1 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ip_logging.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ip_logging.h
2 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ip_logging.h 1970-01-01 01:00:00.000000000 +0100
3 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ip_logging.h 2004-08-19 21:32:30.813660360 +0200
5 +/* IPv4 macros for the internal logging interface. */
6 +#ifndef __IP_LOGGING_H
7 +#define __IP_LOGGING_H
9 +#endif /*__IP_LOGGING_H*/
10 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ip_queue.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ip_queue.h
11 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ip_queue.h 2004-08-19 21:31:32.665500224 +0200
12 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ip_queue.h 2004-08-19 21:32:30.816659904 +0200
17 -#include <linux/if.h>
20 /* Messages sent from kernel */
21 typedef struct ipq_packet_msg {
23 unsigned char payload[0]; /* Optional replacement packet */
26 +typedef struct ipq_vwmark_msg {
27 + unsigned int value; /* Verdict to hand to netfilter */
28 + unsigned long id; /* Packet ID for this verdict */
29 + size_t data_len; /* Length of replacement data */
30 + unsigned char payload[0]; /* Optional replacement packet */
31 + unsigned long nfmark; /* Mark for the Packet */
35 typedef struct ipq_peer_msg {
37 ipq_verdict_msg_t verdict;
39 + ipq_vwmark_msg_t vwmark;
44 #define IPQM_MODE (IPQM_BASE + 1) /* Mode request from peer */
45 #define IPQM_VERDICT (IPQM_BASE + 2) /* Verdict from peer */
46 #define IPQM_PACKET (IPQM_BASE + 3) /* Packet from kernel */
47 -#define IPQM_MAX (IPQM_BASE + 4)
48 +#define IPQM_VWMARK (IPQM_BASE + 4) /* Verdict and mark from peer */
49 +#define IPQM_MAX (IPQM_BASE + 5)
51 #endif /*_IP_QUEUE_H*/
52 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_account.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_account.h
53 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_account.h 1970-01-01 01:00:00.000000000 +0100
54 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_account.h 2004-08-19 21:32:35.740911304 +0200
57 + * accounting match (ipt_account.c)
58 + * (C) 2003,2004 by Piotr Gasid³o (quaker@barbara.eu.org)
62 + * This software is distributed under the terms of GNU GPL
65 +#ifndef _IPT_ACCOUNT_H_
66 +#define _IPT_ACCOUNT_H_
68 +#define IPT_ACCOUNT_NAME_LEN 64
70 +struct t_ipt_account_info {
71 + char name[IPT_ACCOUNT_NAME_LEN];
77 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_connlimit.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_connlimit.h
78 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_connlimit.h 1970-01-01 01:00:00.000000000 +0100
79 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_connlimit.h 2004-08-19 21:32:37.256680872 +0200
81 +#ifndef _IPT_CONNLIMIT_H
82 +#define _IPT_CONNLIMIT_H
84 +struct ipt_connlimit_data;
86 +struct ipt_connlimit_info {
90 + struct ipt_connlimit_data *data;
92 +#endif /* _IPT_CONNLIMIT_H */
93 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_connmark.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_connmark.h
94 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_connmark.h 1970-01-01 01:00:00.000000000 +0100
95 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_connmark.h 2004-08-19 21:32:37.257680720 +0200
97 +#ifndef _IPT_CONNMARK_H
98 +#define _IPT_CONNMARK_H
100 +/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
101 + * by Henrik Nordstrom <hno@marasystems.com>
103 + * This program is free software; you can redistribute it and/or modify
104 + * it under the terms of the GNU General Public License as published by
105 + * the Free Software Foundation; either version 2 of the License, or
106 + * (at your option) any later version.
109 +struct ipt_connmark_info {
110 + unsigned long mark, mask;
114 +#endif /*_IPT_CONNMARK_H*/
115 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_CONNMARK.h
116 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h 1970-01-01 01:00:00.000000000 +0100
117 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_CONNMARK.h 2004-08-19 21:32:37.258680568 +0200
119 +#ifndef _IPT_CONNMARK_H_target
120 +#define _IPT_CONNMARK_H_target
122 +/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
123 + * by Henrik Nordstrom <hno@marasystems.com>
125 + * This program is free software; you can redistribute it and/or modify
126 + * it under the terms of the GNU General Public License as published by
127 + * the Free Software Foundation; either version 2 of the License, or
128 + * (at your option) any later version.
