iptables.h revision e6869a8f59d779ff4d5a0984c86d80db7078496
1#ifndef _IPTABLES_USER_H 2#define _IPTABLES_USER_H 3 4#include "libiptc/libiptc.h" 5 6/* Include file for additions: new matches and targets. */ 7struct iptables_match 8{ 9 struct iptables_match *next; 10 11 ipt_chainlabel name; 12 13 const char *version; 14 15 /* Size of match data. */ 16 size_t size; 17 18 /* Function which prints out usage message. */ 19 void (*help)(void); 20 21 /* Initialize the match. */ 22 void (*init)(struct ipt_entry_match *m, unsigned int *nfcache); 23 24 /* Function which parses command options; returns true if it 25 ate an option */ 26 int (*parse)(int c, char **argv, int invert, unsigned int *flags, 27 const struct ipt_entry *entry, 28 unsigned int *nfcache, 29 struct ipt_entry_match **match); 30 31 /* Final check; exit if not ok. */ 32 void (*final_check)(unsigned int flags); 33 34 /* Prints out the match iff non-NULL: put space at end */ 35 void (*print)(const struct ipt_ip *ip, 36 const struct ipt_entry_match *match, int numeric); 37 38 /* Saves the union ipt_matchinfo in parsable form to stdout. */ 39 void (*save)(const struct ipt_ip *ip, 40 const struct ipt_entry_match *match); 41 42 /* Pointer to list of extra command-line options */ 43 struct option *extra_opts; 44 45 /* Ignore these men behind the curtain: */ 46 unsigned int option_offset; 47 struct ipt_entry_match *m; 48 unsigned int mflags; 49}; 50 51struct iptables_target 52{ 53 struct iptables_target *next; 54 55 ipt_chainlabel name; 56 57 const char *version; 58 59 /* Size of target data. */ 60 size_t size; 61 62 /* Function which prints out usage message. */ 63 void (*help)(void); 64 65 /* Initialize the target. */ 66 void (*init)(struct ipt_entry_target *t, unsigned int *nfcache); 67 68 /* Function which parses command options; returns true if it 69 ate an option */ 70 int (*parse)(int c, char **argv, int invert, unsigned int *flags, 71 const struct ipt_entry *entry, 72 struct ipt_entry_target **target); 73 74 /* Final check; exit if not ok. */ 75 void (*final_check)(unsigned int flags); 76 77 /* Prints out the target iff non-NULL: put space at end */ 78 void (*print)(const struct ipt_ip *ip, 79 const struct ipt_entry_target *target, int numeric); 80 81 /* Saves the targinfo in parsable form to stdout. */ 82 void (*save)(const struct ipt_ip *ip, 83 const struct ipt_entry_target *target); 84 85 /* Pointer to list of extra command-line options */ 86 struct option *extra_opts; 87 88 /* Ignore these men behind the curtain: */ 89 unsigned int option_offset; 90 struct ipt_entry_target *t; 91 unsigned int tflags; 92}; 93 94/* Your shared library should call one of these. */ 95extern void register_match(struct iptables_match *me); 96extern void register_target(struct iptables_target *me); 97 98/* Functions we share */ 99enum exittype { 100 OTHER_PROBLEM = 1, 101 PARAMETER_PROBLEM, 102 VERSION_PROBLEM 103}; 104extern void exit_printhelp() __attribute__((noreturn)); 105extern void exit_tryhelp(int) __attribute__((noreturn)); 106int check_inverse(const char option[], int *invert); 107extern int string_to_number(const char *, int, int); 108void exit_error(enum exittype, char *, ...)__attribute__((noreturn, 109 format(printf,2,3))); 110extern char *addr_to_dotted(const struct in_addr *addrp); 111struct in_addr *dotted_to_addr(const char *dotted); 112extern const char *program_name, *program_version; 113 114extern int do_command(int argc, char *argv[], char **table, 115 iptc_handle_t *handle); 116/* Keeping track of external matches and targets: linked lists. */ 117extern struct iptables_match *iptables_matches; 118extern struct iptables_target *iptables_targets; 119 120extern struct iptables_target *find_target(const char *name, int tryload); 121extern struct iptables_match *find_match(const char *name, int tryload); 122#endif /*_IPTABLES_USER_H*/ 123