1dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#ifndef _IP6TABLES_USER_H 2dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#define _IP6TABLES_USER_H 3dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 4dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#include "iptables_common.h" 5dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#include "libiptc/libip6tc.h" 6dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 7dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatstruct ip6tables_rule_match 8dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat{ 9dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6tables_rule_match *next; 10dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 11dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6tables_match *match; 12dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat}; 13dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 14dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat/* Include file for additions: new matches and targets. */ 15dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatstruct ip6tables_match 16dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat{ 17dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6tables_match *next; 18dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 19dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat ip6t_chainlabel name; 20dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 21dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const char *version; 22dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 23dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Size of match data. */ 24dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat size_t size; 25dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 26dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Size of match data relevent for userspace comparison purposes */ 27dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat size_t userspacesize; 28dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 29dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Function which prints out usage message. */ 30dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*help)(void); 31dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 32dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Initialize the match. */ 33dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*init)(struct ip6t_entry_match *m, unsigned int *nfcache); 34dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 35dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Function which parses command options; returns true if it 36dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat ate an option */ 37dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat int (*parse)(int c, char **argv, int invert, unsigned int *flags, 38dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry *entry, 39dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int *nfcache, 40dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6t_entry_match **match); 41dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 42dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Final check; exit if not ok. */ 43dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*final_check)(unsigned int flags); 44dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 45dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Prints out the match iff non-NULL: put space at end */ 46dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*print)(const struct ip6t_ip6 *ip, 47dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry_match *match, int numeric); 48dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 49dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Saves the union ipt_matchinfo in parsable form to stdout. */ 50dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*save)(const struct ip6t_ip6 *ip, 51dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry_match *match); 52dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 53dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Pointer to list of extra command-line options */ 54dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct option *extra_opts; 55dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 56dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Ignore these men behind the curtain: */ 57dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int option_offset; 58dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6t_entry_match *m; 59dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int mflags; 60dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#ifdef NO_SHARED_LIBS 61dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int loaded; /* simulate loading so options are merged properly */ 62dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#endif 63dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat}; 64dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 65dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatstruct ip6tables_target 66dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat{ 67dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6tables_target *next; 68dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 69dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat ip6t_chainlabel name; 70dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 71dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const char *version; 72dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 73dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Size of target data. */ 74dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat size_t size; 75dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 76dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Size of target data relevent for userspace comparison purposes */ 77dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat size_t userspacesize; 78dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 79dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Function which prints out usage message. */ 80dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*help)(void); 81dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 82dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Initialize the target. */ 83dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*init)(struct ip6t_entry_target *t, unsigned int *nfcache); 84dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 85dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Function which parses command options; returns true if it 86dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat ate an option */ 87dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat int (*parse)(int c, char **argv, int invert, unsigned int *flags, 88dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry *entry, 89dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6t_entry_target **target); 90dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 91dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Final check; exit if not ok. */ 92dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*final_check)(unsigned int flags); 93dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 94dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Prints out the target iff non-NULL: put space at end */ 95dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*print)(const struct ip6t_ip6 *ip, 96dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry_target *target, int numeric); 97dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 98dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Saves the targinfo in parsable form to stdout. */ 99dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat void (*save)(const struct ip6t_ip6 *ip, 100dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat const struct ip6t_entry_target *target); 101dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 102dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Pointer to list of extra command-line options */ 103dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct option *extra_opts; 104dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 105dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat /* Ignore these men behind the curtain: */ 106dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int option_offset; 107dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat struct ip6t_entry_target *t; 108dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int tflags; 109dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int used; 110dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#ifdef NO_SHARED_LIBS 111dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat unsigned int loaded; /* simulate loading so options are merged properly */ 112dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#endif 113dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat}; 114dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 115dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int line; 116dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 117dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat/* Your shared library should call one of these. */ 118dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern void register_match6(struct ip6tables_match *me); 119dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern void register_target6(struct ip6tables_target *me); 120dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 121dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int do_command6(int argc, char *argv[], char **table, 122dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat ip6tc_handle_t *handle); 123dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat/* Keeping track of external matches and targets: linked lists. */ 124dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern struct ip6tables_match *ip6tables_matches; 125dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern struct ip6tables_target *ip6tables_targets; 126dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 127dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatenum ip6t_tryload { 128dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat DONT_LOAD, 129dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat TRY_LOAD, 130dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat LOAD_MUST_SUCCEED 131dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat}; 132dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 133dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern struct ip6tables_target *find_target(const char *name, enum ip6t_tryload); 134dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern struct ip6tables_match *find_match(const char *name, enum ip6t_tryload, struct ip6tables_rule_match **match); 135dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 136dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int for_each_chain(int (*fn)(const ip6t_chainlabel, int, ip6tc_handle_t *), int verbose, int builtinstoo, ip6tc_handle_t *handle); 137dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int flush_entries(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 138dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int delete_chain(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 139dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehatextern int ip6tables_insmod(const char *modname, const char *modprobe); 140dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat 141dcfb7a77f8709125e97c313cb8ab6ec4d87468f4San Mehat#endif /*_IP6TABLES_USER_H*/ 142