libxt_comment.c revision d09b6d591ca7d7d7575cb6aa20384c9830f777ab
1/* Shared library add-on to iptables to add comment match support. 2 * 3 * ChangeLog 4 * 2003-05-13: Brad Fisher <brad@info-link.net> 5 * Initial comment match 6 * 2004-05-12: Brad Fisher <brad@info-link.net> 7 * Port to patch-o-matic-ng 8 */ 9#include <stdbool.h> 10#include <stdio.h> 11#include <string.h> 12#include <stdlib.h> 13#include <getopt.h> 14 15#include <xtables.h> 16#include <linux/netfilter/xt_comment.h> 17 18static void comment_help(void) 19{ 20 printf( 21 "comment match options:\n" 22 "--comment COMMENT Attach a comment to a rule\n"); 23} 24 25static const struct option comment_opts[] = { 26 {.name = "comment", .has_arg = true, .val = '1'}, 27 XT_GETOPT_TABLEEND, 28}; 29 30static void 31parse_comment(const char *s, struct xt_comment_info *info) 32{ 33 int slen = strlen(s); 34 35 if (slen >= XT_MAX_COMMENT_LEN) { 36 xtables_error(PARAMETER_PROBLEM, 37 "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); 38 } 39 strcpy((char *)info->comment, s); 40} 41 42static int 43comment_parse(int c, char **argv, int invert, unsigned int *flags, 44 const void *entry, struct xt_entry_match **match) 45{ 46 struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data; 47 48 switch (c) { 49 case '1': 50 xtables_check_inverse(optarg, &invert, &optind, 0, argv); 51 if (invert) { 52 xtables_error(PARAMETER_PROBLEM, 53 "Sorry, you can't have an inverted comment"); 54 } 55 parse_comment(optarg, commentinfo); 56 *flags = 1; 57 break; 58 } 59 return 1; 60} 61 62static void comment_check(unsigned int flags) 63{ 64 if (!flags) 65 xtables_error(PARAMETER_PROBLEM, 66 "COMMENT match: You must specify `--comment'"); 67} 68 69static void 70comment_print(const void *ip, const struct xt_entry_match *match, int numeric) 71{ 72 struct xt_comment_info *commentinfo = (void *)match->data; 73 74 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 75 printf("/* %s */ ", commentinfo->comment); 76} 77 78/* Saves the union ipt_matchinfo in parsable form to stdout. */ 79static void 80comment_save(const void *ip, const struct xt_entry_match *match) 81{ 82 struct xt_comment_info *commentinfo = (void *)match->data; 83 84 commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; 85 printf("--comment "); 86 xtables_save_string(commentinfo->comment); 87} 88 89static struct xtables_match comment_match = { 90 .family = NFPROTO_UNSPEC, 91 .name = "comment", 92 .version = XTABLES_VERSION, 93 .size = XT_ALIGN(sizeof(struct xt_comment_info)), 94 .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), 95 .help = comment_help, 96 .parse = comment_parse, 97 .final_check = comment_check, 98 .print = comment_print, 99 .save = comment_save, 100 .extra_opts = comment_opts, 101}; 102 103void _init(void) 104{ 105 xtables_register_match(&comment_match); 106} 107