static struct xtables_target hl_tg6_reg = {
.name = "HL",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_HL_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_HL_info)),
.help = HL_help,
static struct xtables_target log_tg6_reg = {
.name = "LOG",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_log_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_log_info)),
.help = LOG_help,
static struct xtables_target reject_tg6_reg = {
.name = "REJECT",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_reject_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_reject_info)),
.help = REJECT_help,
static struct xtables_match ah_mt6_reg = {
.name = "ah",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_ah)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_ah)),
.help = ah_help,
static struct xtables_match dst_mt6_reg = {
.name = "dst",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_opts)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_opts)),
.help = dst_help,
static struct xtables_match eui64_mt6_reg = {
.name = "eui64",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(int)),
.userspacesize = XT_ALIGN(sizeof(int)),
.help = eui64_help,
static struct xtables_match frag_mt6_reg = {
.name = "frag",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_frag)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_frag)),
.help = frag_help,
static struct xtables_match hbh_mt6_reg = {
.name = "hbh",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_opts)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_opts)),
.help = hbh_help,
static struct xtables_match hl_mt6_reg = {
.name = "hl",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_hl_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_hl_info)),
.help = hl_help,
static struct xtables_match icmp6_mt6_reg = {
.name = "icmp6",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_icmp)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_icmp)),
.help = icmp6_help,
static struct xtables_match ipv6header_mt6_reg = {
.name = "ipv6header",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_ipv6header_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_ipv6header_info)),
.help = ipv6header_help,
static struct xtables_match mh_mt6_reg = {
.name = "mh",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_mh)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_mh)),
.help = mh_help,
static struct xtables_match policy_mt6_reg = {
.name = "policy",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_policy_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_policy_info)),
.help = policy_help,
static struct xtables_match rt_mt6_reg = {
.name = "rt",
.version = XTABLES_VERSION,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_rt)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_rt)),
.help = rt_help,
static struct xtables_target clusterip_tg_reg = {
.name = "CLUSTERIP",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_clusterip_tgt_info)),
.userspacesize = offsetof(struct ipt_clusterip_tgt_info, config),
.help = CLUSTERIP_help,
static struct xtables_target dnat_tg_reg = {
.name = "DNAT",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.userspacesize = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.help = DNAT_help,
static struct xtables_target ecn_tg_reg = {
.name = "ECN",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_ECN_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_ECN_info)),
.help = ECN_help,
static struct xtables_target log_tg_reg = {
.name = "LOG",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_log_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_log_info)),
.help = LOG_help,
static struct xtables_target masquerade_tg_reg = {
.name = "MASQUERADE",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.userspacesize = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.help = MASQUERADE_help,
static struct xtables_target mirror_tg_reg = {
.name = "MIRROR",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(0),
.userspacesize = XT_ALIGN(0),
.help = MIRROR_help,
static struct xtables_target netmap_tg_reg = {
.name = MODULENAME,
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.userspacesize = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.help = NETMAP_help,
static struct xtables_target redirect_tg_reg = {
.name = "REDIRECT",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.userspacesize = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.help = REDIRECT_help,
static struct xtables_target reject_tg_reg = {
.name = "REJECT",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_reject_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_reject_info)),
.help = REJECT_help,
static struct xtables_target same_tg_reg = {
.name = "SAME",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_same_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_same_info)),
.help = SAME_help,
static struct xtables_target set_tg_reg = {
.name = "SET",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_set_info_target)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_set_info_target)),
.help = SET_help,
static struct xtables_target snat_tg_reg = {
