[NETFILTER]: x_tables: unify IPv4/IPv6 esp match
This unifies ipt_esp and ip6t_esp to xt_esp. Please note that now a user program needs to specify IPPROTO_ESP as protocol to use esp match with IPv6. This means that ip6tables requires '-p esp' like iptables. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Yasuyuki Kozakai
committed by
David S. Miller
David S. Miller
parent
9606a21635
commit
dc5ab2faec
14
include/linux/netfilter/xt_esp.h
Normal file
14
include/linux/netfilter/xt_esp.h
Normal file
@ -0,0 +1,14 @@
|
||||
#ifndef _XT_ESP_H
|
||||
#define _XT_ESP_H
|
||||
|
||||
struct xt_esp
|
||||
{
|
||||
u_int32_t spis[2]; /* Security Parameter Index */
|
||||
u_int8_t invflags; /* Inverse flags */
|
||||
};
|
||||
|
||||
/* Values for "invflags" field in struct xt_esp. */
|
||||
#define XT_ESP_INV_SPI 0x01 /* Invert the sense of spi. */
|
||||
#define XT_ESP_INV_MASK 0x01 /* All possible flags. */
|
||||
|
||||
#endif /*_XT_ESP_H*/
|
||||
Reference in New Issue
Block a user