netfilter: xt_addrtype: ipv6 support

The kernel will refuse certain types that do not work in ipv6 mode. We can then add these features incrementally without risk of userspace breakage. Signed-off-by: Florian Westphal <fwestphal@astaro.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Florian Westphal <fwestphal@astaro.com> 2011-03-15 20:17:44 +0100
committer: Patrick McHardy <kaber@trash.net> 2011-03-15 20:17:44 +0100
commit: 2f5dc63123905a89d4260ab8ee08d19ec104db04 (patch)
tree: 1640ff192d42c3433daf99e6760d51f19ef3a3ac /include/linux/netfilter
parent: de81bbea17650769882bc625d6b5df11ee7c4b24 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_addrtype.h b/include/linux/netfilter/xt_addrtype.h
index b492fc84f73..b156baa9d55 100644
--- a/include/linux/netfilter/xt_addrtype.h
+++ b/include/linux/netfilter/xt_addrtype.h
@@ -10,6 +10,23 @@ enum {
 	XT_ADDRTYPE_LIMIT_IFACE_OUT	= 0x0008,
 };
 
+
+/* rtn_type enum values from rtnetlink.h, but shifted */
+enum {
+	XT_ADDRTYPE_UNSPEC = 1 << 0,
+	XT_ADDRTYPE_UNICAST = 1 << 1,	/* 1 << RTN_UNICAST */
+	XT_ADDRTYPE_LOCAL  = 1 << 2,	/* 1 << RTN_LOCAL, etc */
+	XT_ADDRTYPE_BROADCAST = 1 << 3,
+	XT_ADDRTYPE_ANYCAST = 1 << 4,
+	XT_ADDRTYPE_MULTICAST = 1 << 5,
+	XT_ADDRTYPE_BLACKHOLE = 1 << 6,
+	XT_ADDRTYPE_UNREACHABLE = 1 << 7,
+	XT_ADDRTYPE_PROHIBIT = 1 << 8,
+	XT_ADDRTYPE_THROW = 1 << 9,
+	XT_ADDRTYPE_NAT = 1 << 10,
+	XT_ADDRTYPE_XRESOLVE = 1 << 11,
+};
+
 struct xt_addrtype_info_v1 {
 	__u16	source;		/* source-type mask */
 	__u16	dest;		/* dest-type mask */
author	Florian Westphal <fwestphal@astaro.com>	2011-03-15 20:17:44 +0100
committer	Patrick McHardy <kaber@trash.net>	2011-03-15 20:17:44 +0100
commit	2f5dc63123905a89d4260ab8ee08d19ec104db04 (patch)
tree	1640ff192d42c3433daf99e6760d51f19ef3a3ac /include/linux/netfilter
parent	de81bbea17650769882bc625d6b5df11ee7c4b24 (diff)