2 * 25-Jul-1998 Major changes to allow for ip chain table
4 * 3-Jan-2000 Named tables to allow packet selection for different uses.
8 * Format of an IP6 firewall descriptor
10 * src, dst, src_mask, dst_mask are always stored in network byte order.
11 * flags are stored in host byte order (of course).
12 * Port numbers are stored in HOST byte order.
18 #include <linux/in6.h>
19 #include <linux/ipv6.h>
20 #include <linux/skbuff.h>
22 #include <linux/init.h>
23 #include <uapi/linux/netfilter_ipv6/ip6_tables.h>
25 extern void ip6t_init(void) __init
;
27 extern void *ip6t_alloc_initial_table(const struct xt_table
*);
28 int ip6t_register_table(struct net
*net
, const struct xt_table
*table
,
29 const struct ip6t_replace
*repl
,
30 const struct nf_hook_ops
*ops
, struct xt_table
**res
);
31 void ip6t_unregister_table(struct net
*net
, struct xt_table
*table
,
32 const struct nf_hook_ops
*ops
);
33 extern unsigned int ip6t_do_table(struct sk_buff
*skb
,
34 const struct nf_hook_state
*state
,
35 struct xt_table
*table
);
37 /* Check for an extension */
39 ip6t_ext_hdr(u8 nexthdr
)
40 { return (nexthdr
== IPPROTO_HOPOPTS
) ||
41 (nexthdr
== IPPROTO_ROUTING
) ||
42 (nexthdr
== IPPROTO_FRAGMENT
) ||
43 (nexthdr
== IPPROTO_ESP
) ||
44 (nexthdr
== IPPROTO_AH
) ||
45 (nexthdr
== IPPROTO_NONE
) ||
46 (nexthdr
== IPPROTO_DSTOPTS
);
50 #include <net/compat.h>
52 struct compat_ip6t_entry
{
54 compat_uint_t nfcache
;
57 compat_uint_t comefrom
;
58 struct compat_xt_counters counters
;
59 unsigned char elems
[0];
62 static inline struct xt_entry_target
*
63 compat_ip6t_get_target(struct compat_ip6t_entry
*e
)
65 return (void *)e
+ e
->target_offset
;
68 #endif /* CONFIG_COMPAT */
69 #endif /* _IP6_TABLES_H */