1 /* Header file for kernel module to match connection tracking information. 2 * GPL (C) 2001 Marc Boucher (marc@mbsi.ca). 3 */ 4 5 #ifndef _IPT_CONNTRACK_H 6 #define _IPT_CONNTRACK_H 7 8 #define IPT_CONNTRACK_STATE_BIT(ctinfo) (1 << ((ctinfo)%IP_CT_IS_REPLY+1)) 9 #define IPT_CONNTRACK_STATE_INVALID (1 << 0) 10 11 #define IPT_CONNTRACK_STATE_SNAT (1 << (IP_CT_NUMBER + 1)) 12 #define IPT_CONNTRACK_STATE_DNAT (1 << (IP_CT_NUMBER + 2)) 13 14 /* flags, invflags: */ 15 #define IPT_CONNTRACK_STATE 0x01 16 #define IPT_CONNTRACK_PROTO 0x02 17 #define IPT_CONNTRACK_ORIGSRC 0x04 18 #define IPT_CONNTRACK_ORIGDST 0x08 19 #define IPT_CONNTRACK_REPLSRC 0x10 20 #define IPT_CONNTRACK_REPLDST 0x20 21 #define IPT_CONNTRACK_STATUS 0x40 22 #define IPT_CONNTRACK_EXPIRES 0x80 23 24 struct ipt_conntrack_info 25 { 26 unsigned int statemask, statusmask; 27 28 struct ip_conntrack_tuple tuple[IP_CT_DIR_MAX]; 29 struct in_addr sipmsk[IP_CT_DIR_MAX], dipmsk[IP_CT_DIR_MAX]; 30 31 unsigned long expires_min, expires_max; 32 33 /* Flags word */ 34 u_int8_t flags; 35 /* Inverse flags */ 36 u_int8_t invflags; 37 }; 38 #endif /*_IPT_CONNTRACK_H*/ 39