1 #ifndef _XT_POLICY_H 2 #define _XT_POLICY_H 3 4 #define XT_POLICY_MAX_ELEM 4 5 6 enum xt_policy_flags 7 { 8 XT_POLICY_MATCH_IN = 0x1, 9 XT_POLICY_MATCH_OUT = 0x2, 10 XT_POLICY_MATCH_NONE = 0x4, 11 XT_POLICY_MATCH_STRICT = 0x8, 12 }; 13 14 enum xt_policy_modes 15 { 16 XT_POLICY_MODE_TRANSPORT, 17 XT_POLICY_MODE_TUNNEL 18 }; 19 20 struct xt_policy_spec 21 { 22 u_int8_t saddr:1, 23 daddr:1, 24 proto:1, 25 mode:1, 26 spi:1, 27 reqid:1; 28 }; 29 30 #ifndef __KERNEL__ 31 union xt_policy_addr 32 { 33 struct in_addr a4; 34 struct in6_addr a6; 35 }; 36 #endif 37 38 struct xt_policy_elem 39 { 40 union { 41 #ifdef __KERNEL__ 42 struct { 43 union nf_inet_addr saddr; 44 union nf_inet_addr smask; 45 union nf_inet_addr daddr; 46 union nf_inet_addr dmask; 47 }; 48 #else 49 struct { 50 union xt_policy_addr saddr; 51 union xt_policy_addr smask; 52 union xt_policy_addr daddr; 53 union xt_policy_addr dmask; 54 }; 55 #endif 56 }; 57 __be32 spi; 58 u_int32_t reqid; 59 u_int8_t proto; 60 u_int8_t mode; 61 62 struct xt_policy_spec match; 63 struct xt_policy_spec invert; 64 }; 65 66 struct xt_policy_info 67 { 68 struct xt_policy_elem pol[XT_POLICY_MAX_ELEM]; 69 u_int16_t flags; 70 u_int16_t len; 71 }; 72 73 #endif /* _XT_POLICY_H */ 74