diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-13 13:28:32 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-13 13:28:32 -0700 |
| commit | 0b381a286e5d748b1fd80095d3dd52326819742f (patch) | |
| tree | d72fca56123520b9c78661137f8a02b6ad26f95b /include/linux/netfilter.h | |
| parent | 034b5eeb6bc783e7f60e11299154556e65699e7a (diff) | |
| parent | 5921e6f8809b1616932ca4afd40fe449faa8fd88 (diff) | |
Merge tag 'disintegrate-main-20121013' of git://git.infradead.org/users/dhowells/linux-headers
Pull UAPI disintegration for include/linux/{,byteorder/}*.h from David Howells:
"The patches contained herein do the following:
(1) Remove kernel-only stuff in linux/ppp-comp.h from the UAPI. I checked
this with Paul Mackerras before I created the patch and he suggested some
extra bits to unexport.
(2) Remove linux/blk_types.h entirely from the UAPI as none of it is userspace
applicable, and remove from the UAPI that part of linux/fs.h that was the
reason for linux/blk_types.h being exported in the first place. I
discussed this with Jens Axboe before creating the patch.
(3) The big patch of the series to disintegrate include/linux/*.h as a unit.
This could be split up, though there would be collisions in moving stuff
between the two Kbuild files when the parts are merged as that file is
sorted alphabetically rather than being grouped by subsystem.
Of this set of headers, 17 files have changed in the UAPI exported region
since the 4th and only 8 since the 9th so there isn't much change in this
area - as one might expect.
It should be pretty obvious and straightforward if it does come to fixing
up: stuff in __KERNEL__ guards stays where it is and stuff outside moves
to the same file in the include/uapi/linux/ directory.
If a new file appears then things get a bit more complicated as the
"headers +=" line has to move to include/uapi/linux/Kbuild. Only one new
file has appeared since the 9th and I judge this type of event relatively
unlikely.
(4) A patch to disintegrate include/linux/byteorder/*.h as a unit.
Signed-off-by: David Howells <dhowells@redhat.com>"
* tag 'disintegrate-main-20121013' of git://git.infradead.org/users/dhowells/linux-headers:
UAPI: (Scripted) Disintegrate include/linux/byteorder
UAPI: (Scripted) Disintegrate include/linux
UAPI: Unexport linux/blk_types.h
UAPI: Unexport part of linux/ppp-comp.h
Diffstat (limited to 'include/linux/netfilter.h')
| -rw-r--r-- | include/linux/netfilter.h | 72 |
1 files changed, 1 insertions, 71 deletions
diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h index 1dcf2a38e51..ee142846f56 100644 --- a/include/linux/netfilter.h +++ b/include/linux/netfilter.h @@ -1,7 +1,6 @@ #ifndef __LINUX_NETFILTER_H #define __LINUX_NETFILTER_H -#ifdef __KERNEL__ #include <linux/init.h> #include <linux/skbuff.h> #include <linux/net.h> @@ -10,75 +9,7 @@ #include <linux/in6.h> #include <linux/wait.h> #include <linux/list.h> -#endif -#include <linux/types.h> -#include <linux/compiler.h> -#include <linux/sysctl.h> - -/* Responses from hook functions. */ -#define NF_DROP 0 -#define NF_ACCEPT 1 -#define NF_STOLEN 2 -#define NF_QUEUE 3 -#define NF_REPEAT 4 -#define NF_STOP 5 -#define NF_MAX_VERDICT NF_STOP - -/* we overload the higher bits for encoding auxiliary data such as the queue - * number or errno values. Not nice, but better than additional function - * arguments. */ -#define NF_VERDICT_MASK 0x000000ff - -/* extra verdict flags have mask 0x0000ff00 */ -#define NF_VERDICT_FLAG_QUEUE_BYPASS 0x00008000 - -/* queue number (NF_QUEUE) or errno (NF_DROP) */ -#define NF_VERDICT_QMASK 0xffff0000 -#define NF_VERDICT_QBITS 16 - -#define NF_QUEUE_NR(x) ((((x) << 16) & NF_VERDICT_QMASK) | NF_QUEUE) - -#define NF_DROP_ERR(x) (((-x) << 16) | NF_DROP) - -/* only for userspace compatibility */ -#ifndef __KERNEL__ -/* Generic cache responses from hook functions. - <= 0x2000 is used for protocol-flags. */ -#define NFC_UNKNOWN 0x4000 -#define NFC_ALTERED 0x8000 - -/* NF_VERDICT_BITS should be 8 now, but userspace might break if this changes */ -#define NF_VERDICT_BITS 16 -#endif - -enum nf_inet_hooks { - NF_INET_PRE_ROUTING, - NF_INET_LOCAL_IN, - NF_INET_FORWARD, - NF_INET_LOCAL_OUT, - NF_INET_POST_ROUTING, - NF_INET_NUMHOOKS -}; - -enum { - NFPROTO_UNSPEC = 0, - NFPROTO_IPV4 = 2, - NFPROTO_ARP = 3, - NFPROTO_BRIDGE = 7, - NFPROTO_IPV6 = 10, - NFPROTO_DECNET = 12, - NFPROTO_NUMPROTO, -}; - -union nf_inet_addr { - __u32 all[4]; - __be32 ip; - __be32 ip6[4]; - struct in_addr in; - struct in6_addr in6; -}; - -#ifdef __KERNEL__ +#include <uapi/linux/netfilter.h> #ifdef CONFIG_NETFILTER static inline int NF_DROP_GETERR(int verdict) { @@ -411,5 +342,4 @@ extern struct nfq_ct_nat_hook __rcu *nfq_ct_nat_hook; static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} #endif -#endif /*__KERNEL__*/ #endif /*__LINUX_NETFILTER_H*/ |