132 + IPT_CONNMARK_SET = 0,
134 + IPT_CONNMARK_RESTORE
137 +struct ipt_connmark_target_info {
138 + unsigned long mark;
139 + unsigned long mask;
143 +#endif /*_IPT_CONNMARK_H_target*/
144 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_dstlimit.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_dstlimit.h
145 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_dstlimit.h 1970-01-01 01:00:00.000000000 +0100
146 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_dstlimit.h 2004-08-19 21:32:37.273678288 +0200
148 +#ifndef _IPT_DSTLIMIT_H
149 +#define _IPT_DSTLIMIT_H
151 +/* timings are in milliseconds. */
152 +#define IPT_DSTLIMIT_SCALE 10000
153 +/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
154 + seconds, or one every 59 hours. */
156 +/* details of this structure hidden by the implementation */
157 +struct ipt_dstlimit_htable;
159 +#define IPT_DSTLIMIT_HASH_DIP 0x0001
160 +#define IPT_DSTLIMIT_HASH_DPT 0x0002
161 +#define IPT_DSTLIMIT_HASH_SIP 0x0004
163 +struct dstlimit_cfg {
164 + u_int32_t mode; /* bitmask of IPT_DSTLIMIT_HASH_* */
165 + u_int32_t avg; /* Average secs between packets * scale */
166 + u_int32_t burst; /* Period multiplier for upper limit. */
168 + /* user specified */
169 + u_int32_t size; /* how many buckets */
170 + u_int32_t max; /* max number of entries */
171 + u_int32_t gc_interval; /* gc interval */
172 + u_int32_t expire; /* when do entries expire? */
175 +struct ipt_dstlimit_info {
176 + char name [IFNAMSIZ]; /* name */
177 + struct dstlimit_cfg cfg;
178 + struct ipt_dstlimit_htable *hinfo;
180 + /* Used internally by the kernel */
183 + struct ipt_dstlimit_info *master;
186 +#endif /*_IPT_DSTLIMIT_H*/
187 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_fuzzy.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_fuzzy.h
188 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_fuzzy.h 1970-01-01 01:00:00.000000000 +0100
189 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_fuzzy.h 2004-08-19 21:32:37.275677984 +0200
191 +#ifndef _IPT_FUZZY_H
192 +#define _IPT_FUZZY_H
194 +#include <linux/param.h>
195 +#include <linux/types.h>
197 +#define MAXFUZZYRATE 10000000
198 +#define MINFUZZYRATE 3
200 +struct ipt_fuzzy_info {
201 + u_int32_t minimum_rate;
202 + u_int32_t maximum_rate;
203 + u_int32_t packets_total;
204 + u_int32_t bytes_total;
205 + u_int32_t previous_time;
206 + u_int32_t present_time;
207 + u_int32_t mean_rate;
208 + u_int8_t acceptance_rate;
211 +#endif /*_IPT_FUZZY_H*/
212 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_IMQ.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_IMQ.h
213 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 01:00:00.000000000 +0100
214 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_IMQ.h 2004-08-19 21:32:37.277677680 +0200
219 +struct ipt_imq_info {
220 + unsigned int todev; /* target imq device */
223 +#endif /* _IPT_IMQ_H */
224 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_IPMARK.h
225 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 01:00:00.000000000 +0100
226 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_IPMARK.h 2004-08-19 21:32:37.280677224 +0200
228 +#ifndef _IPT_IPMARK_H_target
229 +#define _IPT_IPMARK_H_target
231 +struct ipt_ipmark_target_info {
232 + unsigned long andmask;
233 + unsigned long ormask;
237 +#define IPT_IPMARK_SRC 0
