1 #ifndef _XT_SET_H 2 #define _XT_SET_H 3 4 #include <linux/types.h> 5 #include <linux/netfilter/ipset/ip_set.h> 6 7 /* Revision 0 interface: backward compatible with netfilter/iptables */ 8 9 /* 10 * Option flags for kernel operations (xt_set_info_v0) 11 */ 12 #define IPSET_SRC 0x01 /* Source match/add */ 13 #define IPSET_DST 0x02 /* Destination match/add */ 14 #define IPSET_MATCH_INV 0x04 /* Inverse matching */ 15 16 struct xt_set_info_v0 { 17 ip_set_id_t index; 18 union { 19 __u32 flags[IPSET_DIM_MAX + 1]; 20 struct { 21 __u32 __flags[IPSET_DIM_MAX]; 22 __u8 dim; 23 __u8 flags; 24 } compat; 25 } u; 26 }; 27 28 /* match and target infos */ 29 struct xt_set_info_match_v0 { 30 struct xt_set_info_v0 match_set; 31 }; 32 33 struct xt_set_info_target_v0 { 34 struct xt_set_info_v0 add_set; 35 struct xt_set_info_v0 del_set; 36 }; 37 38 /* Revision 1 match and target */ 39 40 struct xt_set_info { 41 ip_set_id_t index; 42 __u8 dim; 43 __u8 flags; 44 }; 45 46 /* match and target infos */ 47 struct xt_set_info_match_v1 { 48 struct xt_set_info match_set; 49 }; 50 51 struct xt_set_info_target_v1 { 52 struct xt_set_info add_set; 53 struct xt_set_info del_set; 54 }; 55 56 /* Revision 2 target */ 57 58 struct xt_set_info_target_v2 { 59 struct xt_set_info add_set; 60 struct xt_set_info del_set; 61 __u32 flags; 62 __u32 timeout; 63 }; 64 65 /* Revision 3 match */ 66 67 struct xt_set_info_match_v3 { 68 struct xt_set_info match_set; 69 struct ip_set_counter_match0 packets; 70 struct ip_set_counter_match0 bytes; 71 __u32 flags; 72 }; 73 74 /* Revision 4 match */ 75 76 struct xt_set_info_match_v4 { 77 struct xt_set_info match_set; 78 struct ip_set_counter_match packets; 79 struct ip_set_counter_match bytes; 80 __u32 flags; 81 }; 82 83 /* Revision 3 target */ 84 85 struct xt_set_info_target_v3 { 86 struct xt_set_info add_set; 87 struct xt_set_info del_set; 88 struct xt_set_info map_set; 89 __u32 flags; 90 __u32 timeout; 91 }; 92 93 #endif /*_XT_SET_H*/ 94