libxt_comment.c revision 32b8e61e4e5bd405d9ad07bf9468498dfbb19f9e
1/* Shared library add-on to iptables to add comment match support. 2 * 3 * ChangeLog 4 * 2003-05-13: Brad Fisher <brad@info-link.net> 5 * Initial comment match 6 * 2004-05-12: Brad Fisher <brad@info-link.net> 7 * Port to patch-o-matic-ng 8 */ 9#include <stdbool.h> 10#include <stdio.h> 11#include <string.h> 12#include <stdlib.h> 13#include <getopt.h> 14 15#include <xtables.h> 16#include <linux/netfilter/xt_comment.h> 17 18static void comment_help(void) 19{ 20 printf( 21 "comment match options:\n" 22 "--comment COMMENT Attach a comment to a rule\n"); 23} 24 25static const struct option comment_opts[] = { 26 {.name = "comment", .has_arg = true, .val = '1'}, 27 XT_GETOPT_TABLEEND, 28}; 29 30static void 31parse_comment(const char *s, struct xt_comment_info *info) 32{ 33 int slen = strlen(s); 34 35 if (slen >= XT_MAX_COMMENT_LEN) { 36 xtables_error(PARAMETER_PROBLEM, 37 "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); 38 } 39 strcpy((char *)info->comment, s); 40} 41 42static int 43comment_parse(int c, char **argv, int invert, unsigned int *flags, 44 const void *entry, struct xt_entry_match **match) 45{ 46 struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data; 47 48 switch (c) { 49 case '1': 50 xtables_check_inverse(optarg, &invert, &optind, 0, argv); 51 if (invert) { 52 xtables_error(PARAMETER_PROBLEM, 53 "Sorry, you can't have an inverted comment"); 54 } 55 parse_comment(optarg, commentinfo); 56 *flags = 1; 57 break; 58 59 default: 60 return 0; 61 } 62 return 1; 63} 64 65static void comment_check(unsigned int flags) 66{ 67 if (!flags) 68 xtables_error(PARAMETER_PROBLEM, 69 "COMMENT match: You must specify `--comment'"); 70} 71 72static void 73comment_print(const void *ip, const struct xt_entry_match *match, int numeric) 74{ 75 struct xt_comment_info *commentinfo = (void *)match->data; 76 77 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 78 printf("/* %s */ ", commentinfo->comment); 79} 80 81/* Saves the union ipt_matchinfo in parsable form to stdout. */ 82static void 83comment_save(const void *ip, const struct xt_entry_match *match) 84{ 85 struct xt_comment_info *commentinfo = (void *)match->data; 86 87 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 88 printf("--comment "); 89 xtables_save_string((const char *)commentinfo->comment); 90} 91 92static struct xtables_match comment_match = { 93 .family = NFPROTO_UNSPEC, 94 .name = "comment", 95 .version = XTABLES_VERSION, 96 .size = XT_ALIGN(sizeof(struct xt_comment_info)), 97 .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), 98 .help = comment_help, 99 .parse = comment_parse, 100 .final_check = comment_check, 101 .print = comment_print, 102 .save = comment_save, 103 .extra_opts = comment_opts, 104}; 105 106void _init(void) 107{ 108 xtables_register_match(&comment_match); 109} 110