diff --git a/extensions/ACCOUNT/libxt_ACCOUNT.c b/extensions/ACCOUNT/libxt_ACCOUNT.c index 3252f11..670fefa 100644 --- a/extensions/ACCOUNT/libxt_ACCOUNT.c +++ b/extensions/ACCOUNT/libxt_ACCOUNT.c @@ -142,7 +142,7 @@ account_tg_save(const void *ip, const struct xt_entry_target *target) static struct xtables_target account_tg_reg = { .name = "ACCOUNT", .revision = 1, - .family = AF_INET, + .family = NFPROTO_IPV4, .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct ipt_acc_info)), .userspacesize = offsetof(struct ipt_acc_info, table_nr), diff --git a/extensions/libxt_CHAOS.c b/extensions/libxt_CHAOS.c index 9c88961..c9236b7 100644 --- a/extensions/libxt_CHAOS.c +++ b/extensions/libxt_CHAOS.c @@ -95,7 +95,7 @@ static void chaos_tg_save(const void *ip, const struct xt_entry_target *target) static struct xtables_target chaos_tg_reg = { .version = XTABLES_VERSION, .name = "CHAOS", - .family = AF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_chaos_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_chaos_tginfo)), .help = chaos_tg_help, diff --git a/extensions/libxt_DELUDE.c b/extensions/libxt_DELUDE.c index 2586e7a..8bad829 100644 --- a/extensions/libxt_DELUDE.c +++ b/extensions/libxt_DELUDE.c @@ -33,7 +33,7 @@ static struct xtables_target delude_tg_reg = { .version = XTABLES_VERSION, .name = "DELUDE", .revision = 0, - .family = AF_INET, + .family = NFPROTO_IPV4, .help = delude_tg_help, .parse = delude_tg_parse, .final_check = delude_tg_check, diff --git a/extensions/libxt_DHCPMAC.c b/extensions/libxt_DHCPMAC.c index d1963d4..cfb5b3a 100644 --- a/extensions/libxt_DHCPMAC.c +++ b/extensions/libxt_DHCPMAC.c @@ -84,7 +84,7 @@ static struct xtables_target dhcpmac_tg_reg = { .version = XTABLES_VERSION, .name = "DHCPMAC", .revision = 0, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct dhcpmac_info)), .userspacesize = XT_ALIGN(sizeof(struct dhcpmac_info)), .help = dhcpmac_tg_help, diff --git a/extensions/libxt_ECHO.c b/extensions/libxt_ECHO.c index abeb1d4..a71cd14 100644 --- a/extensions/libxt_ECHO.c +++ b/extensions/libxt_ECHO.c @@ -29,7 +29,7 @@ static void echo_tg_check(unsigned int flags) static struct xtables_target echo_tg_reg = { .version = XTABLES_VERSION, .name = "ECHO", - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .help = echo_tg_help, .parse = echo_tg_parse, .final_check = echo_tg_check, diff --git a/extensions/libxt_IPMARK.c b/extensions/libxt_IPMARK.c index e3390e1..ecf4fd7 100644 --- a/extensions/libxt_IPMARK.c +++ b/extensions/libxt_IPMARK.c @@ -151,7 +151,7 @@ ipmark_tg_save(const void *entry, const struct xt_entry_target *target) static struct xtables_target ipmark_tg_reg = { .version = XTABLES_VERSION, .name = "IPMARK", - .family = PF_UNSPEC, + .family = NFPROTO_UNSPEC, .revision = 1, .size = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)), diff --git a/extensions/libxt_LOGMARK.c b/extensions/libxt_LOGMARK.c index 671175a..2cc7745 100644 --- a/extensions/libxt_LOGMARK.c +++ b/extensions/libxt_LOGMARK.c @@ -100,7 +100,7 @@ static struct xtables_target logmark_tg_reg = { .version = XTABLES_VERSION, .name = "LOGMARK", .revision = 0, - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_logmark_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_logmark_tginfo)), .help = logmark_tg_help, diff --git a/extensions/libxt_RAWDNAT.c b/extensions/libxt_RAWDNAT.c index 6a43750..002682b 100644 --- a/extensions/libxt_RAWDNAT.c +++ b/extensions/libxt_RAWDNAT.c @@ -154,7 +154,7 @@ static struct xtables_target rawdnat_tg4_reg = { .version = XTABLES_VERSION, .name = "RAWDNAT", .revision = 0, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .help = rawdnat_tg_help, @@ -169,7 +169,7 @@ static struct xtables_target rawdnat_tg6_reg = { .version = XTABLES_VERSION, .name = "RAWDNAT", .revision = 0, - .family = PF_INET6, + .family = NFPROTO_IPV6, .size = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .help = rawdnat_tg_help, diff --git a/extensions/libxt_RAWSNAT.c b/extensions/libxt_RAWSNAT.c index f718df9..62be4b4 100644 --- a/extensions/libxt_RAWSNAT.c +++ b/extensions/libxt_RAWSNAT.c @@ -154,7 +154,7 @@ static struct xtables_target rawsnat_tg4_reg = { .version = XTABLES_VERSION, .name = "RAWSNAT", .revision = 0, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .help = rawsnat_tg_help, @@ -169,7 +169,7 @@ static struct xtables_target rawsnat_tg6_reg = { .version = XTABLES_VERSION, .name = "RAWSNAT", .revision = 0, - .family = PF_INET6, + .family = NFPROTO_IPV6, .size = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_rawnat_tginfo)), .help = rawsnat_tg_help, diff --git a/extensions/libxt_STEAL.c b/extensions/libxt_STEAL.c index 275ad84..d69ce2f 100644 --- a/extensions/libxt_STEAL.c +++ b/extensions/libxt_STEAL.c @@ -19,7 +19,7 @@ static void steal_tg_check(unsigned int flags) static struct xtables_target steal_tg_reg = { .version = XTABLES_VERSION, .name = "STEAL", - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .help = steal_tg_help, .parse = steal_tg_parse, .final_check = steal_tg_check, diff --git a/extensions/libxt_SYSRQ.c b/extensions/libxt_SYSRQ.c index 815b084..d5b2f31 100644 --- a/extensions/libxt_SYSRQ.c +++ b/extensions/libxt_SYSRQ.c @@ -25,7 +25,7 @@ static struct xtables_target sysrq_tg_reg = { .version = XTABLES_VERSION, .name = "SYSRQ", .revision = 1, - .family = PF_UNSPEC, + .family = NFPROTO_UNSPEC, .help = sysrq_tg_help, .parse = sysrq_tg_parse, .final_check = sysrq_tg_check, diff --git a/extensions/libxt_TARPIT.c b/extensions/libxt_TARPIT.c index 257b3ab..2e34849 100644 --- a/extensions/libxt_TARPIT.c +++ b/extensions/libxt_TARPIT.c @@ -24,7 +24,7 @@ static void tarpit_tg_check(unsigned int flags) static struct xtables_target tarpit_tg_reg = { .version = XTABLES_VERSION, .name = "TARPIT", - .family = AF_INET, + .family = NFPROTO_IPV4, .help = tarpit_tg_help, .parse = tarpit_tg_parse, .final_check = tarpit_tg_check, diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c index 3546fda..b4b36c9 100644 --- a/extensions/libxt_TEE.c +++ b/extensions/libxt_TEE.c @@ -138,7 +138,7 @@ static struct xtables_target tee_tg_reg = { .name = "TEE", .version = XTABLES_VERSION, .revision = 0, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)), .help = tee_tg_help, @@ -153,7 +153,7 @@ static struct xtables_target tee_tg6_reg = { .name = "TEE", .version = XTABLES_VERSION, .revision = 0, - .family = PF_INET6, + .family = NFPROTO_IPV6, .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)), .help = tee_tg_help, diff --git a/extensions/libxt_condition.c b/extensions/libxt_condition.c index eabe72f..538a5bb 100644 --- a/extensions/libxt_condition.c +++ b/extensions/libxt_condition.c @@ -80,7 +80,7 @@ static void condition_save(const void *ip, const struct xt_entry_match *match) static struct xtables_match condition_mt_reg = { .name = "condition", .revision = 1, - .family = PF_UNSPEC, + .family = NFPROTO_UNSPEC, .version = XTABLES_VERSION, .size = XT_ALIGN(sizeof(struct xt_condition_mtinfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_condition_mtinfo)), diff --git a/extensions/libxt_dhcpmac.c b/extensions/libxt_dhcpmac.c index 3d22a4b..997ccac 100644 --- a/extensions/libxt_dhcpmac.c +++ b/extensions/libxt_dhcpmac.c @@ -85,7 +85,7 @@ static struct xtables_match dhcpmac_mt_reg = { .version = XTABLES_VERSION, .name = "dhcpmac", .revision = 0, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct dhcpmac_info)), .userspacesize = XT_ALIGN(sizeof(struct dhcpmac_info)), .help = dhcpmac_mt_help, diff --git a/extensions/libxt_fuzzy.c b/extensions/libxt_fuzzy.c index de8297e..2d39d0a 100644 --- a/extensions/libxt_fuzzy.c +++ b/extensions/libxt_fuzzy.c @@ -103,6 +103,7 @@ static struct xtables_match fuzzy_mt_reg = { .name = "fuzzy", .revision = 1, .version = XTABLES_VERSION, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_fuzzy_mtinfo)), .userspacesize = offsetof(struct xt_fuzzy_mtinfo, packets_total), .help = fuzzy_mt_help, diff --git a/extensions/libxt_geoip.c b/extensions/libxt_geoip.c index ba446a5..133bcfa 100644 --- a/extensions/libxt_geoip.c +++ b/extensions/libxt_geoip.c @@ -259,7 +259,7 @@ geoip_save(const void *ip, const struct xt_entry_match *match) } static struct xtables_match geoip_match = { - .family = AF_INET, + .family = NFPROTO_IPV4, .name = "geoip", .revision = 1, .version = XTABLES_VERSION, diff --git