mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-05 05:24:20 +00:00
102 lines
2.8 KiB
Diff
102 lines
2.8 KiB
Diff
|
Description: Sync header from iptables
|
||
|
The current versions in several suites have the same content:
|
||
|
- 1.6.1-2 (unstable)
|
||
|
Bug: https://bugs.debian.org/868059
|
||
|
Forwarded: not-needed
|
||
|
Author: Cyril Brulebois <cyril@debamax.com>
|
||
|
Last-Update: 2017-11-22
|
||
|
--- a/include/xtables.h
|
||
|
+++ b/include/xtables.h
|
||
|
@@ -205,9 +205,24 @@ enum xtables_ext_flags {
|
||
|
XTABLES_EXT_ALIAS = 1 << 0,
|
||
|
};
|
||
|
|
||
|
+struct xt_xlate;
|
||
|
+
|
||
|
+struct xt_xlate_mt_params {
|
||
|
+ const void *ip;
|
||
|
+ const struct xt_entry_match *match;
|
||
|
+ int numeric;
|
||
|
+ bool escape_quotes;
|
||
|
+};
|
||
|
+
|
||
|
+struct xt_xlate_tg_params {
|
||
|
+ const void *ip;
|
||
|
+ const struct xt_entry_target *target;
|
||
|
+ int numeric;
|
||
|
+ bool escape_quotes;
|
||
|
+};
|
||
|
+
|
||
|
/* Include file for additions: new matches and targets. */
|
||
|
-struct xtables_match
|
||
|
-{
|
||
|
+struct xtables_match {
|
||
|
/*
|
||
|
* ABI/API version this module requires. Must be first member,
|
||
|
* as the rest of this struct may be subject to ABI changes.
|
||
|
@@ -269,6 +284,10 @@ struct xtables_match
|
||
|
void (*x6_fcheck)(struct xt_fcheck_call *);
|
||
|
const struct xt_option_entry *x6_options;
|
||
|
|
||
|
+ /* Translate iptables to nft */
|
||
|
+ int (*xlate)(struct xt_xlate *xl,
|
||
|
+ const struct xt_xlate_mt_params *params);
|
||
|
+
|
||
|
/* Size of per-extension instance extra "global" scratch space */
|
||
|
size_t udata_size;
|
||
|
|
||
|
@@ -280,8 +299,7 @@ struct xtables_match
|
||
|
unsigned int loaded; /* simulate loading so options are merged properly */
|
||
|
};
|
||
|
|
||
|
-struct xtables_target
|
||
|
-{
|
||
|
+struct xtables_target {
|
||
|
/*
|
||
|
* ABI/API version this module requires. Must be first member,
|
||
|
* as the rest of this struct may be subject to ABI changes.
|
||
|
@@ -346,6 +364,10 @@ struct xtables_target
|
||
|
void (*x6_fcheck)(struct xt_fcheck_call *);
|
||
|
const struct xt_option_entry *x6_options;
|
||
|
|
||
|
+ /* Translate iptables to nft */
|
||
|
+ int (*xlate)(struct xt_xlate *xl,
|
||
|
+ const struct xt_xlate_tg_params *params);
|
||
|
+
|
||
|
size_t udata_size;
|
||
|
|
||
|
/* Ignore these men behind the curtain: */
|
||
|
@@ -406,6 +428,17 @@ struct xtables_globals
|
||
|
|
||
|
#define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false}
|
||
|
|
||
|
+/*
|
||
|
+ * enum op-
|
||
|
+ *
|
||
|
+ * For writing clean nftables translations code
|
||
|
+ */
|
||
|
+enum xt_op {
|
||
|
+ XT_OP_EQ,
|
||
|
+ XT_OP_NEQ,
|
||
|
+ XT_OP_MAX,
|
||
|
+};
|
||
|
+
|
||
|
#ifdef __cplusplus
|
||
|
extern "C" {
|
||
|
#endif
|
||
|
@@ -548,6 +581,14 @@ extern void xtables_lmap_free(struct xta
|
||
|
extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *);
|
||
|
extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int);
|
||
|
|
||
|
+/* xlate infrastructure */
|
||
|
+struct xt_xlate *xt_xlate_alloc(int size);
|
||
|
+void xt_xlate_free(struct xt_xlate *xl);
|
||
|
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
|
||
|
+void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment);
|
||
|
+const char *xt_xlate_get_comment(struct xt_xlate *xl);
|
||
|
+const char *xt_xlate_get(struct xt_xlate *xl);
|
||
|
+
|
||
|
#ifdef XTABLES_INTERNAL
|
||
|
|
||
|
/* Shipped modules rely on this... */
|