.name = "SNAT",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.userspacesize = XT_ALIGN(sizeof(struct ip_nat_multi_range)),
.help = SNAT_help,
static struct xtables_target ttl_tg_reg = {
.name = "TTL",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_TTL_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_TTL_info)),
.help = TTL_help,
static struct xtables_target ulog_tg_reg = {
.name = "ULOG",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_ulog_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_ulog_info)),
.help = ULOG_help,
static struct xtables_match addrtype_mt_reg_v0 = {
.name = "addrtype",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_addrtype_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info)),
.help = addrtype_help_v0,
static struct xtables_match addrtype_mt_reg_v1 = {
.name = "addrtype",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_addrtype_info_v1)),
.help = addrtype_help_v1,
static struct xtables_match ah_mt_reg = {
.name = "ah",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_ah)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_ah)),
.help = ah_help,
static struct xtables_match ecn_mt_reg = {
.name = "ecn",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_ecn_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_ecn_info)),
.help = ecn_help,
static struct xtables_match icmp_mt_reg = {
.name = "icmp",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_icmp)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_icmp)),
.help = icmp_help,
static struct xtables_match policy_mt_reg = {
.name = "policy",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_policy_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_policy_info)),
.help = policy_help,
static struct xtables_match realm_mt_reg = {
.name = "realm",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_realm_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_realm_info)),
.help = realm_help,
static struct xtables_match set_mt_reg = {
.name = "set",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_set_info_match)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_set_info_match)),
.help = set_help,
static struct xtables_match ttl_mt_reg = {
.name = "ttl",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_ttl_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)),
.help = ttl_help,
static struct xtables_match unclean_mt_reg = {
.name = "unclean",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(0),
.userspacesize = XT_ALIGN(0),
.help = unclean_help,
}
static struct xtables_target connmark_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "CONNMARK",
.revision = 0,
.version = XTABLES_VERSION,
};
static struct xtables_target connmark_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "CONNMARK",
.revision = 0,
.version = XTABLES_VERSION,
.version = XTABLES_VERSION,
.name = "CONNMARK",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
.help = connmark_tg_help,
.version = XTABLES_VERSION,
.name = "CONNMARK",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
.help = connmark_tg_help,
}
static struct xtables_target connsecmark_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "CONNSECMARK",
.version = XTABLES_VERSION,
.revision = 0,
};
static struct xtables_target connsecmark_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "CONNSECMARK",
.version = XTABLES_VERSION,
.revision = 0,
}
static struct xtables_target dscp_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "DSCP",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_DSCP_info)),
};
static struct xtables_target dscp_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "DSCP",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_DSCP_info)),
}
static struct xtables_target mark_target_v0 = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "MARK",
.version = XTABLES_VERSION,
.revision = 0,
};
static struct xtables_target mark_target_v1 = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "MARK",
.version = XTABLES_VERSION,
.revision = 1,
};
static struct xtables_target mark_target6_v0 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "MARK",
.version = XTABLES_VERSION,
.revision = 0,
}
static struct xtables_target nflog_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "NFLOG",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_nflog_info)),
};
static struct xtables_target nflog_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "NFLOG",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_nflog_info)),
}
static struct xtables_target nfqueue_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "NFQUEUE",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_NFQ_info)),
};
static struct xtables_target nfqueue_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "NFQUEUE",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_NFQ_info)),
}
static struct xtables_target notrack_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "NOTRACK",
.version = XTABLES_VERSION,
.size = XT_ALIGN(0),
};
static struct xtables_target notrack_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "NOTRACK",
.version = XTABLES_VERSION,
