patch-2.3.99-pre2 linux/include/linux/netfilter_ipv4/ip_queue.h
Next file: linux/include/linux/netfilter_ipv4/ip_tables.h
Previous file: linux/include/linux/netfilter_ipv4/ip_nat_rule.h
Back to the patch index
Back to the overall index
- Lines: 87
- Date:
Fri Mar 17 10:56:20 2000
- Orig file:
v2.3.99-pre1/linux/include/linux/netfilter_ipv4/ip_queue.h
- Orig date:
Wed Dec 31 16:00:00 1969
diff -u --recursive --new-file v2.3.99-pre1/linux/include/linux/netfilter_ipv4/ip_queue.h linux/include/linux/netfilter_ipv4/ip_queue.h
@@ -0,0 +1,86 @@
+/*
+ * This is a module which is used for queueing IPv4 packets and
+ * communicating with userspace via netlink.
+ *
+ * (C) 2000 James Morris
+ */
+#ifndef _IP_QUEUE_H
+#define _IP_QUEUE_H
+
+#ifdef __KERNEL__
+#ifdef DEBUG_IPQ
+#define QDEBUG(x...) printk(KERN_DEBUG ## x)
+#else
+#define QDEBUG(x...)
+#endif /* DEBUG_IPQ */
+#else
+#include <net/if.h>
+#endif /* ! __KERNEL__ */
+
+/* Messages sent from kernel */
+typedef struct ipq_packet_msg {
+ unsigned long packet_id; /* ID of queued packet */
+ unsigned long mark; /* Netfilter mark value */
+ long timestamp_sec; /* Packet arrival time (seconds) */
+ long timestamp_usec; /* Packet arrvial time (+useconds) */
+ unsigned int hook; /* Netfilter hook we rode in on */
+ char indev_name[IFNAMSIZ]; /* Name of incoming interface */
+ char outdev_name[IFNAMSIZ]; /* Name of outgoing interface */
+ size_t data_len; /* Length of packet data */
+ /* Optional packet data follows */
+} ipq_packet_msg_t;
+
+/* Messages sent from userspace */
+typedef struct ipq_mode_msg {
+ unsigned char value; /* Requested mode */
+ size_t range; /* Optional range of packet requested */
+} ipq_mode_msg_t;
+
+typedef struct ipq_verdict_msg {
+ unsigned int value; /* Verdict to hand to netfilter */
+ unsigned long id; /* Packet ID for this verdict */
+ size_t data_len; /* Length of replacement data */
+ /* Optional replacement data follows */
+} ipq_verdict_msg_t;
+
+typedef struct ipq_peer_msg {
+ union {
+ ipq_verdict_msg_t verdict;
+ ipq_mode_msg_t mode;
+ } msg;
+} ipq_peer_msg_t;
+
+/* Each queued packet has one of these states */
+enum {
+ IPQ_PS_NEW, /* Newly arrived packet */
+ IPQ_PS_WAITING, /* User has been notified of packet,
+ we're waiting for a verdict */
+ IPQ_PS_VERDICT /* Packet has been assigned verdict,
+ waiting to be reinjected */
+};
+#define IPQ_PS_MAX IPQ_PS_VERDICT
+
+/* The queue operates in one of these states */
+enum {
+ IPQ_QS_HOLD, /* Hold all packets in queue */
+ IPQ_QS_COPY, /* Copy metadata and/or packets to user */
+ IPQ_QS_FLUSH /* Flush and drop all queue entries */
+};
+#define IPQ_QS_MAX IPQ_QS_FLUSH
+
+/* Modes requested by peer */
+enum {
+ IPQ_COPY_NONE, /* Copy nothing */
+ IPQ_COPY_META, /* Copy metadata */
+ IPQ_COPY_PACKET /* Copy metadata + packet (range) */
+};
+#define IPQ_COPY_MAX IPQ_COPY_PACKET
+
+/* Types of messages */
+#define IPQM_BASE 0x10 /* standard netlink messages below this */
+#define IPQM_MODE (IPQM_BASE + 1) /* Mode request from peer */
+#define IPQM_VERDICT (IPQM_BASE + 2) /* Verdict from peer */
+#define IPQM_PACKET (IPQM_BASE + 3) /* Packet from kernel */
+#define IPQM_MAX (IPQM_BASE + 4)
+
+#endif /*_IP_QUEUE_H*/
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)