1
2#ifndef _XT_POLICY_H
3#define _XT_POLICY_H
4
5#include <linux/types.h>
6#include <linux/in.h>
7#include <linux/in6.h>
8
9#define XT_POLICY_MAX_ELEM 4
10
11enum xt_policy_flags {
12 XT_POLICY_MATCH_IN = 0x1,
13 XT_POLICY_MATCH_OUT = 0x2,
14 XT_POLICY_MATCH_NONE = 0x4,
15 XT_POLICY_MATCH_STRICT = 0x8,
16};
17
18enum xt_policy_modes {
19 XT_POLICY_MODE_TRANSPORT,
20 XT_POLICY_MODE_TUNNEL
21};
22
23struct xt_policy_spec {
24 __u8 saddr:1,
25 daddr:1,
26 proto:1,
27 mode:1,
28 spi:1,
29 reqid:1;
30};
31
32#ifndef __KERNEL__
33union xt_policy_addr {
34 struct in_addr a4;
35 struct in6_addr a6;
36};
37#endif
38
39struct xt_policy_elem {
40 union {
41#ifdef __KERNEL__
42 struct {
43 union nf_inet_addr saddr;
44 union nf_inet_addr smask;
45 union nf_inet_addr daddr;
46 union nf_inet_addr dmask;
47 };
48#else
49 struct {
50 union xt_policy_addr saddr;
51 union xt_policy_addr smask;
52 union xt_policy_addr daddr;
53 union xt_policy_addr dmask;
54 };
55#endif
56 };
57 __be32 spi;
58 __u32 reqid;
59 __u8 proto;
60 __u8 mode;
61
62 struct xt_policy_spec match;
63 struct xt_policy_spec invert;
64};
65
66struct xt_policy_info {
67 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM];
68 __u16 flags;
69 __u16 len;
70};
71
72#endif
73