libxt_CONNMARK.c revision 02964b869a8616b41e4c2dc899ff23921aaaa4b0
1a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom/* Shared library add-on to iptables to add CONNMARK target support. 2a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 3a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 4a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * by Henrik Nordstrom <hno@marasystems.com> 5a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 6a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * Version 1.1 7a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 8a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * This program is free software; you can redistribute it and/or modify 9a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * it under the terms of the GNU General Public License as published by 10a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * the Free Software Foundation; either version 2 of the License, or 11a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * (at your option) any later version. 12a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 13a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * This program is distributed in the hope that it will be useful, 14a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * but WITHOUT ANY WARRANTY; without even the implied warranty of 15a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * GNU General Public License for more details. 17a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 18a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * You should have received a copy of the GNU General Public License 19a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * along with this program; if not, write to the Free Software 20a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom */ 220e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <stdio.h> 230e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <string.h> 240e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <stdlib.h> 250e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <getopt.h> 260e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 270e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <iptables.h> 280e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <linux/netfilter_ipv4/ip_tables.h> 2902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#include "../include/linux/netfilter_ipv4/ipt_CONNMARK.h" 300e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 310e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#if 0 320e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestruct markinfo { 330e81d5db9ca61069e213236582deedb61dd38b45Harald Welte struct ipt_entry_target t; 340e81d5db9ca61069e213236582deedb61dd38b45Harald Welte struct ipt_connmark_target_info mark; 350e81d5db9ca61069e213236582deedb61dd38b45Harald Welte}; 360e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#endif 370e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 380e81d5db9ca61069e213236582deedb61dd38b45Harald Welte/* Function which prints out usage message. */ 390e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic void 400e81d5db9ca61069e213236582deedb61dd38b45Harald Weltehelp(void) 410e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 420e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf( 430e81d5db9ca61069e213236582deedb61dd38b45Harald Welte"CONNMARK target v%s options:\n" 44a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom" --set-mark value[/mask] Set conntrack mark value\n" 45a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom" --save-mark [--mask mask] Save the packet nfmark in the connection\n" 46a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom" --restore-mark [--mask mask] Restore saved nfmark value\n" 470e81d5db9ca61069e213236582deedb61dd38b45Harald Welte"\n", 4880fe35d6339b53a12ddaec41885613e4e37ed031Harald WelteIPTABLES_VERSION); 490e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 500e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 510e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic struct option opts[] = { 520e81d5db9ca61069e213236582deedb61dd38b45Harald Welte { "set-mark", 1, 0, '1' }, 530e81d5db9ca61069e213236582deedb61dd38b45Harald Welte { "save-mark", 0, 0, '2' }, 540e81d5db9ca61069e213236582deedb61dd38b45Harald Welte { "restore-mark", 0, 0, '3' }, 55a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom { "mask", 1, 0, '4' }, 560e81d5db9ca61069e213236582deedb61dd38b45Harald Welte { 0 } 570e81d5db9ca61069e213236582deedb61dd38b45Harald Welte}; 580e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 590e81d5db9ca61069e213236582deedb61dd38b45Harald Welte/* Initialize the target. */ 600e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic void 610e81d5db9ca61069e213236582deedb61dd38b45Harald Welteinit(struct ipt_entry_target *t, unsigned int *nfcache) 620e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 630e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 640e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 650e81d5db9ca61069e213236582deedb61dd38b45Harald Welte/* Function which parses command options; returns true if it 660e81d5db9ca61069e213236582deedb61dd38b45Harald Welte ate an option */ 670e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic int 680e81d5db9ca61069e213236582deedb61dd38b45Harald Welteparse(int c, char **argv, int invert, unsigned int *flags, 690e81d5db9ca61069e213236582deedb61dd38b45Harald Welte const struct ipt_entry *entry, 700e81d5db9ca61069e213236582deedb61dd38b45Harald Welte struct ipt_entry_target **target) 710e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 720e81d5db9ca61069e213236582deedb61dd38b45Harald Welte struct ipt_connmark_target_info *markinfo 730e81d5db9ca61069e213236582deedb61dd38b45Harald Welte = (struct ipt_connmark_target_info *)(*target)->data; 740e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 7502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#ifdef KERNEL_64_USERSPACE_32 7602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = ~0ULL; 7702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#else 7802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = ~0UL; 7902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#endif 8002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 810e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (c) { 820e81d5db9ca61069e213236582deedb61dd38b45Harald Welte char *end; 830e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '1': 840e81d5db9ca61069e213236582deedb61dd38b45Harald Welte markinfo->mode = IPT_CONNMARK_SET; 8502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#ifdef KERNEL_64_USERSPACE_32 8602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mark = strtoull(optarg, &end, 0); 8702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson if (*end == '/' && end[1] != '\0') 8802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = strtoull(end+1, &end, 0); 8902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#else 900e81d5db9ca61069e213236582deedb61dd38b45Harald Welte markinfo->mark = strtoul(optarg, &end, 0); 91a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (*end == '/' && end[1] != '\0') 92a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom markinfo->mask = strtoul(end+1, &end, 0); 9302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#endif 940e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*end != '\0' || end == optarg) 950e81d5db9ca61069e213236582deedb61dd38b45Harald Welte exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); 960e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 970e81d5db9ca61069e213236582deedb61dd38b45Harald Welte exit_error(PARAMETER_PROBLEM, 980e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --set-mark twice"); 990e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1000e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1010e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '2': 1020e81d5db9ca61069e213236582deedb61dd38b45Harald Welte markinfo->mode = IPT_CONNMARK_SAVE; 1030e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 1040e81d5db9ca61069e213236582deedb61dd38b45Harald Welte exit_error(PARAMETER_PROBLEM, 1050e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --save-mark twice"); 1060e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1070e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1080e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '3': 1090e81d5db9ca61069e213236582deedb61dd38b45Harald Welte markinfo->mode = IPT_CONNMARK_RESTORE; 1100e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 1110e81d5db9ca61069e213236582deedb61dd38b45Harald Welte exit_error(PARAMETER_PROBLEM, 1120e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --restore-mark twice"); 1130e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1140e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 115a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom case '4': 116a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (!*flags) 117a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom exit_error(PARAMETER_PROBLEM, 118a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom "CONNMARK target: Can't specify --mask without a operation"); 11902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#ifdef KERNEL_64_USERSPACE_32 12002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = strtoull(optarg, &end, 0); 12102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#else 12202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = strtoul(optarg, &end, 0); 12302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#endif 124a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (*end != '\0' || end == optarg) 12502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson exit_error(PARAMETER_PROBLEM, "Bad MASK value `%s'", optarg); 126a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom break; 1270e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 1280e81d5db9ca61069e213236582deedb61dd38b45Harald Welte return 0; 1290e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 1300e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 1310e81d5db9ca61069e213236582deedb61dd38b45Harald Welte return 1; 1320e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 1330e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 1340e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic void 1350e81d5db9ca61069e213236582deedb61dd38b45Harald Weltefinal_check(unsigned int flags) 1360e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 1370e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (!flags) 1380e81d5db9ca61069e213236582deedb61dd38b45Harald Welte exit_error(PARAMETER_PROBLEM, 139a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom "CONNMARK target: No operation specified"); 1400e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 1410e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 14202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#ifdef KERNEL_64_USERSPACE_32 14302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 14402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mark(unsigned long long mark) 14502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 14602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("0x%llx", mark); 14702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 14802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 14902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 15002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mask(const char *text, unsigned long long mask) 15102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 15202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson if (mask != ~0ULL) 15302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("%s%llx", text, mask); 15402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 15502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 15602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#else 15702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 15802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 15902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mark(unsigned long mark) 16002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 16102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("0x%lx", mark); 16202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 16302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 16402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 16502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mask(const char *text, unsigned long mask) 16602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 16702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson if (mask != ~0UL) 16802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("%s%lx", text, mask); 16902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 17002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson#endif 17102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 17202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 173a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom/* Prints out the target info. */ 1740e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic void 1750e81d5db9ca61069e213236582deedb61dd38b45Harald Welteprint(const struct ipt_ip *ip, 1760e81d5db9ca61069e213236582deedb61dd38b45Harald Welte const struct ipt_entry_target *target, 1770e81d5db9ca61069e213236582deedb61dd38b45Harald Welte int numeric) 1780e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 1790e81d5db9ca61069e213236582deedb61dd38b45Harald Welte const struct ipt_connmark_target_info *markinfo = 1800e81d5db9ca61069e213236582deedb61dd38b45Harald Welte (const struct ipt_connmark_target_info *)target->data; 1810e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (markinfo->mode) { 1820e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_SET: 18302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("CONNMARK set "); 18402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mark(markinfo->mark); 18502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("/", markinfo->mask); 186a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 1870e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1880e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_SAVE: 1890e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("CONNMARK save "); 19002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("mask ", markinfo->mask); 191a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 1920e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1930e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_RESTORE: 1940e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("CONNMARK restore "); 19502964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("mask ", markinfo->mask); 1960e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1970e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 1980e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("ERROR: UNKNOWN CONNMARK MODE "); 1990e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 2000e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 2010e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 2020e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 203a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom/* Saves the target into in parsable form to stdout. */ 2040e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic void 2050e81d5db9ca61069e213236582deedb61dd38b45Harald Weltesave(const struct ipt_ip *ip, const struct ipt_entry_target *target) 2060e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 2070e81d5db9ca61069e213236582deedb61dd38b45Harald Welte const struct ipt_connmark_target_info *markinfo = 2080e81d5db9ca61069e213236582deedb61dd38b45Harald Welte (const struct ipt_connmark_target_info *)target->data; 2090e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 2100e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (markinfo->mode) { 2110e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_SET: 21202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("--set-mark "); 21302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mark(markinfo->mark); 21402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("/", markinfo->mask); 215a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 2160e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 2170e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_SAVE: 2180e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("--save-mark "); 21902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("--mask ", markinfo->mask); 2200e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 2210e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case IPT_CONNMARK_RESTORE: 2220e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("--restore-mark "); 22302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("--mask ", markinfo->mask); 2240e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 2250e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 2260e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("ERROR: UNKNOWN CONNMARK MODE "); 2270e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 2280e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 2290e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 2300e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 231a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstromstatic struct iptables_target connmark_target = { 232a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .name = "CONNMARK", 233a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .version = IPTABLES_VERSION, 234a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .size = IPT_ALIGN(sizeof(struct ipt_connmark_target_info)), 235a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .userspacesize = IPT_ALIGN(sizeof(struct ipt_connmark_target_info)), 236a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .help = &help, 237a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .init = &init, 238a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .parse = &parse, 239a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .final_check = &final_check, 240a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .print = &print, 241a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .save = &save, 242a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom .extra_opts = opts 2430e81d5db9ca61069e213236582deedb61dd38b45Harald Welte}; 2440e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 2450e81d5db9ca61069e213236582deedb61dd38b45Harald Weltevoid _init(void) 2460e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 247a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom register_target(&connmark_target); 2480e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 249