.size = XT_ALIGN(0),
}
static struct xtables_target tcpmss_target = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "TCPMSS",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
};
static struct xtables_target tcpmss_target6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "TCPMSS",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
static struct xtables_target tcpoptstrip_tg_reg = {
.version = XTABLES_VERSION,
.name = "TCPOPTSTRIP",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)),
.help = tcpoptstrip_tg_help,
static struct xtables_target tcpoptstrip_tg6_reg = {
.version = XTABLES_VERSION,
.name = "TCPOPTSTRIP",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tcpoptstrip_target_info)),
.help = tcpoptstrip_tg_help,
.version = XTABLES_VERSION,
.name = "TOS",
.revision = 0,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_tos_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)),
.help = tos_tg_help_v0,
.version = XTABLES_VERSION,
.name = "TOS",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_tos_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)),
.help = tos_tg_help,
static struct xtables_target tos_tg6_reg = {
.version = XTABLES_VERSION,
.name = "TOS",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.revision = 1,
.size = XT_ALIGN(sizeof(struct xt_tos_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tos_target_info)),
static struct xtables_target tproxy_tg_reg = {
.name = "TPROXY",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tproxy_target_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tproxy_target_info)),
}
static struct xtables_match comment_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "comment",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_comment_info)),
};
static struct xtables_match comment_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "comment",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_comment_info)),
}
static struct xtables_match connbytes_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "connbytes",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_connbytes_info)),
};
static struct xtables_match connbytes_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "connbytes",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_connbytes_info)),
*flags |= 0x2;
i = strtoul(argv[optind-1], &err, 0);
- if (family == AF_INET6) {
+ if (family == NFPROTO_IPV6) {
if (i > 128 || *err != '\0')
exit_error(PARAMETER_PROBLEM,
"--connlimit-mask must be between "
struct xt_entry_match **match)
{
return connlimit_parse(c, argv, invert, flags,
- (void *)(*match)->data, AF_INET);
+ (void *)(*match)->data, NFPROTO_IPV4);
}
static int connlimit_parse6(int c, char **argv, int invert,
struct xt_entry_match **match)
{
return connlimit_parse(c, argv, invert, flags,
- (void *)(*match)->data, AF_INET6);
+ (void *)(*match)->data, NFPROTO_IPV6);
}
static void connlimit_check(unsigned int flags)
static struct xtables_match connlimit_match = {
.name = "connlimit",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_connlimit_info)),
.userspacesize = offsetof(struct xt_connlimit_info, data),
static struct xtables_match connlimit_match6 = {
.name = "connlimit",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_connlimit_info)),
.userspacesize = offsetof(struct xt_connlimit_info, data),
}
static struct xtables_match connmark_mt_reg_v0 = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "connmark",
.revision = 0,
.version = XTABLES_VERSION,
};
static struct xtables_match connmark_mt6_reg_v0 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "connmark",
.revision = 0,
.version = XTABLES_VERSION,
.version = XTABLES_VERSION,
.name = "connmark",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
.help = connmark_mt_help,
.version = XTABLES_VERSION,
.name = "connmark",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
.help = connmark_mt_help,
const union nf_inet_addr *mask,
unsigned int family, bool numeric)
{
- if (family == AF_INET) {
+ if (family == NFPROTO_IPV4) {
if (!numeric && addr->ip == 0) {
printf("anywhere ");
return;
printf("%s ", ipaddr_to_numeric(&addr->in));
else
printf("%s ", ipaddr_to_anyname(&addr->in));
- } else if (family == AF_INET6) {
+ } else if (family == NFPROTO_IPV6) {
if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 &&
addr->ip6[2] == 0 && addr->ip6[3] == 0) {
printf("anywhere ");
conntrack_mt_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
- conntrack_dump((const void *)match->data, "", AF_INET, numeric);
+ conntrack_dump((const void *)match->data, "", NFPROTO_IPV4, numeric);
}
static void
conntrack_mt6_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
- conntrack_dump((const void *)match->data, "", AF_INET6, numeric);
+ conntrack_dump((const void *)match->data, "", NFPROTO_IPV6, numeric);
}
static void conntrack_save(const void *ip, const struct xt_entry_match *match)
static void conntrack_mt_save(const void *ip,
const struct xt_entry_match *match)
{
- conntrack_dump((const void *)match->data, "--", AF_INET, true);
+ conntrack_dump((const void *)match->data, "--", NFPROTO_IPV4, true);
}
static void conntrack_mt6_save(const void *ip,
