ -0,0 +1,42 @@ +/**************************************************************************** + **************************************************************************** + *** + *** This header was automatically generated from a Linux kernel header + *** of the same name, to make information necessary for userspace to + *** call into the kernel available to libc. It contains only constants, + *** structures, and macros generated from the original header, and thus, + *** contains no copyrightable information. + *** + **************************************************************************** + ****************************************************************************/ +#ifndef _XT_TCPUDP_H +#define _XT_TCPUDP_H + +struct xt_tcp +{ + u_int16_t spts[2]; + u_int16_t dpts[2]; + u_int8_t option; + u_int8_t flg_mask; + u_int8_t flg_cmp; + u_int8_t invflags; +}; + +#define XT_TCP_INV_SRCPT 0x01 +#define XT_TCP_INV_DSTPT 0x02 +#define XT_TCP_INV_FLAGS 0x04 +#define XT_TCP_INV_OPTION 0x08 +#define XT_TCP_INV_MASK 0x0F + +struct xt_udp +{ + u_int16_t spts[2]; + u_int16_t dpts[2]; + u_int8_t invflags; +}; + +#define XT_UDP_INV_SRCPT 0x01 +#define XT_UDP_INV_DSTPT 0x02 +#define XT_UDP_INV_MASK 0x03 + +#endif |