X-Git-Url: http://git.cascardo.eti.br/?a=blobdiff_plain;f=include%2Flinux%2Fnetfilter.h;h=ee142846f56a80882243b2dfc4468e9fdfbc5d3f;hb=3529e730b562f105764cc3dd287ff0a86cedfa85;hp=c613cf0d7884f8d3f4cf85c188a17c04f8f5e054;hpb=d97e1dcde5e19ed1f828baff4ab5fd0e517c8dae;p=cascardo%2Flinux.git

diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index c613cf0d7884..ee142846f56a 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -1,7 +1,6 @@
 #ifndef __LINUX_NETFILTER_H
 #define __LINUX_NETFILTER_H
 
-#ifdef __KERNEL__
 #include <linux/init.h>
 #include <linux/skbuff.h>
 #include <linux/net.h>
@@ -10,75 +9,7 @@
 #include <linux/in6.h>
 #include <linux/wait.h>
 #include <linux/list.h>
-#endif
-#include <linux/types.h>
-#include <linux/compiler.h>
-#include <linux/sysctl.h>
-
-/* Responses from hook functions. */
-#define NF_DROP 0
-#define NF_ACCEPT 1
-#define NF_STOLEN 2
-#define NF_QUEUE 3
-#define NF_REPEAT 4
-#define NF_STOP 5
-#define NF_MAX_VERDICT NF_STOP
-
-/* we overload the higher bits for encoding auxiliary data such as the queue
- * number or errno values. Not nice, but better than additional function
- * arguments. */
-#define NF_VERDICT_MASK 0x000000ff
-
-/* extra verdict flags have mask 0x0000ff00 */
-#define NF_VERDICT_FLAG_QUEUE_BYPASS	0x00008000
-
-/* queue number (NF_QUEUE) or errno (NF_DROP) */
-#define NF_VERDICT_QMASK 0xffff0000
-#define NF_VERDICT_QBITS 16
-
-#define NF_QUEUE_NR(x) ((((x) << 16) & NF_VERDICT_QMASK) | NF_QUEUE)
-
-#define NF_DROP_ERR(x) (((-x) << 16) | NF_DROP)
-
-/* only for userspace compatibility */
-#ifndef __KERNEL__
-/* Generic cache responses from hook functions.
-   <= 0x2000 is used for protocol-flags. */
-#define NFC_UNKNOWN 0x4000
-#define NFC_ALTERED 0x8000
-
-/* NF_VERDICT_BITS should be 8 now, but userspace might break if this changes */
-#define NF_VERDICT_BITS 16
-#endif
-
-enum nf_inet_hooks {
-	NF_INET_PRE_ROUTING,
-	NF_INET_LOCAL_IN,
-	NF_INET_FORWARD,
-	NF_INET_LOCAL_OUT,
-	NF_INET_POST_ROUTING,
-	NF_INET_NUMHOOKS
-};
-
-enum {
-	NFPROTO_UNSPEC =  0,
-	NFPROTO_IPV4   =  2,
-	NFPROTO_ARP    =  3,
-	NFPROTO_BRIDGE =  7,
-	NFPROTO_IPV6   = 10,
-	NFPROTO_DECNET = 12,
-	NFPROTO_NUMPROTO,
-};
-
-union nf_inet_addr {
-	__u32		all[4];
-	__be32		ip;
-	__be32		ip6[4];
-	struct in_addr	in;
-	struct in6_addr	in6;
-};
-
-#ifdef __KERNEL__
+#include <uapi/linux/netfilter.h>
 #ifdef CONFIG_NETFILTER
 static inline int NF_DROP_GETERR(int verdict)
 {
@@ -342,7 +273,7 @@ extern int nf_register_afinfo(const struct nf_afinfo *afinfo);
 extern void nf_unregister_afinfo(const struct nf_afinfo *afinfo);
 
 #include <net/flow.h>
-extern void (*ip_nat_decode_session)(struct sk_buff *, struct flowi *);
+extern void (*nf_nat_decode_session_hook)(struct sk_buff *, struct flowi *);
 
 static inline void
 nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family)
@@ -350,13 +281,11 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family)
 #ifdef CONFIG_NF_NAT_NEEDED
 	void (*decodefn)(struct sk_buff *, struct flowi *);
 
-	if (family == AF_INET) {
-		rcu_read_lock();
-		decodefn = rcu_dereference(ip_nat_decode_session);
-		if (decodefn)
-			decodefn(skb, fl);
-		rcu_read_unlock();
-	}
+	rcu_read_lock();
+	decodefn = rcu_dereference(nf_nat_decode_session_hook);
+	if (decodefn)
+		decodefn(skb, fl);
+	rcu_read_unlock();
 #endif
 }
 
@@ -413,5 +342,4 @@ extern struct nfq_ct_nat_hook __rcu *nfq_ct_nat_hook;
 static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
 #endif
 
-#endif /*__KERNEL__*/
 #endif /*__LINUX_NETFILTER_H*/