1 From 4553ba0130bb9f0aa266cc1e4c3288a52f34eed6 Mon Sep 17 00:00:00 2001
2 From: Martin Willi <martin@revosec.ch>
3 Date: Wed, 7 Apr 2010 11:40:15 +0200
4 Subject: [PATCH] Added XFRM hooks to iptables headers
7 include/linux/netfilter.h | 2 ++
8 include/linux/netfilter_ipv4.h | 6 +++++-
9 include/linux/netfilter_ipv6.h | 6 +++++-
10 3 files changed, 12 insertions(+), 2 deletions(-)
12 diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
13 index 2eb00b6..b692c67 100644
14 --- a/include/linux/netfilter.h
15 +++ b/include/linux/netfilter.h
16 @@ -35,6 +35,8 @@ enum nf_inet_hooks {
25 diff --git a/include/linux/netfilter_ipv4.h b/include/linux/netfilter_ipv4.h
26 index 4d7ba3e..28d3ca9 100644
27 --- a/include/linux/netfilter_ipv4.h
28 +++ b/include/linux/netfilter_ipv4.h
30 #define NF_IP_LOCAL_OUT 3
31 /* Packets about to hit the wire. */
32 #define NF_IP_POST_ROUTING 4
33 -#define NF_IP_NUMHOOKS 5
34 +/* Packets going into XFRM input transformation. */
35 +#define NF_IP_XFRM_IN 5
36 +/* Packets going into XFRM output transformation. */
37 +#define NF_IP_XFRM_OUT 6
38 +#define NF_IP_NUMHOOKS 7
40 enum nf_ip_hook_priorities {
41 NF_IP_PRI_FIRST = INT_MIN,
42 diff --git a/include/linux/netfilter_ipv6.h b/include/linux/netfilter_ipv6.h
43 index 7430b39..18590a5 100644
44 --- a/include/linux/netfilter_ipv6.h
45 +++ b/include/linux/netfilter_ipv6.h
47 #define NF_IP6_LOCAL_OUT 3
48 /* Packets about to hit the wire. */
49 #define NF_IP6_POST_ROUTING 4
50 -#define NF_IP6_NUMHOOKS 5
51 +/* Packets going into XFRM input transformation. */
52 +#define NF_IP6_XFRM_IN 5
53 +/* Packets going into XFRM output transformation. */
54 +#define NF_IP6_XFRM_OUT 6
55 +#define NF_IP6_NUMHOOKS 7
58 enum nf_ip6_hook_priorities {
projects / strongswan.git / blob