|
@@ -0,0 +1,67 @@
|
|
|
+From e58f33cc84bc089c430ac955f3cad6380ae98591 Mon Sep 17 00:00:00 2001
|
|
|
+From: Florian Westphal <[email protected]>
|
|
|
+Date: Thu, 7 Dec 2017 16:28:23 +0100
|
|
|
+Subject: [PATCH] netfilter: add defines for arp/decnet max hooks
|
|
|
+
|
|
|
+The kernel already has defines for this, but they are in uapi exposed
|
|
|
+headers.
|
|
|
+
|
|
|
+Including these from netns.h causes build errors and also adds unneeded
|
|
|
+dependencies on heads that we don't need.
|
|
|
+
|
|
|
+So move these defines to netfilter_defs.h and place the uapi ones
|
|
|
+in ifndef __KERNEL__ to keep them for userspace.
|
|
|
+
|
|
|
+Signed-off-by: Florian Westphal <[email protected]>
|
|
|
+Signed-off-by: Pablo Neira Ayuso <[email protected]>
|
|
|
+---
|
|
|
+ include/linux/netfilter_defs.h | 6 ++++++
|
|
|
+ include/uapi/linux/netfilter_arp.h | 3 +++
|
|
|
+ include/uapi/linux/netfilter_decnet.h | 4 +++-
|
|
|
+ 3 files changed, 12 insertions(+), 1 deletion(-)
|
|
|
+
|
|
|
+--- a/include/linux/netfilter_defs.h
|
|
|
++++ b/include/linux/netfilter_defs.h
|
|
|
+@@ -7,4 +7,10 @@
|
|
|
+ /* Largest hook number + 1, see uapi/linux/netfilter_decnet.h */
|
|
|
+ #define NF_MAX_HOOKS 8
|
|
|
+
|
|
|
++/* in/out/forward only */
|
|
|
++#define NF_ARP_NUMHOOKS 3
|
|
|
++
|
|
|
++/* max hook is NF_DN_ROUTE (6), also see uapi/linux/netfilter_decnet.h */
|
|
|
++#define NF_DN_NUMHOOKS 7
|
|
|
++
|
|
|
+ #endif
|
|
|
+--- a/include/uapi/linux/netfilter_arp.h
|
|
|
++++ b/include/uapi/linux/netfilter_arp.h
|
|
|
+@@ -15,6 +15,9 @@
|
|
|
+ #define NF_ARP_IN 0
|
|
|
+ #define NF_ARP_OUT 1
|
|
|
+ #define NF_ARP_FORWARD 2
|
|
|
++
|
|
|
++#ifndef __KERNEL__
|
|
|
+ #define NF_ARP_NUMHOOKS 3
|
|
|
++#endif
|
|
|
+
|
|
|
+ #endif /* __LINUX_ARP_NETFILTER_H */
|
|
|
+--- a/include/uapi/linux/netfilter_decnet.h
|
|
|
++++ b/include/uapi/linux/netfilter_decnet.h
|
|
|
+@@ -24,6 +24,9 @@
|
|
|
+ #define NFC_DN_IF_IN 0x0004
|
|
|
+ /* Output device. */
|
|
|
+ #define NFC_DN_IF_OUT 0x0008
|
|
|
++
|
|
|
++/* kernel define is in netfilter_defs.h */
|
|
|
++#define NF_DN_NUMHOOKS 7
|
|
|
+ #endif /* ! __KERNEL__ */
|
|
|
+
|
|
|
+ /* DECnet Hooks */
|
|
|
+@@ -41,7 +44,6 @@
|
|
|
+ #define NF_DN_HELLO 5
|
|
|
+ /* Input Routing Packets */
|
|
|
+ #define NF_DN_ROUTE 6
|
|
|
+-#define NF_DN_NUMHOOKS 7
|
|
|
+
|
|
|
+ enum nf_dn_hook_priorities {
|
|
|
+ NF_DN_PRI_FIRST = INT_MIN,
|