English
- /*
- *
- * Flow based forwarding rules (usage: firewalling, etc)
- *
- */
- #ifndef _NET_FLOW_H
- #define _NET_FLOW_H
- struct flowi {
- int proto; /* {TCP, UDP, ICMP} */
- union {
- struct {
- __u32 daddr;
- __u32 saddr;
- } ip4_u;
- struct {
- struct in6_addr * daddr;
- struct in6_addr * saddr;
- __u32 flowlabel;
- } ip6_u;
- } nl_u;
- #define fl6_dst nl_u.ip6_u.daddr
- #define fl6_src nl_u.ip6_u.saddr
- #define fl6_flowlabel nl_u.ip6_u.flowlabel
- #define fl4_dst nl_u.ip4_u.daddr
- #define fl4_src nl_u.ip4_u.saddr
- int oif;
- union {
- struct {
- __u16 sport;
- __u16 dport;
- } ports;
- struct {
- __u8 type;
- __u8 code;
- } icmpt;
- unsigned long data;
- } uli_u;
- };
- #define FLOWR_NODECISION 0 /* rule not appliable to flow */
- #define FLOWR_SELECT 1 /* flow must follow this rule */
- #define FLOWR_CLEAR 2 /* priority level clears flow */
- #define FLOWR_ERROR 3
- struct fl_acc_args {
- int type;
- #define FL_ARG_FORWARD 1
- #define FL_ARG_ORIGIN 2
- union {
- struct sk_buff *skb;
- struct {
- struct sock *sk;
- struct flowi *flow;
- } fl_o;
- } fl_u;
- };
- struct pkt_filter {
- atomic_t refcnt;
- unsigned int offset;
- __u32 value;
- __u32 mask;
- struct pkt_filter *next;
- };
- #define FLR_INPUT 1
- #define FLR_OUTPUT 2
- struct flow_filter {
- int type;
- union {
- struct pkt_filter *filter;
- struct sock *sk;
- } u;
- };
- struct flow_rule {
- struct flow_rule_ops *ops;
- unsigned char private[0];
- };
- struct flow_rule_ops {
- int (*accept)(struct rt6_info *rt,
- struct rt6_info *rule,
- struct fl_acc_args *args,
- struct rt6_info **nrt);
- };
- #endif
