libxt_comment.c revision bf97128c7262f17a02fec41cdae75b472ba77f88
1/* Shared library add-on to iptables to add comment match support. 2 * 3 * ChangeLog 4 * 2003-05-13: Brad Fisher <brad@info-link.net> 5 * Initial comment match 6 * 2004-05-12: Brad Fisher <brad@info-link.net> 7 * Port to patch-o-matic-ng 8 */ 9#include <stdio.h> 10#include <string.h> 11#include <stdlib.h> 12#include <getopt.h> 13 14#include <xtables.h> 15#include <linux/netfilter/xt_comment.h> 16 17static void comment_help(void) 18{ 19 printf( 20 "comment match options:\n" 21 "--comment COMMENT Attach a comment to a rule\n"); 22} 23 24static const struct option comment_opts[] = { 25 { "comment", 1, NULL, '1' }, 26 { .name = NULL } 27}; 28 29static void 30parse_comment(const char *s, struct xt_comment_info *info) 31{ 32 int slen = strlen(s); 33 34 if (slen >= XT_MAX_COMMENT_LEN) { 35 xtables_error(PARAMETER_PROBLEM, 36 "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); 37 } 38 strcpy((char *)info->comment, s); 39} 40 41static int 42comment_parse(int c, char **argv, int invert, unsigned int *flags, 43 const void *entry, struct xt_entry_match **match) 44{ 45 struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data; 46 47 switch (c) { 48 case '1': 49 xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv); 50 if (invert) { 51 xtables_error(PARAMETER_PROBLEM, 52 "Sorry, you can't have an inverted comment"); 53 } 54 parse_comment(argv[optind-1], commentinfo); 55 *flags = 1; 56 break; 57 58 default: 59 return 0; 60 } 61 return 1; 62} 63 64static void comment_check(unsigned int flags) 65{ 66 if (!flags) 67 xtables_error(PARAMETER_PROBLEM, 68 "COMMENT match: You must specify `--comment'"); 69} 70 71static void 72comment_print(const void *ip, const struct xt_entry_match *match, int numeric) 73{ 74 struct xt_comment_info *commentinfo = (void *)match->data; 75 76 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 77 printf("/* %s */ ", commentinfo->comment); 78} 79 80/* Saves the union ipt_matchinfo in parsable form to stdout. */ 81static void 82comment_save(const void *ip, const struct xt_entry_match *match) 83{ 84 struct xt_comment_info *commentinfo = (void *)match->data; 85 86 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 87 printf("--comment "); 88 xtables_save_string((const char *)commentinfo->comment); 89} 90 91static struct xtables_match comment_match = { 92 .family = NFPROTO_UNSPEC, 93 .name = "comment", 94 .version = XTABLES_VERSION, 95 .size = XT_ALIGN(sizeof(struct xt_comment_info)), 96 .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), 97 .help = comment_help, 98 .parse = comment_parse, 99 .final_check = comment_check, 100 .print = comment_print, 101 .save = comment_save, 102 .extra_opts = comment_opts, 103}; 104 105void _init(void) 106{ 107 xtables_register_match(&comment_match); 108} 109