[NETFILTER]: x_tables: unify IPv4/IPv6 esp match

This unifies ipt_esp and ip6t_esp to xt_esp. Please note that now a user program needs to specify IPPROTO_ESP as protocol to use esp match with IPv6. This means that ip6tables requires '-p esp' like iptables. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> 2006-04-01 02:22:30 -0800
committer: David S. Miller <davem@davemloft.net> 2006-04-01 02:22:30 -0800
commit: dc5ab2faece3b7473931357db7f63f596678481d (patch)
tree: d1e5fd3e805e7d2c4136459cca17d5f8ed44bfb6 /include/linux/netfilter
parent: 9606a21635cec077e1928273751b44ecc824a49d (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_esp.h b/include/linux/netfilter/xt_esp.h
new file mode 100644
index 00000000000..9380fb1c27d
--- /dev/null
+++ b/include/linux/netfilter/xt_esp.h
@@ -0,0 +1,14 @@
+#ifndef _XT_ESP_H
+#define _XT_ESP_H
+
+struct xt_esp
+{
+	u_int32_t spis[2];	/* Security Parameter Index */
+	u_int8_t  invflags;	/* Inverse flags */
+};
+
+/* Values for "invflags" field in struct xt_esp. */
+#define XT_ESP_INV_SPI	0x01	/* Invert the sense of spi. */
+#define XT_ESP_INV_MASK	0x01	/* All possible flags. */
+
+#endif /*_XT_ESP_H*/
author	Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>	2006-04-01 02:22:30 -0800
committer	David S. Miller <davem@davemloft.net>	2006-04-01 02:22:30 -0800
commit	dc5ab2faece3b7473931357db7f63f596678481d (patch)
tree	d1e5fd3e805e7d2c4136459cca17d5f8ed44bfb6 /include/linux/netfilter
parent	9606a21635cec077e1928273751b44ecc824a49d (diff)