libxt_comment.c revision 18992db3bfdb3b695cae12b53434f560cbf8e2ae
1/* Shared library add-on to iptables to add comment match support. 2 * 3 * ChangeLog 4 * 2003-05-13: Brad Fisher <brad@info-link.net> 5 * Initial comment match 6 * 2004-05-12: Brad Fisher <brad@info-link.net> 7 * Port to patch-o-matic-ng 8 */ 9#include <stdio.h> 10#include <string.h> 11#include <stdlib.h> 12#include <getopt.h> 13 14#include <xtables.h> 15#include <linux/netfilter/xt_comment.h> 16 17/* Function which prints out usage message. */ 18static void 19help(void) 20{ 21 printf( 22 "COMMENT match options:\n" 23 "--comment COMMENT Attach a comment to a rule\n\n" 24 ); 25} 26 27static struct option opts[] = { 28 { "comment", 1, 0, '1' }, 29 {0} 30}; 31 32static void 33parse_comment(const char *s, struct xt_comment_info *info) 34{ 35 int slen = strlen(s); 36 37 if (slen >= XT_MAX_COMMENT_LEN) { 38 exit_error(PARAMETER_PROBLEM, 39 "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); 40 } 41 strcpy((char *)info->comment, s); 42} 43 44/* Function which parses command options; returns true if it 45 ate an option */ 46static int 47parse(int c, char **argv, int invert, unsigned int *flags, 48 const void *entry, 49 unsigned int *nfcache, 50 struct xt_entry_match **match) 51{ 52 struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data; 53 54 switch (c) { 55 case '1': 56 check_inverse(argv[optind-1], &invert, &optind, 0); 57 if (invert) { 58 exit_error(PARAMETER_PROBLEM, 59 "Sorry, you can't have an inverted comment"); 60 } 61 parse_comment(argv[optind-1], commentinfo); 62 *flags = 1; 63 break; 64 65 default: 66 return 0; 67 } 68 return 1; 69} 70 71/* Final check; must have specified --comment. */ 72static void 73final_check(unsigned int flags) 74{ 75 if (!flags) 76 exit_error(PARAMETER_PROBLEM, 77 "COMMENT match: You must specify `--comment'"); 78} 79 80/* Prints out the matchinfo. */ 81static void 82print(const void *ip, 83 const struct xt_entry_match *match, 84 int numeric) 85{ 86 struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data; 87 88 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 89 printf("/* %s */ ", commentinfo->comment); 90} 91 92/* Saves the union ipt_matchinfo in parsable form to stdout. */ 93static void 94save(const void *ip, const struct xt_entry_match *match) 95{ 96 struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data; 97 98 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 99 printf("--comment \"%s\" ", commentinfo->comment); 100} 101 102static struct xtables_match comment = { 103 .family = AF_INET, 104 .name = "comment", 105 .version = IPTABLES_VERSION, 106 .size = XT_ALIGN(sizeof(struct xt_comment_info)), 107 .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), 108 .help = &help, 109 .parse = &parse, 110 .final_check = &final_check, 111 .print = &print, 112 .save = &save, 113 .extra_opts = opts 114}; 115 116static struct xtables_match comment6 = { 117 .family = AF_INET6, 118 .name = "comment", 119 .version = IPTABLES_VERSION, 120 .size = XT_ALIGN(sizeof(struct xt_comment_info)), 121 .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), 122 .help = &help, 123 .parse = &parse, 124 .final_check = &final_check, 125 .print = &print, 126 .save = &save, 127 .extra_opts = opts 128}; 129 130void _init(void) 131{ 132 xtables_register_match(&comment); 133 xtables_register_match(&comment6); 134} 135