238 +#define IPT_IPMARK_DST 1
240 +#endif /*_IPT_IPMARK_H_target*/
241 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_ipv4options.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_ipv4options.h
242 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_ipv4options.h 1970-01-01 01:00:00.000000000 +0100
243 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_ipv4options.h 2004-08-19 21:32:37.282676920 +0200
245 +#ifndef __ipt_ipv4options_h_included__
246 +#define __ipt_ipv4options_h_included__
248 +#define IPT_IPV4OPTION_MATCH_SSRR 0x01 /* For strict source routing */
249 +#define IPT_IPV4OPTION_MATCH_LSRR 0x02 /* For loose source routing */
250 +#define IPT_IPV4OPTION_DONT_MATCH_SRR 0x04 /* any source routing */
251 +#define IPT_IPV4OPTION_MATCH_RR 0x08 /* For Record route */
252 +#define IPT_IPV4OPTION_DONT_MATCH_RR 0x10
253 +#define IPT_IPV4OPTION_MATCH_TIMESTAMP 0x20 /* For timestamp request */
254 +#define IPT_IPV4OPTION_DONT_MATCH_TIMESTAMP 0x40
255 +#define IPT_IPV4OPTION_MATCH_ROUTER_ALERT 0x80 /* For router-alert */
256 +#define IPT_IPV4OPTION_DONT_MATCH_ROUTER_ALERT 0x100
257 +#define IPT_IPV4OPTION_MATCH_ANY_OPT 0x200 /* match packet with any option */
258 +#define IPT_IPV4OPTION_DONT_MATCH_ANY_OPT 0x400 /* match packet with no option */
260 +struct ipt_ipv4options_info {
265 +#endif /* __ipt_ipv4options_h_included__ */
266 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_layer7.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_layer7.h
267 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_layer7.h 1970-01-01 01:00:00.000000000 +0100
268 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_layer7.h 2004-08-19 21:32:37.284676616 +0200
271 + By Matthew Strait <quadong@users.sf.net>, Dec 2003.
272 + http://l7-filter.sf.net
274 + This program is free software; you can redistribute it and/or
275 + modify it under the terms of the GNU General Public License
276 + as published by the Free Software Foundation; either version
277 + 2 of the License, or (at your option) any later version.
278 + http://www.gnu.org/licenses/gpl.txt
281 +#ifndef _IPT_LAYER7_H
282 +#define _IPT_LAYER7_H
284 +#define MAX_PATTERN_LEN 8192
285 +#define MAX_PROTOCOL_LEN 256
287 +typedef char *(*proc_ipt_search) (char *, char, char *);
289 +struct ipt_layer7_info {
290 + char protocol[MAX_PROTOCOL_LEN];
292 + char pattern[MAX_PATTERN_LEN];
295 +#endif /* _IPT_LAYER7_H */
296 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_mport.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_mport.h
297 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_mport.h 1970-01-01 01:00:00.000000000 +0100
298 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_mport.h 2004-08-19 21:32:37.286676312 +0200
300 +#ifndef _IPT_MPORT_H
301 +#define _IPT_MPORT_H
302 +#include <linux/netfilter_ipv4/ip_tables.h>
304 +#define IPT_MPORT_SOURCE (1<<0)
305 +#define IPT_MPORT_DESTINATION (1<<1)
306 +#define IPT_MPORT_EITHER (IPT_MPORT_SOURCE|IPT_MPORT_DESTINATION)
308 +#define IPT_MULTI_PORTS 15
310 +/* Must fit inside union ipt_matchinfo: 32 bytes */
311 +/* every entry in ports[] except for the last one has one bit in pflags
312 + * associated with it. If this bit is set, the port is the first port of
313 + * a portrange, with the next entry being the last.
314 + * End of list is marked with pflags bit set and port=65535.
