projects
/
oweals
/
netifd.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add basic support for jail network namespaces
[oweals/netifd.git]
/
iprule.h
diff --git
a/iprule.h
b/iprule.h
index e8a25558ef76fc79f5f0f569ca923c92e849bdbc..89b94b459a49ec1cd9fa87809342185297e3b9a4 100644
(file)
--- a/
iprule.h
+++ b/
iprule.h
@@
-17,10
+17,10
@@
#include "interface-ip.h"
#include "interface-ip.h"
-#define IPRULE_PRIORITY_ADDR 10000
-#define IPRULE_PRIORITY_ADDR_MASK 20000
-#define IPRULE_PRIORITY_NW 90000
-#define IPRULE_PRIORITY_REJECT 4200000000
+#define IPRULE_PRIORITY_ADDR
10000
+#define IPRULE_PRIORITY_ADDR_MASK
20000
+#define IPRULE_PRIORITY_NW
90000
+#define IPRULE_PRIORITY_REJECT
4200000000
enum iprule_flags {
/* address family for rule */
enum iprule_flags {
/* address family for rule */
@@
-29,22
+29,22
@@
enum iprule_flags {
IPRULE_FAMILY = IPRULE_INET4 | IPRULE_INET6,
/* rule specifies input device */
IPRULE_FAMILY = IPRULE_INET4 | IPRULE_INET6,
/* rule specifies input device */
- IPRULE_IN
= (1 << 2),
+ IPRULE_IN = (1 << 2),
/* rule specifies output device */
/* rule specifies output device */
- IPRULE_OUT
= (1 << 3),
+ IPRULE_OUT = (1 << 3),
/* rule specifies src */
/* rule specifies src */
- IPRULE_SRC
= (1 << 4),
+ IPRULE_SRC = (1 << 4),
/* rule specifies dest */
/* rule specifies dest */
- IPRULE_DEST
= (1 << 5),
+ IPRULE_DEST = (1 << 5),
/* rule specifies priority */
IPRULE_PRIORITY = (1 << 6),
/* rule specifies diffserv/tos */
/* rule specifies priority */
IPRULE_PRIORITY = (1 << 6),
/* rule specifies diffserv/tos */
- IPRULE_TOS
= (1 << 7),
+ IPRULE_TOS = (1 << 7),
/* rule specifies fwmark */
IPRULE_FWMARK = (1 << 8),
/* rule specifies fwmark */
IPRULE_FWMARK = (1 << 8),
@@
-59,21
+59,35
@@
enum iprule_flags {
IPRULE_ACTION = (1 << 11),
/* rule is a goto */
IPRULE_ACTION = (1 << 11),
/* rule is a goto */
- IPRULE_GOTO = (1 << 12),
+ IPRULE_GOTO = (1 << 12),
+
+ /* rule suppresses results by prefix length */
+ IPRULE_SUP_PREFIXLEN = (1 << 13),
};
struct iprule {
struct vlist_node node;
unsigned int order;
};
struct iprule {
struct vlist_node node;
unsigned int order;
+ /* to receive interface events */
+ struct interface_user in_iface_user;
+ struct interface_user out_iface_user;
+
+ /* device name */
+ char in_dev[IFNAMSIZ + 1];
+ char out_dev[IFNAMSIZ + 1];
+
/* everything below is used as avl tree key */
/* everything below is used as avl tree key */
+ /* don't change the order */
+
+ /* uci interface name */
+ char *in_iface;
+ char *out_iface;
+
enum iprule_flags flags;
bool invert;
enum iprule_flags flags;
bool invert;
- char in_dev[IFNAMSIZ + 1];
- char out_dev[IFNAMSIZ + 1];
-
unsigned int src_mask;
union if_addr src_addr;
unsigned int src_mask;
union if_addr src_addr;
@@
-87,6
+101,7
@@
struct iprule {
unsigned int fwmask;
unsigned int lookup;
unsigned int fwmask;
unsigned int lookup;
+ unsigned int sup_prefixlen;
unsigned int action;
unsigned int gotoid;
};
unsigned int action;
unsigned int gotoid;
};