include: refresh uapi/linux/netfilter/nf_tables.h copy

Fetch incremental incremental updates on this file.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index eeffde196f804e2ea386eb5227f620b2371ba6f3..8a63f22b365d54ea00397cabe3e24c86f7ce1bf4 100644 (file)
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -3,6 +3,7 @@
 
 #define NFT_TABLE_MAXNAMELEN   32
 #define NFT_CHAIN_MAXNAMELEN   32
+#define NFT_SET_MAXNAMELEN     32
 #define NFT_USERDATA_MAXLEN    256
 
 /**
@@ -182,6 +183,7 @@ enum nft_chain_attributes {
        NFTA_CHAIN_USE,
        NFTA_CHAIN_TYPE,
        NFTA_CHAIN_COUNTERS,
+       NFTA_CHAIN_PAD,
        __NFTA_CHAIN_MAX
 };
 #define NFTA_CHAIN_MAX         (__NFTA_CHAIN_MAX - 1)
@@ -206,6 +208,7 @@ enum nft_rule_attributes {
        NFTA_RULE_COMPAT,
        NFTA_RULE_POSITION,
        NFTA_RULE_USERDATA,
+       NFTA_RULE_PAD,
        __NFTA_RULE_MAX
 };
 #define NFTA_RULE_MAX          (__NFTA_RULE_MAX - 1)
@@ -308,6 +311,7 @@ enum nft_set_attributes {
        NFTA_SET_TIMEOUT,
        NFTA_SET_GC_INTERVAL,
        NFTA_SET_USERDATA,
+       NFTA_SET_PAD,
        __NFTA_SET_MAX
 };
 #define NFTA_SET_MAX           (__NFTA_SET_MAX - 1)
@@ -341,6 +345,7 @@ enum nft_set_elem_attributes {
        NFTA_SET_ELEM_EXPIRATION,
        NFTA_SET_ELEM_USERDATA,
        NFTA_SET_ELEM_EXPR,
+       NFTA_SET_ELEM_PAD,
        __NFTA_SET_ELEM_MAX
 };
 #define NFTA_SET_ELEM_MAX      (__NFTA_SET_ELEM_MAX - 1)
@@ -541,6 +546,10 @@ enum nft_cmp_attributes {
 };
 #define NFTA_CMP_MAX           (__NFTA_CMP_MAX - 1)
 
+enum nft_lookup_flags {
+       NFT_LOOKUP_F_INV = (1 << 0),
+};
+
 /**
  * enum nft_lookup_attributes - nf_tables set lookup expression netlink attributes
  *
@@ -548,6 +557,7 @@ enum nft_cmp_attributes {
  * @NFTA_LOOKUP_SREG: source register of the data to look for (NLA_U32: nft_registers)
  * @NFTA_LOOKUP_DREG: destination register (NLA_U32: nft_registers)
  * @NFTA_LOOKUP_SET_ID: uniquely identifies a set in a transaction (NLA_U32)
+ * @NFTA_LOOKUP_FLAGS: flags (NLA_U32: enum nft_lookup_flags)
  */
 enum nft_lookup_attributes {
        NFTA_LOOKUP_UNSPEC,
@@ -555,6 +565,7 @@ enum nft_lookup_attributes {
        NFTA_LOOKUP_SREG,
        NFTA_LOOKUP_DREG,
        NFTA_LOOKUP_SET_ID,
+       NFTA_LOOKUP_FLAGS,
        __NFTA_LOOKUP_MAX
 };
 #define NFTA_LOOKUP_MAX                (__NFTA_LOOKUP_MAX - 1)
@@ -584,6 +595,7 @@ enum nft_dynset_attributes {
        NFTA_DYNSET_SREG_DATA,
        NFTA_DYNSET_TIMEOUT,
        NFTA_DYNSET_EXPR,
+       NFTA_DYNSET_PAD,
        __NFTA_DYNSET_MAX,
 };
 #define NFTA_DYNSET_MAX                (__NFTA_DYNSET_MAX - 1)
@@ -711,6 +723,26 @@ enum nft_meta_keys {
        NFT_META_PRANDOM,
 };
 
