netfilter: nf_nat: export NAT definitions to userspace
Export the NAT definitions to userspace. So far userspace (specifically, iptables) has been copying the headers files from include/net. Also rename some structures and definitions in preparation for IPv6 NAT. Since these have never been officially exported, this doesn't affect existing userspace code. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Patrick McHardy
committed by
Pablo Neira Ayuso
Pablo Neira Ayuso
parent
3d058d7bc2
commit
cbc9f2f4fc
@@ -5,6 +5,7 @@ header-y += nf_conntrack_ftp.h
|
||||
header-y += nf_conntrack_sctp.h
|
||||
header-y += nf_conntrack_tcp.h
|
||||
header-y += nf_conntrack_tuple_common.h
|
||||
header-y += nf_nat.h
|
||||
header-y += nfnetlink.h
|
||||
header-y += nfnetlink_compat.h
|
||||
header-y += nfnetlink_conntrack.h
|
||||
|
||||
@@ -7,6 +7,33 @@ enum ip_conntrack_dir {
|
||||
IP_CT_DIR_MAX
|
||||
};
|
||||
|
||||
/* The protocol-specific manipulable parts of the tuple: always in
|
||||
* network order
|
||||
*/
|
||||
union nf_conntrack_man_proto {
|
||||
/* Add other protocols here. */
|
||||
__be16 all;
|
||||
|
||||
struct {
|
||||
__be16 port;
|
||||
} tcp;
|
||||
struct {
|
||||
__be16 port;
|
||||
} udp;
|
||||
struct {
|
||||
__be16 id;
|
||||
} icmp;
|
||||
struct {
|
||||
__be16 port;
|
||||
} dccp;
|
||||
struct {
|
||||
__be16 port;
|
||||
} sctp;
|
||||
struct {
|
||||
__be16 key; /* GRE key is 32bit, PPtP only uses 16bit */
|
||||
} gre;
|
||||
};
|
||||
|
||||
#define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL)
|
||||
|
||||
#endif /* _NF_CONNTRACK_TUPLE_COMMON_H */
|
||||
|
||||
25
include/linux/netfilter/nf_nat.h
Normal file
25
include/linux/netfilter/nf_nat.h
Normal file
@@ -0,0 +1,25 @@
|
||||
#ifndef _NETFILTER_NF_NAT_H
|
||||
#define _NETFILTER_NF_NAT_H
|
||||
|
||||
#include <linux/netfilter.h>
|
||||
#include <linux/netfilter/nf_conntrack_tuple_common.h>
|
||||
|
||||
#define NF_NAT_RANGE_MAP_IPS 1
|
||||
#define NF_NAT_RANGE_PROTO_SPECIFIED 2
|
||||
#define NF_NAT_RANGE_PROTO_RANDOM 4
|
||||
#define NF_NAT_RANGE_PERSISTENT 8
|
||||
|
||||
struct nf_nat_ipv4_range {
|
||||
unsigned int flags;
|
||||
__be32 min_ip;
|
||||
__be32 max_ip;
|
||||
union nf_conntrack_man_proto min;
|
||||
union nf_conntrack_man_proto max;
|
||||
};
|
||||
|
||||
struct nf_nat_ipv4_multi_range_compat {
|
||||
unsigned int rangesize;
|
||||
struct nf_nat_ipv4_range range[1];
|
||||
};
|
||||
|
||||
#endif /* _NETFILTER_NF_NAT_H */
|
||||
Reference in New Issue
Block a user