315 + * If 14 ports are used (last one does not have a pflag), the last port
316 + * is repeated to fill the last entry in ports[] */
319 + u_int8_t flags:2; /* Type of comparison */
320 + u_int16_t pflags:14; /* Port flags */
321 + u_int16_t ports[IPT_MULTI_PORTS]; /* Ports */
323 +#endif /*_IPT_MPORT_H*/
324 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_nth.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_nth.h
325 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_nth.h 1970-01-01 01:00:00.000000000 +0100
326 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_nth.h 2004-08-19 21:32:37.289675856 +0200
331 +#include <linux/param.h>
332 +#include <linux/types.h>
334 +#ifndef IPT_NTH_NUM_COUNTERS
335 +#define IPT_NTH_NUM_COUNTERS 16
338 +struct ipt_nth_info {
346 +#endif /*_IPT_NTH_H*/
347 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_policy.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_policy.h
348 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_policy.h 1970-01-01 01:00:00.000000000 +0100
349 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_policy.h 2004-08-19 21:32:37.291675552 +0200
351 +#ifndef _IPT_POLICY_H
352 +#define _IPT_POLICY_H
354 +#define POLICY_MAX_ELEM 4
356 +enum ipt_policy_flags
358 + POLICY_MATCH_IN = 0x1,
359 + POLICY_MATCH_OUT = 0x2,
360 + POLICY_MATCH_NONE = 0x4,
361 + POLICY_MATCH_STRICT = 0x8,
364 +enum ipt_policy_modes
366 + POLICY_MODE_TRANSPORT,
370 +struct ipt_policy_spec
380 +struct ipt_policy_elem
391 + struct ipt_policy_spec match;
392 + struct ipt_policy_spec invert;
395 +struct ipt_policy_info
397 + struct ipt_policy_elem pol[POLICY_MAX_ELEM];
402 +#endif /* _IPT_POLICY_H */
403 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_psd.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_psd.h
404 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_psd.h 1970-01-01 01:00:00.000000000 +0100
405 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_psd.h 2004-08-19 21:32:37.293675248 +0200
410 +#include <linux/param.h>
411 +#include <linux/types.h>
414 + * High port numbers have a lower weight to reduce the frequency of false
415 + * positives, such as from passive mode FTP transfers.
417 +#define PORT_WEIGHT_PRIV 3
418 +#define PORT_WEIGHT_HIGH 1
421 + * Port scan detection thresholds: at least COUNT ports need to be scanned
422 + * from the same source, with no longer than DELAY ticks between ports.
424 +#define SCAN_MIN_COUNT 7
425 +#define SCAN_MAX_COUNT (SCAN_MIN_COUNT * PORT_WEIGHT_PRIV)
426 +#define SCAN_WEIGHT_THRESHOLD SCAN_MAX_COUNT
427 +#define SCAN_DELAY_THRESHOLD (300) /* old usage of HZ here was erroneously and broke under uml */
430 + * Keep track of up to LIST_SIZE source addresses, using a hash table of
431 + * HASH_SIZE entries for faster lookups, but limiting hash collisions to
432 + * HASH_MAX source addresses per the same hash value.
434 +#define LIST_SIZE 0x100
436 +#define HASH_SIZE (1 << HASH_LOG)
437 +#define HASH_MAX 0x10
439 +struct ipt_psd_info {
440 + unsigned int weight_threshold;
441 + unsigned int delay_threshold;
442 + unsigned short lo_ports_weight;
443 + unsigned short hi_ports_weight;
446 +#endif /*_IPT_PSD_H*/
447 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_quota.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_quota.h
448 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_quota.h 1970-01-01 01:00:00.000000000 +0100
449 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_quota.h 2004-08-19 21:32:37.295674944 +0200
451 +#ifndef _IPT_QUOTA_H
452 +#define _IPT_QUOTA_H
454 +/* print debug info in both kernel/netfilter module & iptable library */
455 +//#define DEBUG_IPT_QUOTA
457 +struct ipt_quota_info {
461 +#endif /*_IPT_QUOTA_H*/
462 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_ROUTE.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_ROUTE.h
463 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_ROUTE.h 1970-01-01 01:00:00.000000000 +0100
