diff options
| author | Roland McGrath <roland@gnu.org> | 2000-02-04 03:21:18 +0000 |
|---|---|---|
| committer | Roland McGrath <roland@gnu.org> | 2000-02-04 03:21:18 +0000 |
| commit | 9fd51e9b0ad33a89a83fdbbb66bd20d85f7893fb (patch) | |
| tree | 8845b79f170028cb4380045c50277bbf075b5b7d /pfinet/linux-src/include/linux/firewall.h | |
Import of Linux 2.2.12 subset (ipv4 stack and related)
Diffstat (limited to 'pfinet/linux-src/include/linux/firewall.h')
| -rw-r--r-- | pfinet/linux-src/include/linux/firewall.h | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/pfinet/linux-src/include/linux/firewall.h b/pfinet/linux-src/include/linux/firewall.h new file mode 100644 index 00000000..1747f381 --- /dev/null +++ b/pfinet/linux-src/include/linux/firewall.h @@ -0,0 +1,61 @@ +#ifndef __LINUX_FIREWALL_H +#define __LINUX_FIREWALL_H + +#include <linux/config.h> + +/* + * Definitions for loadable firewall modules + */ + +#define FW_QUEUE 0 +#define FW_BLOCK 1 +#define FW_ACCEPT 2 +#define FW_REJECT (-1) +#define FW_REDIRECT 3 +#define FW_MASQUERADE 4 +#define FW_SKIP 5 + +struct firewall_ops +{ + struct firewall_ops *next; + int (*fw_forward)(struct firewall_ops *this, int pf, + struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); + int (*fw_input)(struct firewall_ops *this, int pf, + struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); + int (*fw_output)(struct firewall_ops *this, int pf, + struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); + /* Data falling in the second 486 cache line isn't used directly + during a firewall call and scan, only by insert/delete and other + unusual cases + */ + int fw_pf; /* Protocol family */ + int fw_priority; /* Priority of chosen firewalls */ +}; + +#ifdef __KERNEL__ +extern int register_firewall(int pf, struct firewall_ops *fw); +extern int unregister_firewall(int pf, struct firewall_ops *fw); +extern void fwchain_init(void); +#ifdef CONFIG_FIREWALL +extern int call_fw_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); +extern int call_in_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); +extern int call_out_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb); +#else +extern __inline__ int call_fw_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb) +{ + return FW_ACCEPT; +} + +extern __inline__ int call_in_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb) +{ + return FW_ACCEPT; +} + +extern __inline__ int call_out_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb) +{ + return FW_ACCEPT; +} + +#endif +#endif +#endif |