iptables: (tomj) small header, added ipt_account.c here until we have patch-o-matic

[ipt_ACCOUNT] / linux / include / linux / netfilter_ipv4 / ipt_ACCOUNT.h

diff --git a/linux/include/linux/netfilter_ipv4/ipt_ACCOUNT.h b/linux/include/linux/netfilter_ipv4/ipt_ACCOUNT.h
index a9160ca..dc0ef91 100644 (file)
--- a/linux/include/linux/netfilter_ipv4/ipt_ACCOUNT.h
+++ b/linux/include/linux/netfilter_ipv4/ipt_ACCOUNT.h
@@ -1,8 +1,11 @@
 #ifndef _IPT_ACCOUNT_H
 #define _IPT_ACCOUNT_H
 
+#define ACCOUNT_MAX_TABLES 32
 #define ACCOUNT_TABLE_NAME_LEN 32
+#define ACCOUNT_MAX_HANDLES 10
 
+/* Structure for the userspace part of ipt_ACCOUNT */
 struct ipt_account_info {
        u_int32_t net_ip;
        u_int32_t net_mask;
@@ -10,4 +13,68 @@ struct ipt_account_info {
        int32_t table_nr;
 };
 
+/* Internal table structure, generated by check_entry() */
+struct ipt_account_table
+{
+    char name[ACCOUNT_TABLE_NAME_LEN];        /* name of the table */
+    unsigned int ip;                          /* base IP of network */
+    unsigned int netmask;                     /* netmask of the network */
+    unsigned char netsize;                    /* Number of bits used in this netmask */
+    unsigned int refcount;                    /* refcount of this table. if zero, destroy it */
+    unsigned int itemcount;                   /* number of IPs in this table */
+    void *data;                               /* pointer to the actual data, depending on netmask */
+};
+
+/* Handle structure for communication with the userspace library */
+struct ipt_account_handle
+{
+    unsigned int ip;                          /* base IP of network */
+    unsigned char netmask;                    /* netmask of the network */
+    unsigned int itemcount;                   /* number of IPs in this table */
+    void *data;                               /* pointer to the actual data, depending on netmask */
+};
+
+/* Used for every IP entry */
+/* Size is 16 bytes so that 256 (class C network) * 16 fits in one kernel (zero) page */
+struct ipt_account_ip
+{
+    unsigned int src_packets;
+    unsigned int src_bytes;
+    unsigned int dst_packets;
+    unsigned int dst_bytes;
+};
+
+/*
+    Used for every IP when returning data
+*/
+struct ipt_account_handle_ip
+{
+    unsigned int ip;
+    unsigned int src_packets;
+    unsigned int src_bytes;
+    unsigned int dst_packets;
+    unsigned int dst_bytes;
+};
+
+/*
+    The IPs are organized as an array so that direct slot
+    calculations are possible.
+    Only 8 bit networks are preallocated, 16/24 bit networks
+    allocate their slots when needed -> very efficent.
+*/
+struct ipt_account_mask_24
+{
+    struct ipt_account_ip ip[256];    
+};
+
+struct ipt_account_mask_16
+{
+    struct ipt_account_mask_24 *mask_24[256];
+};
+
+struct ipt_account_mask_8
+{
+    struct ipt_account_mask_16 *mask_16[256];
+};
+
 #endif /*_IPT_ACCOUNT_H*/