1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * 25-Jul-1998 Major changes to allow for ip chain table 4 * 5 * 3-Jan-2000 Named tables to allow packet selection for different uses. 6 */ 7 8/* 9 * Format of an IP6 firewall descriptor 10 * 11 * src, dst, src_mask, dst_mask are always stored in network byte order. 12 * flags are stored in host byte order (of course). 13 * Port numbers are stored in HOST byte order. 14 */ 15#ifndef _IP6_TABLES_H 16#define _IP6_TABLES_H 17 18#include <linux/if.h> 19#include <linux/in6.h> 20#include <linux/ipv6.h> 21#include <linux/skbuff.h> 22 23#include <linux/init.h> 24#include <uapi/linux/netfilter_ipv6/ip6_tables.h> 25 26extern void ip6t_init(void) __init; 27 28extern void *ip6t_alloc_initial_table(const struct xt_table *); 29int ip6t_register_table(struct net *net, const struct xt_table *table, 30 const struct ip6t_replace *repl, 31 const struct nf_hook_ops *ops, struct xt_table **res); 32void ip6t_unregister_table(struct net *net, struct xt_table *table, 33 const struct nf_hook_ops *ops); 34extern unsigned int ip6t_do_table(struct sk_buff *skb, 35 const struct nf_hook_state *state, 36 struct xt_table *table); 37 38/* Check for an extension */ 39static inline int 40ip6t_ext_hdr(u8 nexthdr) 41{ return (nexthdr == IPPROTO_HOPOPTS) || 42 (nexthdr == IPPROTO_ROUTING) || 43 (nexthdr == IPPROTO_FRAGMENT) || 44 (nexthdr == IPPROTO_ESP) || 45 (nexthdr == IPPROTO_AH) || 46 (nexthdr == IPPROTO_NONE) || 47 (nexthdr == IPPROTO_DSTOPTS); 48} 49 50#ifdef CONFIG_COMPAT 51#include <net/compat.h> 52 53struct compat_ip6t_entry { 54 struct ip6t_ip6 ipv6; 55 compat_uint_t nfcache; 56 __u16 target_offset; 57 __u16 next_offset; 58 compat_uint_t comefrom; 59 struct compat_xt_counters counters; 60 unsigned char elems[0]; 61}; 62 63static inline struct xt_entry_target * 64compat_ip6t_get_target(struct compat_ip6t_entry *e) 65{ 66 return (void *)e + e->target_offset; 67} 68 69#endif /* CONFIG_COMPAT */ 70#endif /* _IP6_TABLES_H */ 71