#ifndef _IPT_ACCOUNT_H
#define _IPT_ACCOUNT_H
+#define ACCOUNT_MAX_TABLES 32
#define ACCOUNT_TABLE_NAME_LEN 32
+#define ACCOUNT_MAX_HANDLES 10
+/* Structure for the userspace part of ipt_ACCOUNT */
struct ipt_account_info {
u_int32_t net_ip;
u_int32_t net_mask;
int32_t table_nr;
};
+/* Internal table structure, generated by check_entry() */
+struct ipt_account_table
+{
+ char name[ACCOUNT_TABLE_NAME_LEN]; /* name of the table */
+ unsigned int ip; /* base IP of network */
+ unsigned int netmask; /* netmask of the network */
+ unsigned char depth; /* size of network: 0: 8 bit, 1: 16bit, 2: 24 bit */
+ unsigned int refcount; /* refcount of this table. if zero, destroy it */
+ unsigned int itemcount; /* number of IPs in this table */
+ void *data; /* pointer to the actual data, depending on netmask */
+};
+
+/* Internal handle structure */
+struct ipt_account_handle
+{
+ unsigned int ip; /* base IP of network. Used for caculating the final IP during get_data() */
+ unsigned char depth; /* size of network. See above for details */
+ unsigned int itemcount; /* number of IPs in this table */
+ void *data; /* pointer to the actual data, depending on size */
+};
+
+/* Handle structure for communication with the userspace library */
+struct ipt_account_handle_sockopt
+{
+ unsigned int handle_nr; /* Used for HANDLE_FREE */
+ char name[ACCOUNT_TABLE_NAME_LEN]; /* Used for HANDLE_PREPARE_READ/READ_FLUSH */
+ unsigned int itemcount; /* Used for HANDLE_PREPARE_READ/READ_FLUSH */
+};
+
+/* Used for every IP entry */
+/* Size is 16 bytes so that 256 (class C network) * 16 fits in one kernel (zero) page */
+struct ipt_account_ip
+{
+ unsigned int src_packets;
+ unsigned int src_bytes;
+ unsigned int dst_packets;
+ unsigned int dst_bytes;
+};
+
+/*
+ Used for every IP when returning data
+*/
+struct ipt_account_handle_ip
+{
+ unsigned int ip;
+ unsigned int src_packets;
+ unsigned int src_bytes;
+ unsigned int dst_packets;
+ unsigned int dst_bytes;
+};
+
+/*
+ The IPs are organized as an array so that direct slot
+ calculations are possible.
+ Only 8 bit networks are preallocated, 16/24 bit networks
+ allocate their slots when needed -> very efficent.
+*/
+struct ipt_account_mask_24
+{
+ struct ipt_account_ip ip[256];
+};
+
+struct ipt_account_mask_16
+{
+ struct ipt_account_mask_24 *mask_24[256];
+};
+
+struct ipt_account_mask_8
+{
+ struct ipt_account_mask_16 *mask_16[256];
+};
+
#endif /*_IPT_ACCOUNT_H*/