diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter_arp/arp_tables.h | 20 | ||||
-rw-r--r-- | include/linux/netfilter_ipv6/ip6_tables.h | 27 |
2 files changed, 39 insertions, 8 deletions
diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h index d759a637bded..e98a870a20be 100644 --- a/include/linux/netfilter_arp/arp_tables.h +++ b/include/linux/netfilter_arp/arp_tables.h @@ -68,7 +68,8 @@ struct arpt_entry_target u_int16_t target_size; /* Used by userspace */ - char name[ARPT_FUNCTION_MAXNAMELEN]; + char name[ARPT_FUNCTION_MAXNAMELEN-1]; + u_int8_t revision; } user; struct { u_int16_t target_size; @@ -148,7 +149,9 @@ struct arpt_entry #define ARPT_SO_GET_INFO (ARPT_BASE_CTL) #define ARPT_SO_GET_ENTRIES (ARPT_BASE_CTL + 1) -#define ARPT_SO_GET_MAX ARPT_SO_GET_ENTRIES +/* #define ARPT_SO_GET_REVISION_MATCH (ARPT_BASE_CTL + 2)*/ +#define ARPT_SO_GET_REVISION_TARGET (ARPT_BASE_CTL + 3) +#define ARPT_SO_GET_MAX ARPT_SO_GET_REVISION_TARGET /* CONTINUE verdict for targets */ #define ARPT_CONTINUE 0xFFFFFFFF @@ -236,6 +239,15 @@ struct arpt_get_entries struct arpt_entry entrytable[0]; }; +/* The argument to ARPT_SO_GET_REVISION_*. Returns highest revision + * kernel supports, if >= revision. */ +struct arpt_get_revision +{ + char name[ARPT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; +}; + /* Standard return verdict, or do jump. */ #define ARPT_STANDARD_TARGET "" /* Error verdict. */ @@ -274,7 +286,9 @@ struct arpt_target { struct list_head list; - const char name[ARPT_FUNCTION_MAXNAMELEN]; + const char name[ARPT_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; /* Returns verdict. */ unsigned int (*target)(struct sk_buff **pskb, diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h index 59f70b34e029..2efc046d9e94 100644 --- a/include/linux/netfilter_ipv6/ip6_tables.h +++ b/include/linux/netfilter_ipv6/ip6_tables.h @@ -57,7 +57,8 @@ struct ip6t_entry_match u_int16_t match_size; /* Used by userspace */ - char name[IP6T_FUNCTION_MAXNAMELEN]; + char name[IP6T_FUNCTION_MAXNAMELEN-1]; + u_int8_t revision; } user; struct { u_int16_t match_size; @@ -80,7 +81,8 @@ struct ip6t_entry_target u_int16_t target_size; /* Used by userspace */ - char name[IP6T_FUNCTION_MAXNAMELEN]; + char name[IP6T_FUNCTION_MAXNAMELEN-1]; + u_int8_t revision; } user; struct { u_int16_t target_size; @@ -161,7 +163,9 @@ struct ip6t_entry #define IP6T_SO_GET_INFO (IP6T_BASE_CTL) #define IP6T_SO_GET_ENTRIES (IP6T_BASE_CTL + 1) -#define IP6T_SO_GET_MAX IP6T_SO_GET_ENTRIES +#define IP6T_SO_GET_REVISION_MATCH (IP6T_BASE_CTL + 2) +#define IP6T_SO_GET_REVISION_TARGET (IP6T_BASE_CTL + 3) +#define IP6T_SO_GET_MAX IP6T_SO_GET_REVISION_TARGET /* CONTINUE verdict for targets */ #define IP6T_CONTINUE 0xFFFFFFFF @@ -291,6 +295,15 @@ struct ip6t_get_entries struct ip6t_entry entrytable[0]; }; +/* The argument to IP6T_SO_GET_REVISION_*. Returns highest revision + * kernel supports, if >= revision. */ +struct ip6t_get_revision +{ + char name[IP6T_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; +}; + /* Standard return verdict, or do jump. */ #define IP6T_STANDARD_TARGET "" /* Error verdict. */ @@ -352,7 +365,9 @@ struct ip6t_match { struct list_head list; - const char name[IP6T_FUNCTION_MAXNAMELEN]; + const char name[IP6T_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; /* Return true or false: return FALSE and set *hotdrop = 1 to force immediate packet drop. */ @@ -387,7 +402,9 @@ struct ip6t_target { struct list_head list; - const char name[IP6T_FUNCTION_MAXNAMELEN]; + const char name[IP6T_FUNCTION_MAXNAMELEN-1]; + + u_int8_t revision; /* Returns verdict. Argument order changed since 2.6.9, as this must now handle non-linear skbs, using skb_copy_bits and |