2 * m_xt.c xtables based targets
3 * utilities mostly ripped from iptables <duh, its the linux way>
5 * This program is free software; you can distribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
10 * Authors: J Hadi Salim (hadi@cyberus.ca)
13 /*XXX: in the future (xtables 1.4.3?) get rid of everything tagged
14 * as TC_CONFIG_XT_H */
17 #include <sys/socket.h>
18 #include <netinet/in.h>
19 #include <arpa/inet.h>
21 #include <linux/netfilter.h>
22 #include <linux/netfilter_ipv4/ip_tables.h>
26 #include <linux/tc_act/tc_ipt.h>
41 #include "xt-internal.h"
44 static const char *pname = "tc-ipt";
45 static const char *tname = "mangle";
46 static const char *pversion = "0.2";
48 static const char *ipthooks[] = {
56 static struct option original_opts[] = {
61 static struct option *opts = original_opts;
62 static unsigned int global_option_offset = 0;
64 const char *program_version = XTABLES_VERSION;
65 const char *program_name = "tc-ipt";
66 struct afinfo afinfo = {
68 .libprefix = "libxt_",
69 .ipproto = IPPROTO_IP,
71 .so_rev_target = IPT_SO_GET_REVISION_TARGET,
75 #define OPTION_OFFSET 256
77 /*XXX: TC_CONFIG_XT_H */
78 static void free_opts(struct option *local_opts)
80 if (local_opts != original_opts) {
83 global_option_offset = 0;
87 /*XXX: TC_CONFIG_XT_H */
88 static struct option *
89 merge_options(struct option *oldopts, const struct option *newopts,
90 unsigned int *option_offset)
93 unsigned int num_old, num_new, i;
95 for (num_old = 0; oldopts[num_old].name; num_old++) ;
96 for (num_new = 0; newopts[num_new].name; num_new++) ;
98 *option_offset = global_option_offset + OPTION_OFFSET;
100 merge = malloc(sizeof (struct option) * (num_new + num_old + 1));
101 memcpy(merge, oldopts, num_old * sizeof (struct option));
102 for (i = 0; i < num_new; i++) {
103 merge[num_old + i] = newopts[i];
104 merge[num_old + i].val += *option_offset;
106 memset(merge + num_old + num_new, 0, sizeof (struct option));
112 /*XXX: TC_CONFIG_XT_H */
120 /*XXX: TC_CONFIG_XT_H */
122 check_inverse(const char option[], int *invert, int *my_optind, int argc)
124 if (option && strcmp(option, "!") == 0) {
126 exit_error(PARAMETER_PROBLEM,
127 "Multiple `!' flags not allowed");
129 if (my_optind != NULL) {
131 if (argc && *my_optind > argc)
132 exit_error(PARAMETER_PROBLEM,
133 "no argument following `!'");
141 /*XXX: TC_CONFIG_XT_H */
142 void exit_error(enum exittype status, const char *msg, ...)
147 fprintf(stderr, "%s v%s: ", pname, pversion);
148 vfprintf(stderr, msg, args);
150 fprintf(stderr, "\n");
151 /* On error paths, make sure that we don't leak memory */
155 /*XXX: TC_CONFIG_XT_H */
156 static void set_revision(char *name, u_int8_t revision)
158 /* Old kernel sources don't have ".revision" field,
159 * but we stole a byte from name. */
160 name[IPT_FUNCTION_MAXNAMELEN - 2] = '\0';
161 name[IPT_FUNCTION_MAXNAMELEN - 1] = revision;
165 * we may need to check for version mismatch
168 build_st(struct xtables_target *target, struct xt_entry_target *t)
172 XT_ALIGN(sizeof (struct xt_entry_target)) + target->size;
175 target->t = fw_calloc(1, size);
176 target->t->u.target_size = size;
177 strcpy(target->t->u.user.name, target->name);
178 set_revision(target->t->u.user.name, target->revision);
180 if (target->init != NULL)
181 target->init(target->t);
189 inline void set_lib_dir(void)
192 lib_dir = getenv("XTABLES_LIBDIR");
194 lib_dir = getenv("IPTABLES_LIB_DIR");
196 fprintf(stderr, "using deprecated IPTABLES_LIB_DIR \n");
199 lib_dir = XT_LIB_DIR;
203 static int parse_ipt(struct action_util *a,int *argc_p,