464 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_ROUTE.h 2004-08-19 21:32:38.942424600 +0200
466 +/* Header file for iptables ipt_ROUTE target
468 + * (C) 2002 by Cédric de Launois <delaunois@info.ucl.ac.be>
470 + * This software is distributed under GNU GPL v2, 1991
472 +#ifndef _IPT_ROUTE_H_target
473 +#define _IPT_ROUTE_H_target
475 +#define IPT_ROUTE_IFNAMSIZ 16
477 +struct ipt_route_target_info {
478 + char oif[IPT_ROUTE_IFNAMSIZ]; /* Output Interface Name */
479 + char iif[IPT_ROUTE_IFNAMSIZ]; /* Input Interface Name */
480 + u_int32_t gw; /* IP address of gateway */
484 +/* Values for "flags" field */
485 +#define IPT_ROUTE_CONTINUE 0x01
487 +#endif /*_IPT_ROUTE_H_target*/
488 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_string.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_string.h
489 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_string.h 1970-01-01 01:00:00.000000000 +0100
490 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_string.h 2004-08-19 21:32:38.945424144 +0200
492 +#ifndef _IPT_STRING_H
493 +#define _IPT_STRING_H
495 +/* *** PERFORMANCE TWEAK ***
496 + * Packet size and search string threshold,
497 + * above which sublinear searches is used. */
498 +#define IPT_STRING_HAYSTACK_THRESH 100
499 +#define IPT_STRING_NEEDLE_THRESH 20
501 +#define BM_MAX_NLEN 256
502 +#define BM_MAX_HLEN 1024
504 +typedef char *(*proc_ipt_search) (char *, char *, int, int);
506 +struct ipt_string_info {
507 + char string[BM_MAX_NLEN];
512 +#endif /* _IPT_STRING_H */
513 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_time.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_time.h
514 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_time.h 1970-01-01 01:00:00.000000000 +0100
515 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_time.h 2004-08-19 21:32:38.947423840 +0200
517 +#ifndef __ipt_time_h_included__
518 +#define __ipt_time_h_included__
521 +struct ipt_time_info {
522 + u_int8_t days_match; /* 1 bit per day. -SMTWTFS */
523 + u_int16_t time_start; /* 0 < time_start < 23*60+59 = 1439 */
524 + u_int16_t time_stop; /* 0:0 < time_stat < 23:59 */
525 + u_int8_t kerneltime; /* ignore skb time (and use kerneltime) or not. */
531 +#endif /* __ipt_time_h_included__ */
532 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_TTL.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_TTL.h
533 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_TTL.h 1970-01-01 01:00:00.000000000 +0100
534 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_TTL.h 2004-08-19 21:32:38.949423536 +0200
536 +/* TTL modification module for IP tables
537 + * (C) 2000 by Harald Welte <laforge@gnumonks.org> */
548 +#define IPT_TTL_MAXMODE IPT_TTL_DEC
550 +struct ipt_TTL_info {
557 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_XOR.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_XOR.h
558 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv4/ipt_XOR.h 1970-01-01 01:00:00.000000000 +0100
559 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv4/ipt_XOR.h 2004-08-19 21:32:38.950423384 +0200
564 +struct ipt_XOR_info {
566 + u_int8_t block_size;
569 +#endif /* _IPT_XOR_H */
570 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6_logging.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6_logging.h
571 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6_logging.h 1970-01-01 01:00:00.000000000 +0100
572 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6_logging.h 2004-08-19 21:32:38.952423080 +0200
574 +/* IPv6 macros for the nternal logging interface. */
575 +#ifndef __IP6_LOGGING_H
576 +#define __IP6_LOGGING_H
578 +#endif /*__IP6_LOGGING_H*/
579 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_fuzzy.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_fuzzy.h
580 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_fuzzy.h 1970-01-01 01:00:00.000000000 +0100
581 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_fuzzy.h 2004-08-19 21:32:39.921275792 +0200
583 +#ifndef _IP6T_FUZZY_H
584 +#define _IP6T_FUZZY_H