const struct xt_entry_match *match)
{
- conntrack_dump((const void *)match->data, "--", AF_INET6, true);
+ conntrack_dump((const void *)match->data, "--", NFPROTO_IPV6, true);
}
static struct xtables_match conntrack_match = {
.version = XTABLES_VERSION,
.name = "conntrack",
.revision = 0,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_conntrack_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_info)),
.help = conntrack_mt_help,
.version = XTABLES_VERSION,
.name = "conntrack",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)),
.help = conntrack_mt_help,
.version = XTABLES_VERSION,
.name = "conntrack",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)),
.userspacesize = XT_ALIGN(sizeof(struct xt_conntrack_mtinfo1)),
.help = conntrack_mt_help,
static struct xtables_match dccp_match = {
.name = "dccp",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_dccp_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_dccp_info)),
static struct xtables_match dccp_match6 = {
.name = "dccp",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_dccp_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_dccp_info)),
}
static struct xtables_match dscp_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "dscp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_dscp_info)),
};
static struct xtables_match dscp_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "dscp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_dscp_info)),
}
static struct xtables_match esp_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "esp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_esp)),
};
static struct xtables_match esp_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "esp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_esp)),
}
static struct xtables_match hashlimit_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "hashlimit",
.version = XTABLES_VERSION,
.revision = 0,
};
static struct xtables_match hashlimit_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "hashlimit",
.version = XTABLES_VERSION,
.revision = 0,
.version = XTABLES_VERSION,
.name = "hashlimit",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)),
.userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo),
.help = hashlimit_mt_help,
.version = XTABLES_VERSION,
.name = "hashlimit",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_hashlimit_mtinfo1)),
.userspacesize = offsetof(struct xt_hashlimit_mtinfo1, hinfo),
.help = hashlimit_mt_help,
}
static struct xtables_match helper_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "helper",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_helper_info)),
};
static struct xtables_match helper_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "helper",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_helper_info)),
.version = XTABLES_VERSION,
.name = "iprange",
.revision = 0,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_iprange_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_iprange_info)),
.help = iprange_mt_help,
.version = XTABLES_VERSION,
.name = "iprange",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)),
.userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)),
.help = iprange_mt_help,
.version = XTABLES_VERSION,
.name = "iprange",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)),
.userspacesize = XT_ALIGN(sizeof(struct xt_iprange_mtinfo)),
.help = iprange_mt_help,
}
static struct xtables_match mac_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "mac",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_mac_info)),
};
static struct xtables_match mac_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "mac",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_mac_info)),
}
static struct xtables_match multiport_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "multiport",
.revision = 0,
.version = XTABLES_VERSION,
};
static struct xtables_match multiport_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "multiport",
.revision = 0,
.version = XTABLES_VERSION,
};
static struct xtables_match multiport_match_v1 = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "multiport",
.version = XTABLES_VERSION,
.revision = 1,
};
static struct xtables_match multiport_match6_v1 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "multiport",
.version = XTABLES_VERSION,
.revision = 1,
.version = XTABLES_VERSION,
.name = "owner",
.revision = 0,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct ipt_owner_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_owner_info)),
.help = owner_mt_help_v0,
.version = XTABLES_VERSION,
.name = "owner",
.revision = 0,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct ip6t_owner_info)),
.userspacesize = XT_ALIGN(sizeof(struct ip6t_owner_info)),
.help = owner_mt6_help_v0,
.version = XTABLES_VERSION,
.name = "owner",
.revision = 1,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_owner_match_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_owner_match_info)),
.help = owner_mt_help,
.version = XTABLES_VERSION,
.name = "owner",
.revision = 1,
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_owner_match_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_owner_match_info)),
