1#ifndef _XT_POLICY_H
2#define _XT_POLICY_H
3
4#include <linux/types.h>
5
6#define XT_POLICY_MAX_ELEM 4
7
8enum xt_policy_flags
9{
10 XT_POLICY_MATCH_IN = 0x1,
11 XT_POLICY_MATCH_OUT = 0x2,
12 XT_POLICY_MATCH_NONE = 0x4,
13 XT_POLICY_MATCH_STRICT = 0x8,
14};
15
16enum xt_policy_modes
17{
18 XT_POLICY_MODE_TRANSPORT,
19 XT_POLICY_MODE_TUNNEL
20};
21
22struct xt_policy_spec
23{
24 __u8 saddr:1,
25 daddr:1,
26 proto:1,
27 mode:1,
28 spi:1,
29 reqid:1;
30};
31
32#ifndef __KERNEL__
33union xt_policy_addr
34{
35 struct in_addr a4;
36 struct in6_addr a6;
37};
38#endif
39
40struct xt_policy_elem
41{
42 union {
43#ifdef __KERNEL__
44 struct {
45 union nf_inet_addr saddr;
46 union nf_inet_addr smask;
47 union nf_inet_addr daddr;
48 union nf_inet_addr dmask;
49 };
50#else
51 struct {
52 union xt_policy_addr saddr;
53 union xt_policy_addr smask;
54 union xt_policy_addr daddr;
55 union xt_policy_addr dmask;
56 };
57#endif
58 };
59 __be32 spi;
60 __u32 reqid;
61 __u8 proto;
62 __u8 mode;
63
64 struct xt_policy_spec match;
65 struct xt_policy_spec invert;
66};
67
68struct xt_policy_info
69{
70 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM];
71 __u16 flags;
72 __u16 len;
73};
74
75#endif
76
