1 /* 2 * 3 * Flow based forwarding rules (usage: firewalling, etc) 4 * 5 */ 6 7 #ifndef _NET_FLOW_H 8 #define _NET_FLOW_H 9 10 struct flowi { 11 int proto; /* {TCP, UDP, ICMP} */ 12 13 union { 14 struct { 15 __u32 daddr; 16 __u32 saddr; 17 } ip4_u; 18 19 struct { 20 struct in6_addr * daddr; 21 struct in6_addr * saddr; 22 __u32 flowlabel; 23 } ip6_u; 24 } nl_u; 25 #define fl6_dst nl_u.ip6_u.daddr 26 #define fl6_src nl_u.ip6_u.saddr 27 #define fl6_flowlabel nl_u.ip6_u.flowlabel 28 #define fl4_dst nl_u.ip4_u.daddr 29 #define fl4_src nl_u.ip4_u.saddr 30 31 int oif; 32 33 union { 34 struct { 35 __u16 sport; 36 __u16 dport; 37 } ports; 38 39 struct { 40 __u8 type; 41 __u8 code; 42 } icmpt; 43 44 unsigned long data; 45 } uli_u; 46 }; 47 48 #define FLOWR_NODECISION 0 /* rule not appliable to flow */ 49 #define FLOWR_SELECT 1 /* flow must follow this rule */ 50 #define FLOWR_CLEAR 2 /* priority level clears flow */ 51 #define FLOWR_ERROR 3 52 53 struct fl_acc_args { 54 int type; 55 56 57 #define FL_ARG_FORWARD 1 58 #define FL_ARG_ORIGIN 2 59 60 union { 61 struct sk_buff *skb; 62 struct { 63 struct sock *sk; 64 struct flowi *flow; 65 } fl_o; 66 } fl_u; 67 }; 68 69 70 struct pkt_filter { 71 atomic_t refcnt; 72 unsigned int offset; 73 __u32 value; 74 __u32 mask; 75 struct pkt_filter *next; 76 }; 77 78 #define FLR_INPUT 1 79 #define FLR_OUTPUT 2 80 81 struct flow_filter { 82 int type; 83 union { 84 struct pkt_filter *filter; 85 struct sock *sk; 86 } u; 87 }; 88 89 struct flow_rule { 90 struct flow_rule_ops *ops; 91 unsigned char private[0]; 92 }; 93 94 struct flow_rule_ops { 95 int (*accept)(struct rt6_info *rt, 96 struct rt6_info *rule, 97 struct fl_acc_args *args, 98 struct rt6_info **nrt); 99 }; 100 101 #endif 102