# header files are present in the include/linux directory of this iptables
# package (HW)
#
-PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn esp hashlimit helper icmp iprange length limit mac owner physdev pkttype policy realm sctp standard state tcp tcpmss tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG
+PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn esp hashlimit helper icmp iprange length limit mac owner physdev pkttype policy realm sctp standard state tcp tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG
PF6_EXT_SLIB:=connlimit connmark eui64 hl icmp6 length limit mac owner physdev policy standard state tcp CONNMARK HL LOG NFQUEUE MARK TCPMSS TRACE
-PFX_EXT_SLIB:=mark multiport udp NOTRACK
+PFX_EXT_SLIB:=mark multiport tcpmss udp NOTRACK
ifeq ($(DO_SELINUX), 1)
PF_EXT_SE_SLIB:=SECMARK CONNSECMARK
#include <stdlib.h>
#include <getopt.h>
-#include <iptables.h>
-#include <linux/netfilter_ipv4/ipt_tcpmss.h>
+#include <xtables.h>
+#include <linux/netfilter/xt_tcpmss.h>
/* Function which prints out usage message. */
static void
unsigned int *nfcache,
struct xt_entry_match **match)
{
- struct ipt_tcpmss_match_info *mssinfo =
- (struct ipt_tcpmss_match_info *)(*match)->data;
+ struct xt_tcpmss_match_info *mssinfo =
+ (struct xt_tcpmss_match_info *)(*match)->data;
switch (c) {
case '1':
const struct xt_entry_match *match,
int numeric)
{
- const struct ipt_tcpmss_match_info *mssinfo =
- (const struct ipt_tcpmss_match_info *)match->data;
+ const struct xt_tcpmss_match_info *mssinfo =
+ (const struct xt_tcpmss_match_info *)match->data;
printf("tcpmss match ");
print_tcpmss(mssinfo->mss_min, mssinfo->mss_max,
static void
save(const void *ip, const struct xt_entry_match *match)
{
- const struct ipt_tcpmss_match_info *mssinfo =
- (const struct ipt_tcpmss_match_info *)match->data;
+ const struct xt_tcpmss_match_info *mssinfo =
+ (const struct xt_tcpmss_match_info *)match->data;
printf("--mss ");
print_tcpmss(mssinfo->mss_min, mssinfo->mss_max,
mssinfo->invert, 0);
}
-static struct iptables_match tcpmss = {
+static struct xtables_match tcpmss = {
.next = NULL,
+ .family = AF_INET,
.name = "tcpmss",
.version = IPTABLES_VERSION,
- .size = IPT_ALIGN(sizeof(struct ipt_tcpmss_match_info)),
- .userspacesize = IPT_ALIGN(sizeof(struct ipt_tcpmss_match_info)),
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
+ .help = &help,
+ .parse = &parse,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+static struct xtables_match tcpmss6 = {
+ .next = NULL,
+ .family = AF_INET6,
+ .name = "tcpmss",
+ .version = IPTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
.help = &help,
.parse = &parse,
.final_check = &final_check,
void _init(void)
{
- register_match(&tcpmss);
+ xtables_register_match(&tcpmss);
+ xtables_register_match(&tcpmss6);
}
projects / thirdparty / iptables.git / commitdiff
