ip6tables.h revision 58179b1d0d1722ea16028aa2ea9d74afc86dd5dc
17dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#ifndef _IP6TABLES_USER_H 27dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#define _IP6TABLES_USER_H 37dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 47dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#include "iptables_common.h" 57dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#include "libiptc/libip6tc.h" 67dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 78bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#ifndef IP6T_LIB_DIR 88bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#define IP6T_LIB_DIR "/usr/local/lib/iptables" 98bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#endif 108bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 118bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#ifndef IPPROTO_SCTP 128bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#define IPPROTO_SCTP 132 138bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#endif 148bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#ifndef IPPROTO_DCCP 158bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#define IPPROTO_DCCP 33 168bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#endif 178bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 188bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)struct ip6tables_rule_match 198bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles){ 208bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) struct ip6tables_rule_match *next; 217dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 227dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct ip6tables_match *match; 238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 248bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Multiple matches of the same type: the ones before 255f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) the current one are completed from parsing point of view */ 265f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) unsigned int completed; 278bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)}; 288bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 298bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)/* Include file for additions: new matches and targets. */ 308bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)struct ip6tables_match 318bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles){ 327dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct ip6tables_match *next; 337dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 34a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) ip6t_chainlabel name; 35a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 36a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) const char *version; 37a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) /* Size of match data. */ 395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) size_t size; 40a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 41a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) /* Size of match data relevent for userspace comparison purposes */ 428bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) size_t userspacesize; 438bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) /* Function which prints out usage message. */ 455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void (*help)(void); 465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 477dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Initialize the match. */ 487dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch void (*init)(struct ip6t_entry_match *m, unsigned int *nfcache); 498bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 508bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Function which parses command options; returns true if it 518bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ate an option */ 52424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) int (*parse)(int c, char **argv, int invert, unsigned int *flags, 53424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) const struct ip6t_entry *entry, 548bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int *nfcache, 558bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) struct ip6t_entry_match **match); 568bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 578bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Final check; exit if not ok. */ 587dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch void (*final_check)(unsigned int flags); 597dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 607dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Prints out the match iff non-NULL: put space at end */ 618bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) void (*print)(const struct ip6t_ip6 *ip, 627dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const struct ip6t_entry_match *match, int numeric); 637dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 647dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Saves the union ipt_matchinfo in parsable form to stdout. */ 657dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch void (*save)(const struct ip6t_ip6 *ip, 667dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const struct ip6t_entry_match *match); 678bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 687dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Pointer to list of extra command-line options */ 697dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const struct option *extra_opts; 707dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 717dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Ignore these men behind the curtain: */ 727dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch unsigned int option_offset; 738bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) struct ip6t_entry_match *m; 748bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int mflags; 758bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#ifdef NO_SHARED_LIBS 768bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int loaded; /* simulate loading so options are merged properly */ 778bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#endif 787dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch}; 797dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 807dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdochstruct ip6tables_target 817dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch{ 827dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct ip6tables_target *next; 838bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 847dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch ip6t_chainlabel name; 857dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 867dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const char *version; 877dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 887dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Size of target data. */ 897dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch size_t size; 907dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 918bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Size of target data relevent for userspace comparison purposes */ 928bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) size_t userspacesize; 938bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 94a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) /* Function which prints out usage message. */ 958bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) void (*help)(void); 968bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 978bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Initialize the target. */ 988bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) void (*init)(struct ip6t_entry_target *t, unsigned int *nfcache); 998bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1008bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Function which parses command options; returns true if it 1018bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ate an option */ 1028bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) int (*parse)(int c, char **argv, int invert, unsigned int *flags, 1037dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch const struct ip6t_entry *entry, 1047dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct ip6t_entry_target **target); 1057dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 1067dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Final check; exit if not ok. */ 1077dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch void (*final_check)(unsigned int flags); 1087dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 1098bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Prints out the target iff non-NULL: put space at end */ 1108bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) void (*print)(const struct ip6t_ip6 *ip, 1118bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const struct ip6t_entry_target *target, int numeric); 1128bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1138bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) /* Saves the targinfo in parsable form to stdout. */ 1148bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) void (*save)(const struct ip6t_ip6 *ip, 1158bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) const struct ip6t_entry_target *target); 1168bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1177dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Pointer to list of extra command-line options */ 1187dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct option *extra_opts; 1197dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 1207dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch /* Ignore these men behind the curtain: */ 1217dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch unsigned int option_offset; 1227dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch struct ip6t_entry_target *t; 1238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int tflags; 1248bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int used; 1258bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)#ifdef NO_SHARED_LIBS 1268bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) unsigned int loaded; /* simulate loading so options are merged properly */ 1277dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch#endif 1287dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch}; 1297dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 1307dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdochextern int line; 1317dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch 1327dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdoch/* Your shared library should call one of these. */ 1337dbb3d5cf0c15f500944d211057644d6a2f37371Ben Murdochextern void register_match6(struct ip6tables_match *me); 1345f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern void register_target6(struct ip6tables_target *me); 1355f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1365f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int service_to_port(const char *name, const char *proto); 1375f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int do_command6(int argc, char *argv[], char **table, 1385f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) ip6tc_handle_t *handle); 1395f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)/* Keeping track of external matches and targets: linked lists. */ 1405f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern struct ip6tables_match *ip6tables_matches; 1415f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern struct ip6tables_target *ip6tables_targets; 1425f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1435f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)enum ip6t_tryload { 144a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) DONT_LOAD, 145a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) DURING_LOAD, 146a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) TRY_LOAD, 1475f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) LOAD_MUST_SUCCEED 1485f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)}; 1495f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1505f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern struct ip6tables_target *find_target(const char *name, enum ip6t_tryload); 1515f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern struct ip6tables_match *find_match(const char *name, enum ip6t_tryload, struct ip6tables_rule_match **match); 1525f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1535f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern void parse_interface(const char *arg, char *vianame, unsigned char *mask); 1545f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1555f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int for_each_chain(int (*fn)(const ip6t_chainlabel, int, ip6tc_handle_t *), int verbose, int builtinstoo, ip6tc_handle_t *handle); 1565f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int flush_entries(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 1575f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int delete_chain(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 1585f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)extern int ip6tables_insmod(const char *modname, const char *modprobe); 1595f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 1605f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#endif /*_IP6TABLES_USER_H*/ 1615f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)