1 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2 /* IPv4-specific defines for netfilter. 3 * (C)1998 Rusty Russell -- This code is GPL. 4 */ 5 #ifndef _UAPI__LINUX_IP_NETFILTER_H 6 #define _UAPI__LINUX_IP_NETFILTER_H 7 8 9 #include <linux/netfilter.h> 10 11 /* only for userspace compatibility */ 12 #ifndef __KERNEL__ 13 14 #include <limits.h> /* for INT_MIN, INT_MAX */ 15 16 /* IP Hooks */ 17 /* After promisc drops, checksum checks. */ 18 #define NF_IP_PRE_ROUTING 0 19 /* If the packet is destined for this box. */ 20 #define NF_IP_LOCAL_IN 1 21 /* If the packet is destined for another interface. */ 22 #define NF_IP_FORWARD 2 23 /* Packets coming from a local process. */ 24 #define NF_IP_LOCAL_OUT 3 25 /* Packets about to hit the wire. */ 26 #define NF_IP_POST_ROUTING 4 27 #define NF_IP_NUMHOOKS 5 28 #endif /* ! __KERNEL__ */ 29 30 enum nf_ip_hook_priorities { 31 NF_IP_PRI_FIRST = INT_MIN, 32 NF_IP_PRI_RAW_BEFORE_DEFRAG = -450, 33 NF_IP_PRI_CONNTRACK_DEFRAG = -400, 34 NF_IP_PRI_RAW = -300, 35 NF_IP_PRI_SELINUX_FIRST = -225, 36 NF_IP_PRI_CONNTRACK = -200, 37 NF_IP_PRI_MANGLE = -150, 38 NF_IP_PRI_NAT_DST = -100, 39 NF_IP_PRI_FILTER = 0, 40 NF_IP_PRI_SECURITY = 50, 41 NF_IP_PRI_NAT_SRC = 100, 42 NF_IP_PRI_SELINUX_LAST = 225, 43 NF_IP_PRI_CONNTRACK_HELPER = 300, 44 NF_IP_PRI_CONNTRACK_CONFIRM = INT_MAX, 45 NF_IP_PRI_LAST = INT_MAX, 46 }; 47 48 /* Arguments for setsockopt SOL_IP: */ 49 /* 2.0 firewalling went from 64 through 71 (and +256, +512, etc). */ 50 /* 2.2 firewalling (+ masq) went from 64 through 76 */ 51 /* 2.4 firewalling went 64 through 67. */ 52 #define SO_ORIGINAL_DST 80 53 54 55 #endif /* _UAPI__LINUX_IP_NETFILTER_H */ 56