204 char ***argv_p, int tca_id, struct nlmsghdr *n)
206 struct xtables_target *m = NULL;
211 char **argv = *argv_p;
212 int argc = 0, iargc = 0;
217 __u32 hook = 0, index = 0;
224 for (i = 0; i < rargc; i++) {
225 if (NULL == argv[i] || 0 == strcmp(argv[i], "action")) {
233 fprintf(stderr,"bad arguements to ipt %d vs %d \n", argc, rargc);
238 c = getopt_long(argc, argv, "j:", opts, NULL);
243 m = find_target(optarg, TRY_LOAD);
246 if (0 > build_st(m, NULL)) {
247 printf(" %s error \n", m->name);
251 merge_options(opts, m->extra_opts,
254 fprintf(stderr," failed to find target %s\n\n", optarg);
261 memset(&fw, 0, sizeof (fw));
263 m->parse(c - m->option_offset, argv, 0,
264 &m->tflags, NULL, &m->t);
266 fprintf(stderr," failed to find target %s\n\n", optarg);
276 if (iargc > optind) {
277 if (matches(argv[optind], "index") == 0) {
278 if (get_u32(&index, argv[optind + 1], 10)) {
279 fprintf(stderr, "Illegal \"index\"\n");
290 fprintf(stderr," ipt Parser BAD!! (%s)\n", *argv);
294 /* check that we passed the correct parameters to the target */
296 m->final_check(m->tflags);
299 struct tcmsg *t = NLMSG_DATA(n);
300 if (t->tcm_parent != TC_H_ROOT
301 && t->tcm_parent == TC_H_MAJ(TC_H_INGRESS)) {
302 hook = NF_IP_PRE_ROUTING;
304 hook = NF_IP_POST_ROUTING;
308 tail = NLMSG_TAIL(n);
309 addattr_l(n, MAX_MSG, tca_id, NULL, 0);
310 fprintf(stdout, "tablename: %s hook: %s\n ", tname, ipthooks[hook]);
311 fprintf(stdout, "\ttarget: ");
314 m->print(NULL, m->t, 0);
315 fprintf(stdout, " index %d\n", index);
317 if (strlen(tname) > 16) {
321 size = 1 + strlen(tname);
323 strncpy(k, tname, size);
325 addattr_l(n, MAX_MSG, TCA_IPT_TABLE, k, size);
326 addattr_l(n, MAX_MSG, TCA_IPT_HOOK, &hook, 4);
327 addattr_l(n, MAX_MSG, TCA_IPT_INDEX, &index, 4);
329 addattr_l(n, MAX_MSG, TCA_IPT_TARG, m->t, m->t->u.target_size);
330 tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;
334 *argc_p = rargc - iargc;
339 /* Clear flags if target will be used again */
342 /* Free allocated memory */
352 print_ipt(struct action_util *au,FILE * f, struct rtattr *arg)
354 struct rtattr *tb[TCA_IPT_MAX + 1];
355 struct xt_entry_target *t = NULL;
362 parse_rtattr_nested(tb, TCA_IPT_MAX, arg);
364 if (tb[TCA_IPT_TABLE] == NULL) {
365 fprintf(f, "[NULL ipt table name ] assuming mangle ");
367 fprintf(f, "tablename: %s ",
368 (char *) RTA_DATA(tb[TCA_IPT_TABLE]));
371 if (tb[TCA_IPT_HOOK] == NULL) {
372 fprintf(f, "[NULL ipt hook name ]\n ");
376 hook = *(__u32 *) RTA_DATA(tb[TCA_IPT_HOOK]);
377 fprintf(f, " hook: %s \n", ipthooks[hook]);
380 if (tb[TCA_IPT_TARG] == NULL) {
381 fprintf(f, "\t[NULL ipt target parameters ] \n");
384 struct xtables_target *m = NULL;
385 t = RTA_DATA(tb[TCA_IPT_TARG]);
386 m = find_target(t->u.user.name, TRY_LOAD);
388 if (0 > build_st(m, t)) {
389 fprintf(stderr, " %s error \n", m->name);
394 merge_options(opts, m->extra_opts,
397 fprintf(stderr, " failed to find target %s\n\n",
401 fprintf(f, "\ttarget ");
402 m->print(NULL, m->t, 0);
403 if (tb[TCA_IPT_INDEX] == NULL) {
404 fprintf(f, " [NULL ipt target index ]\n");
407 index = *(__u32 *) RTA_DATA(tb[TCA_IPT_INDEX]);
408 fprintf(f, " \n\tindex %d", index);
411 if (tb[TCA_IPT_CNT]) {
412 struct tc_cnt *c = RTA_DATA(tb[TCA_IPT_CNT]);;
413 fprintf(f, " ref %d bind %d", c->refcnt, c->bindcnt);
416 if (tb[TCA_IPT_TM]) {
417 struct tcf_t *tm = RTA_DATA(tb[TCA_IPT_TM]);
429 struct action_util ipt_action_util = {
431 .parse_aopt = parse_ipt,
432 .print_aopt = print_ipt,
projects / lisovros / iproute2_canprio.git / blob