1/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2#ifndef _XT_SET_H 3#define _XT_SET_H 4 5#include <linux/types.h> 6#include <linux/netfilter/ipset/ip_set.h> 7 8/* Revision 0 interface: backward compatible with netfilter/iptables */ 9 10/* 11 * Option flags for kernel operations (xt_set_info_v0) 12 */ 13#define IPSET_SRC 0x01 /* Source match/add */ 14#define IPSET_DST 0x02 /* Destination match/add */ 15#define IPSET_MATCH_INV 0x04 /* Inverse matching */ 16 17struct xt_set_info_v0 { 18 ip_set_id_t index; 19 union { 20 __u32 flags[IPSET_DIM_MAX + 1]; 21 struct { 22 __u32 __flags[IPSET_DIM_MAX]; 23 __u8 dim; 24 __u8 flags; 25 } compat; 26 } u; 27}; 28 29/* match and target infos */ 30struct xt_set_info_match_v0 { 31 struct xt_set_info_v0 match_set; 32}; 33 34struct xt_set_info_target_v0 { 35 struct xt_set_info_v0 add_set; 36 struct xt_set_info_v0 del_set; 37}; 38 39/* Revision 1 match and target */ 40 41struct xt_set_info { 42 ip_set_id_t index; 43 __u8 dim; 44 __u8 flags; 45}; 46 47/* match and target infos */ 48struct xt_set_info_match_v1 { 49 struct xt_set_info match_set; 50}; 51 52struct xt_set_info_target_v1 { 53 struct xt_set_info add_set; 54 struct xt_set_info del_set; 55}; 56 57/* Revision 2 target */ 58 59struct xt_set_info_target_v2 { 60 struct xt_set_info add_set; 61 struct xt_set_info del_set; 62 __u32 flags; 63 __u32 timeout; 64}; 65 66/* Revision 3 match */ 67 68struct xt_set_info_match_v3 { 69 struct xt_set_info match_set; 70 struct ip_set_counter_match0 packets; 71 struct ip_set_counter_match0 bytes; 72 __u32 flags; 73}; 74 75/* Revision 3 target */ 76 77struct xt_set_info_target_v3 { 78 struct xt_set_info add_set; 79 struct xt_set_info del_set; 80 struct xt_set_info map_set; 81 __u32 flags; 82 __u32 timeout; 83}; 84 85/* Revision 4 match */ 86 87struct xt_set_info_match_v4 { 88 struct xt_set_info match_set; 89 struct ip_set_counter_match packets; 90 struct ip_set_counter_match bytes; 91 __u32 flags; 92}; 93 94#endif /*_XT_SET_H*/ 95