include/uapi/linux/netfilter_ipv4.h

   1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
   2 /* IPv4-specific defines for netfilter.
   3  * (C)1998 Rusty Russell -- This code is GPL.
   4  */
   5 #ifndef __LINUX_IP_NETFILTER_H
   6 #define __LINUX_IP_NETFILTER_H
   7
   8
   9 #include <linux/netfilter.h>
  10
  11 /* only for userspace compatibility */
  12
  13 #include <limits.h> /* for INT_MIN, INT_MAX */
  14
  15 /* IP Hooks */
  16 /* After promisc drops, checksum checks. */
  17 #define NF_IP_PRE_ROUTING       0
  18 /* If the packet is destined for this box. */
  19 #define NF_IP_LOCAL_IN          1
  20 /* If the packet is destined for another interface. */
  21 #define NF_IP_FORWARD           2
  22 /* Packets coming from a local process. */
  23 #define NF_IP_LOCAL_OUT         3
  24 /* Packets about to hit the wire. */
  25 #define NF_IP_POST_ROUTING      4
  26 #define NF_IP_NUMHOOKS          5
  27
  28 enum nf_ip_hook_priorities {
  29         NF_IP_PRI_FIRST = INT_MIN,
  30         NF_IP_PRI_RAW_BEFORE_DEFRAG = -450,
  31         NF_IP_PRI_CONNTRACK_DEFRAG = -400,
  32         NF_IP_PRI_RAW = -300,
  33         NF_IP_PRI_SELINUX_FIRST = -225,
  34         NF_IP_PRI_CONNTRACK = -200,
  35         NF_IP_PRI_MANGLE = -150,
  36         NF_IP_PRI_NAT_DST = -100,
  37         NF_IP_PRI_FILTER = 0,
  38         NF_IP_PRI_SECURITY = 50,
  39         NF_IP_PRI_NAT_SRC = 100,
  40         NF_IP_PRI_SELINUX_LAST = 225,
  41         NF_IP_PRI_CONNTRACK_HELPER = 300,
  42         NF_IP_PRI_CONNTRACK_CONFIRM = INT_MAX,
  43         NF_IP_PRI_LAST = INT_MAX,
  44 };
  45
  46 /* Arguments for setsockopt SOL_IP: */
  47 /* 2.0 firewalling went from 64 through 71 (and +256, +512, etc). */
  48 /* 2.2 firewalling (+ masq) went from 64 through 76 */
  49 /* 2.4 firewalling went 64 through 67. */
  50 #define SO_ORIGINAL_DST 80
  51
  52
  53 #endif /* __LINUX_IP_NETFILTER_H */