586 +#include <linux/param.h>
587 +#include <linux/types.h>
589 +#define MAXFUZZYRATE 10000000
590 +#define MINFUZZYRATE 3
592 +struct ip6t_fuzzy_info {
593 + u_int32_t minimum_rate;
594 + u_int32_t maximum_rate;
595 + u_int32_t packets_total;
596 + u_int32_t bytes_total;
597 + u_int32_t previous_time;
598 + u_int32_t present_time;
599 + u_int32_t mean_rate;
600 + u_int8_t acceptance_rate;
603 +#endif /*_IP6T_FUZZY_H*/
604 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_HL.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_HL.h
605 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_HL.h 1970-01-01 01:00:00.000000000 +0100
606 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_HL.h 2004-08-19 21:32:39.922275640 +0200
608 +/* Hop Limit modification module for ip6tables
609 + * Maciej Soltysiak <solt@dns.toxicfilms.tv>
610 + * Based on HW's TTL module */
621 +#define IP6T_HL_MAXMODE IP6T_HL_DEC
623 +struct ip6t_HL_info {
625 + u_int8_t hop_limit;
630 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_nth.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_nth.h
631 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_nth.h 1970-01-01 01:00:00.000000000 +0100
632 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_nth.h 2004-08-19 21:32:39.924275336 +0200
637 +#include <linux/param.h>
638 +#include <linux/types.h>
640 +#ifndef IP6T_NTH_NUM_COUNTERS
641 +#define IP6T_NTH_NUM_COUNTERS 16
644 +struct ip6t_nth_info {
652 +#endif /*_IP6T_NTH_H*/
653 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_owner.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_owner.h
654 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_owner.h 2004-08-19 21:31:32.681497792 +0200
655 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_owner.h 2004-08-19 21:32:39.925275184 +0200
657 #define IP6T_OWNER_GID 0x02
658 #define IP6T_OWNER_PID 0x04
659 #define IP6T_OWNER_SID 0x08
660 +#define IP6T_OWNER_COMM 0x10
662 struct ip6t_owner_info {
668 u_int8_t match, invert; /* flags */
671 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_policy.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_policy.h
672 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_policy.h 1970-01-01 01:00:00.000000000 +0100
673 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_policy.h 2004-08-19 21:32:39.926275032 +0200
675 +#ifndef _IP6T_POLICY_H
676 +#define _IP6T_POLICY_H
678 +#define POLICY_MAX_ELEM 4
680 +enum ip6t_policy_flags
682 + POLICY_MATCH_IN = 0x1,
683 + POLICY_MATCH_OUT = 0x2,
684 + POLICY_MATCH_NONE = 0x4,
685 + POLICY_MATCH_STRICT = 0x8,
688 +enum ip6t_policy_modes
690 + POLICY_MODE_TRANSPORT,
694 +struct ip6t_policy_spec
704 +struct ip6t_policy_elem
706 + struct in6_addr saddr;
707 + struct in6_addr smask;
708 + struct in6_addr daddr;
709 + struct in6_addr dmask;
715 + struct ip6t_policy_spec match;
716 + struct ip6t_policy_spec invert;
719 +struct ip6t_policy_info
721 + struct ip6t_policy_elem pol[POLICY_MAX_ELEM];
726 +#endif /* _IP6T_POLICY_H */
727 diff -urN linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_ROUTE.h linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_ROUTE.h
728 --- linux-libc-headers-2.6.8.0.org/include/linux/netfilter_ipv6/ip6t_ROUTE.h 1970-01-01 01:00:00.000000000 +0100
729 +++ linux-libc-headers-2.6.8.0/include/linux/netfilter_ipv6/ip6t_ROUTE.h 2004-08-19 21:32:39.928274728 +0200
731 +/* Header file for iptables ip6t_ROUTE target
733 + * (C) 2003 by Cédric de Launois <delaunois@info.ucl.ac.be>
735 + * This software is distributed under GNU GPL v2, 1991
737 +#ifndef _IPT_ROUTE_H_target
738 +#define _IPT_ROUTE_H_target
740 +#define IP6T_ROUTE_IFNAMSIZ 16
742 +struct ip6t_route_target_info {
743 + char oif[IP6T_ROUTE_IFNAMSIZ]; /* Output Interface Name */
744 + char iif[IP6T_ROUTE_IFNAMSIZ]; /* Input Interface Name */
745 + u_int32_t gw[4]; /* IPv6 address of gateway */
749 +/* Values for "flags" field */
750 +#define IP6T_ROUTE_CONTINUE 0x01
752 +#endif /*_IP6T_ROUTE_H_target*/