+/**
+ * enum nft_hash_attributes - nf_tables hash expression netlink attributes
+ *
+ * @NFTA_HASH_SREG: source register (NLA_U32)
+ * @NFTA_HASH_DREG: destination register (NLA_U32)
+ * @NFTA_HASH_LEN: source data length (NLA_U32)
+ * @NFTA_HASH_MODULUS: modulus value (NLA_U32)
+ * @NFTA_HASH_SEED: seed value (NLA_U32)
+ */
+enum nft_hash_attributes {
+       NFTA_HASH_UNSPEC,
+       NFTA_HASH_SREG,
+       NFTA_HASH_DREG,
+       NFTA_HASH_LEN,
+       NFTA_HASH_MODULUS,
+       NFTA_HASH_SEED,
+       __NFTA_HASH_MAX,
+};
+#define NFTA_HASH_MAX  (__NFTA_HASH_MAX - 1)
+
 /**
  * enum nft_meta_attributes - nf_tables meta expression netlink attributes
  *
@@ -806,6 +838,7 @@ enum nft_limit_attributes {
        NFTA_LIMIT_BURST,
        NFTA_LIMIT_TYPE,
        NFTA_LIMIT_FLAGS,
+       NFTA_LIMIT_PAD,
        __NFTA_LIMIT_MAX
 };
 #define NFTA_LIMIT_MAX         (__NFTA_LIMIT_MAX - 1)
@@ -820,6 +853,7 @@ enum nft_counter_attributes {
        NFTA_COUNTER_UNSPEC,
        NFTA_COUNTER_BYTES,
        NFTA_COUNTER_PACKETS,
+       NFTA_COUNTER_PAD,
        __NFTA_COUNTER_MAX
 };
 #define NFTA_COUNTER_MAX       (__NFTA_COUNTER_MAX - 1)
@@ -866,6 +900,25 @@ enum nft_queue_attributes {
 #define NFT_QUEUE_FLAG_CPU_FANOUT      0x02 /* use current CPU (no hashing) */
 #define NFT_QUEUE_FLAG_MASK            0x03
 
+enum nft_quota_flags {
+       NFT_QUOTA_F_INV         = (1 << 0),
+};
+
+/**
+ * enum nft_quota_attributes - nf_tables quota expression netlink attributes
+ *
+ * @NFTA_QUOTA_BYTES: quota in bytes (NLA_U16)
+ * @NFTA_QUOTA_FLAGS: flags (NLA_U32)
+ */
+enum nft_quota_attributes {
+       NFTA_QUOTA_UNSPEC,
+       NFTA_QUOTA_BYTES,
+       NFTA_QUOTA_FLAGS,
+       NFTA_QUOTA_PAD,
+       __NFTA_QUOTA_MAX
+};
+#define NFTA_QUOTA_MAX         (__NFTA_QUOTA_MAX - 1)
+
 /**
  * enum nft_reject_types - nf_tables reject expression reject types
  *
@@ -1037,7 +1090,7 @@ enum nft_gen_attributes {
  * @NFTA_TRACE_NFPROTO: nf protocol processed (NLA_U32)
  * @NFTA_TRACE_POLICY: policy that decided fate of packet (NLA_U32)
  */
-enum nft_trace_attibutes {
+enum nft_trace_attributes {
        NFTA_TRACE_UNSPEC,
        NFTA_TRACE_TABLE,
        NFTA_TRACE_CHAIN,
@@ -1055,6 +1108,7 @@ enum nft_trace_attibutes {
        NFTA_TRACE_MARK,
        NFTA_TRACE_NFPROTO,
        NFTA_TRACE_POLICY,
+       NFTA_TRACE_PAD,
        __NFTA_TRACE_MAX
 };
 #define NFTA_TRACE_MAX (__NFTA_TRACE_MAX - 1)
@@ -1067,4 +1121,28 @@ enum nft_trace_types {
        __NFT_TRACETYPE_MAX
 };
 #define NFT_TRACETYPE_MAX (__NFT_TRACETYPE_MAX - 1)
+
+/**
+ * enum nft_ng_attributes - nf_tables number generator expression netlink attributes
+ *
+ * @NFTA_NG_DREG: destination register (NLA_U32)
+ * @NFTA_NG_UNTIL: source value to increment the counter until reset (NLA_U32)
+ * @NFTA_NG_TYPE: operation type (NLA_U32)
+ */
+enum nft_ng_attributes {
+       NFTA_NG_UNSPEC,
+       NFTA_NG_DREG,
+       NFTA_NG_UNTIL,
+       NFTA_NG_TYPE,
+       __NFTA_NG_MAX
+};
+#define NFTA_NG_MAX    (__NFTA_NG_MAX - 1)
+
+enum nft_ng_types {
+       NFT_NG_INCREMENTAL,
+       NFT_NG_RANDOM,
+       __NFT_NG_MAX
+};
+#define NFT_NG_MAX     (__NFT_NG_MAX - 1)
+
 #endif /* _LINUX_NF_TABLES_H */