+#define C(f, tbl, tgt, fmt) \
+ { FW3_FAMILY_##f, FW3_TABLE_##tbl, FW3_FLAG_##tgt, fmt }
+
+static const struct fw3_chain_spec zone_chains[] = {
+ C(ANY, FILTER, UNSPEC, "zone_%s_input"),
+ C(ANY, FILTER, UNSPEC, "zone_%s_output"),
+ C(ANY, FILTER, UNSPEC, "zone_%s_forward"),
+
+ C(ANY, FILTER, SRC_ACCEPT, "zone_%s_src_ACCEPT"),
+ C(ANY, FILTER, SRC_REJECT, "zone_%s_src_REJECT"),
+ C(ANY, FILTER, SRC_DROP, "zone_%s_src_DROP"),
+
+ C(ANY, FILTER, ACCEPT, "zone_%s_dest_ACCEPT"),
+ C(ANY, FILTER, REJECT, "zone_%s_dest_REJECT"),
+ C(ANY, FILTER, DROP, "zone_%s_dest_DROP"),
+
+ C(V4, NAT, SNAT, "zone_%s_postrouting"),
+ C(V4, NAT, DNAT, "zone_%s_prerouting"),
+
+ C(ANY, RAW, NOTRACK, "zone_%s_notrack"),
+
+ C(ANY, FILTER, CUSTOM_CHAINS, "input_%s_rule"),
+ C(ANY, FILTER, CUSTOM_CHAINS, "output_%s_rule"),
+ C(ANY, FILTER, CUSTOM_CHAINS, "forwarding_%s_rule"),
+
+ C(V4, NAT, CUSTOM_CHAINS, "prerouting_%s_rule"),
+ C(V4, NAT, CUSTOM_CHAINS, "postrouting_%s_rule"),
+
+ { }
+};
+
+const struct fw3_option fw3_zone_opts[] = {
+ FW3_OPT("enabled", bool, zone, enabled),
+