Description: Sync header from iptables The current versions in several suites have the same content: - 1.6.1-2 (unstable) Bug: https://bugs.debian.org/868059 Forwarded: not-needed Author: Cyril Brulebois Last-Update: 2017-11-22 --- a/include/xtables.h +++ b/include/xtables.h @@ -206,9 +206,24 @@ enum xtables_ext_flags { XTABLES_EXT_ALIAS = 1 << 0, }; +struct xt_xlate; + +struct xt_xlate_mt_params { + const void *ip; + const struct xt_entry_match *match; + int numeric; + bool escape_quotes; +}; + +struct xt_xlate_tg_params { + const void *ip; + const struct xt_entry_target *target; + int numeric; + bool escape_quotes; +}; + /* Include file for additions: new matches and targets. */ -struct xtables_match -{ +struct xtables_match { /* * ABI/API version this module requires. Must be first member, * as the rest of this struct may be subject to ABI changes. @@ -270,6 +285,10 @@ struct xtables_match void (*x6_fcheck)(struct xt_fcheck_call *); const struct xt_option_entry *x6_options; + /* Translate iptables to nft */ + int (*xlate)(struct xt_xlate *xl, + const struct xt_xlate_mt_params *params); + /* Size of per-extension instance extra "global" scratch space */ size_t udata_size; @@ -281,8 +300,7 @@ struct xtables_match unsigned int loaded; /* simulate loading so options are merged properly */ }; -struct xtables_target -{ +struct xtables_target { /* * ABI/API version this module requires. Must be first member, * as the rest of this struct may be subject to ABI changes. @@ -347,6 +365,10 @@ struct xtables_target void (*x6_fcheck)(struct xt_fcheck_call *); const struct xt_option_entry *x6_options; + /* Translate iptables to nft */ + int (*xlate)(struct xt_xlate *xl, + const struct xt_xlate_tg_params *params); + size_t udata_size; /* Ignore these men behind the curtain: */ @@ -407,6 +429,17 @@ struct xtables_globals #define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false} +/* + * enum op- + * + * For writing clean nftables translations code + */ +enum xt_op { + XT_OP_EQ, + XT_OP_NEQ, + XT_OP_MAX, +}; + #ifdef __cplusplus extern "C" { #endif @@ -549,6 +582,14 @@ extern void xtables_lmap_free(struct xta extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *); extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int); +/* xlate infrastructure */ +struct xt_xlate *xt_xlate_alloc(int size); +void xt_xlate_free(struct xt_xlate *xl); +void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...); +void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment); +const char *xt_xlate_get_comment(struct xt_xlate *xl); +const char *xt_xlate_get(struct xt_xlate *xl); + #ifdef XTABLES_INTERNAL /* Shipped modules rely on this... */