a/extensions/libxt_iface.c b/extensions/libxt_iface.c index 3b21a64..dea1ec6 100644 --- a/extensions/libxt_iface.c +++ b/extensions/libxt_iface.c @@ -200,7 +200,7 @@ static struct xtables_match iface_mt_reg = { .version = XTABLES_VERSION, .name = "iface", .revision = 0, - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_iface_mtinfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_iface_mtinfo)), .help = iface_mt_help, diff --git a/extensions/libxt_ipp2p.c b/extensions/libxt_ipp2p.c index 1e0d325..2c7e657 100644 --- a/extensions/libxt_ipp2p.c +++ b/extensions/libxt_ipp2p.c @@ -229,7 +229,7 @@ static struct xtables_match ipp2p_mt_reg = { .version = XTABLES_VERSION, .name = "ipp2p", .revision = 1, - .family = AF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct ipt_p2p_info)), .userspacesize = XT_ALIGN(sizeof(struct ipt_p2p_info)), .help = ipp2p_mt_help, diff --git a/extensions/libxt_ipv4options.c b/extensions/libxt_ipv4options.c index f0ad151..32d86e2 100644 --- a/extensions/libxt_ipv4options.c +++ b/extensions/libxt_ipv4options.c @@ -161,7 +161,7 @@ static struct xtables_match ipv4options_mt_reg = { .version = XTABLES_VERSION, .name = "ipv4options", .revision = 1, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_ipv4options_mtinfo1)), .userspacesize = XT_ALIGN(sizeof(struct xt_ipv4options_mtinfo1)), .help = ipv4options_mt_help, diff --git a/extensions/libxt_length2.c b/extensions/libxt_length2.c index bcea64c..7609ab1 100644 --- a/extensions/libxt_length2.c +++ b/extensions/libxt_length2.c @@ -155,7 +155,7 @@ static struct xtables_match length2_mt_reg = { .version = XTABLES_VERSION, .name = "length2", .revision = 2, - .family = PF_UNSPEC, + .family = NFPROTO_UNSPEC, .size = XT_ALIGN(sizeof(struct xt_length_mtinfo2)), .userspacesize = XT_ALIGN(sizeof(struct xt_length_mtinfo2)), .init = length_mt_init, diff --git a/extensions/libxt_lscan.c b/extensions/libxt_lscan.c index 0bcc226..59bc990 100644 --- a/extensions/libxt_lscan.c +++ b/extensions/libxt_lscan.c @@ -105,7 +105,7 @@ static struct xtables_match lscan_mt_reg = { .version = XTABLES_VERSION, .name = "lscan", .revision = 0, - .family = AF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_lscan_mtinfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_lscan_mtinfo)), .help = lscan_mt_help, diff --git a/extensions/libxt_psd.c b/extensions/libxt_psd.c index 88510d0..c3baff6 100644 --- a/extensions/libxt_psd.c +++ b/extensions/libxt_psd.c @@ -139,7 +139,7 @@ static struct xtables_match psd_mt_reg = { .name = "psd", .version = XTABLES_VERSION, .revision = 1, - .family = PF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_psd_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_psd_info)), .help = psd_mt_help, diff --git a/extensions/libxt_quota2.c b/extensions/libxt_quota2.c index 211b64f..ea64153 100644 --- a/extensions/libxt_quota2.c +++ b/extensions/libxt_quota2.c @@ -133,7 +133,7 @@ static void quota_mt2_print(const void *ip, const struct xt_entry_match *match, } static struct xtables_match quota_mt2_reg = { - .family = AF_UNSPEC, + .family = NFPROTO_UNSPEC, .revision = 3, .name = "quota2", .version = XTABLES_VERSION, diff --git a/extensions/pknock/libxt_pknock.c b/extensions/pknock/libxt_pknock.c index c6ad809..c423200 100644 --- a/extensions/pknock/libxt_pknock.c +++ b/extensions/pknock/libxt_pknock.c @@ -326,7 +326,7 @@ static struct xtables_match pknock_mt_reg = { .name = "pknock", .version = XTABLES_VERSION, .revision = 1, - .family = AF_INET, + .family = NFPROTO_IPV4, .size = XT_ALIGN(sizeof(struct xt_pknock_mtinfo)), .userspacesize = XT_ALIGN(sizeof(struct xt_pknock_mtinfo)), .help = pknock_mt_help, diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h index 6ea935f..2eb00b6 100644 --- a/include/linux/netfilter.h +++ b/include/linux/netfilter.h @@ -3,6 +3,7 @@ #include + /* Responses from hook functions. */ #define NF_DROP 0 #define NF_ACCEPT 1 @@ -37,6 +38,16 @@ enum nf_inet_hooks { NF_INET_NUMHOOKS }; +enum { + NFPROTO_UNSPEC = 0, + NFPROTO_IPV4 = 2, + NFPROTO_ARP = 3, + NFPROTO_BRIDGE = 7, + NFPROTO_IPV6 = 10, + NFPROTO_DECNET = 12, + NFPROTO_NUMPROTO, +}; + union nf_inet_addr { __u32 all[4]; __be32 ip;