1 #ifndef __LINUX_NETFILTER_H 2 #define __LINUX_NETFILTER_H 3 4 5 /* Responses from hook functions. */ 6 #define NF_DROP 0 7 #define NF_ACCEPT 1 8 #define NF_STOLEN 2 9 #define NF_QUEUE 3 10 #define NF_REPEAT 4 11 #define NF_STOP 5 12 #define NF_MAX_VERDICT NF_STOP 13 14 /* we overload the higher bits for encoding auxiliary data such as the queue 15 * number. Not nice, but better than additional function arguments. */ 16 #define NF_VERDICT_MASK 0x0000ffff 17 #define NF_VERDICT_BITS 16 18 19 #define NF_VERDICT_QMASK 0xffff0000 20 #define NF_VERDICT_QBITS 16 21 22 #define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE) 23 24 /* only for userspace compatibility */ 25 /* Generic cache responses from hook functions. 26 <= 0x2000 is used for protocol-flags. */ 27 #define NFC_UNKNOWN 0x4000 28 #define NFC_ALTERED 0x8000 29 30 enum nf_inet_hooks { 31 NF_INET_PRE_ROUTING, 32 NF_INET_LOCAL_IN, 33 NF_INET_FORWARD, 34 NF_INET_LOCAL_OUT, 35 NF_INET_POST_ROUTING, 36 NF_INET_NUMHOOKS, 37 }; 38 39 #endif /*__LINUX_NETFILTER_H*/ 40