redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/include/net/netfilter/nf_tables_core.h
Patrick McHardy 22fe54d5fe netfilter: nf_tables: add support for dynamic set updates 
Add a new "dynset" expression for dynamic set updates.

A new set op ->update() is added which, for non existant elements,
invokes an initialization callback and inserts the new element.
For both new or existing elements the extenstion pointer is returned
to the caller to optionally perform timer updates or other actions.

Element removal is not supported so far, however that seems to be a
rather exotic need and can be added later on.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-04-08 16:58:27 +02:00

56 lines
1.3 KiB
C
Raw Blame History

#ifndef _NET_NF_TABLES_CORE_H
#define _NET_NF_TABLES_CORE_H
int nf_tables_core_module_init(void);
void nf_tables_core_module_exit(void);
int nft_immediate_module_init(void);
void nft_immediate_module_exit(void);
struct nft_cmp_fast_expr {
u32 data;
enum nft_registers sreg:8;
u8 len;
};
/* Calculate the mask for the nft_cmp_fast expression. On big endian the
* mask needs to include the *upper* bytes when interpreting that data as
* something smaller than the full u32, therefore a cpu_to_le32 is done.
*/
static inline u32 nft_cmp_fast_mask(unsigned int len)
{
return cpu_to_le32(~0U >> (FIELD_SIZEOF(struct nft_cmp_fast_expr,
data) * BITS_PER_BYTE - len));
}
extern const struct nft_expr_ops nft_cmp_fast_ops;
int nft_cmp_module_init(void);
void nft_cmp_module_exit(void);
int nft_lookup_module_init(void);
void nft_lookup_module_exit(void);
int nft_dynset_module_init(void);
void nft_dynset_module_exit(void);
int nft_bitwise_module_init(void);
void nft_bitwise_module_exit(void);
int nft_byteorder_module_init(void);
void nft_byteorder_module_exit(void);
struct nft_payload {
enum nft_payload_bases base:8;
u8 offset;
u8 len;
enum nft_registers dreg:8;
};
extern const struct nft_expr_ops nft_payload_fast_ops;
int nft_payload_module_init(void);
void nft_payload_module_exit(void);
#endif /* _NET_NF_TABLES_CORE_H */
View git blame Copy permalink