.help = owner_mt_help,
}
static struct xtables_match physdev_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "physdev",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_physdev_info)),
};
static struct xtables_match physdev_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "physdev",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_physdev_info)),
static struct xtables_match recent_mt_reg = {
.name = "recent",
.version = XTABLES_VERSION,
- .family = PF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(sizeof(struct xt_recent_mtinfo)),
.userspacesize = XT_ALIGN(sizeof(struct xt_recent_mtinfo)),
.help = recent_help,
.version = XTABLES_VERSION,
.name = "recent",
.revision = 0,
- .family = PF_INET6,
+ .family = NFPROTO_IPV6,
.size = XT_ALIGN(sizeof(struct xt_recent_mtinfo)),
.userspacesize = XT_ALIGN(sizeof(struct xt_recent_mtinfo)),
.help = recent_help,
static struct xtables_match sctp_match = {
.name = "sctp",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_sctp_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_sctp_info)),
static struct xtables_match sctp_match6 = {
.name = "sctp",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_sctp_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_sctp_info)),
static struct xtables_match socket_mt_reg = {
.name = "socket",
.version = XTABLES_VERSION,
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.size = XT_ALIGN(0),
.userspacesize = XT_ALIGN(0),
.parse = socket_mt_parse,
}
static struct xtables_match state_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "state",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_state_info)),
};
static struct xtables_match state_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "state",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_state_info)),
}
static struct xtables_match tcp_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "tcp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcp)),
};
static struct xtables_match tcp_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "tcp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcp)),
}
static struct xtables_match tcpmss_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "tcpmss",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
};
static struct xtables_match tcpmss_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "tcpmss",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
static struct xtables_match tos_mt_reg_v0 = {
.version = XTABLES_VERSION,
.name = "tos",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.revision = 0,
.size = XT_ALIGN(sizeof(struct ipt_tos_info)),
.userspacesize = XT_ALIGN(sizeof(struct ipt_tos_info)),
static struct xtables_match tos_mt_reg = {
.version = XTABLES_VERSION,
.name = "tos",
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.revision = 1,
.size = XT_ALIGN(sizeof(struct xt_tos_match_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)),
static struct xtables_match tos_mt6_reg = {
.version = XTABLES_VERSION,
.name = "tos",
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.revision = 1,
.size = XT_ALIGN(sizeof(struct xt_tos_match_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)),
}
static struct xtables_match udp_match = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.name = "udp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_udp)),
};
static struct xtables_match udp_match6 = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.name = "udp",
.version = XTABLES_VERSION,
.size = XT_ALIGN(sizeof(struct xt_udp)),
NF_INET_NUMHOOKS
};
+enum {
+ NFPROTO_UNSPEC = 0,
+ NFPROTO_IPV4 = 2,
+ NFPROTO_ARP = 3,
+ NFPROTO_BRIDGE = 7,
+ NFPROTO_IPV6 = 10,
+ NFPROTO_DECNET = 12,
+ NFPROTO_NUMPROTO,
+};
+
union nf_inet_addr {
__u32 all[4];
__be32 ip;
#include <sys/socket.h> /* PF_* */
#include <sys/types.h>
#include <stdbool.h>
+#include <netinet/in.h>
#include <net/if.h>
#include <linux/types.h>
+#include <linux/netfilter.h>
#include <linux/netfilter/x_tables.h>
#ifndef IPPROTO_SCTP
};
struct afinfo afinfo = {
- .family = AF_INET6,
+ .family = NFPROTO_IPV6,
.libprefix = "libip6t_",
.ipproto = IPPROTO_IPV6,
.kmod = "ip6_tables",
};
struct afinfo afinfo = {
- .family = AF_INET,
+ .family = NFPROTO_IPV4,
.libprefix = "libipt_",
.ipproto = IPPROTO_IP,
.kmod = "ip_tables",
The
.I protocol
parameter is used to specify the protocol of the packets to be queued.
-Valid values are PF_INET for IPv4 and PF_INET6 for IPv6. Currently,
+Valid values are NFPROTO_IPV4 for IPv4 and NFPROTO_IPV6 for IPv6. Currently,
only one protocol may be queued at a time for a handle.
.PP
The
unsigned char buf[BUFSIZE];
struct ipq_handle *h;
- h = ipq_create_handle(0, PF_INET);
+ h = ipq_create_handle(0, NFPROTO_IPV4);
if (!h)
die(h);
memset(h, 0, sizeof(struct ipq_handle));
- if (protocol == PF_INET)
+ if (protocol == NFPROTO_IPV4)
h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_FIREWALL);
- else if (protocol == PF_INET6)
+ else if (protocol == NFPROTO_IPV6)
h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_IP6_FW);
else {
ipq_errno = IPQ_ERR_PROTOCOL;
projects / thirdparty / iptables.git / commitdiff
