xshared.h revision 93587a04d0f2511e108bbc4d87a8b9d28a5c5dd8
1#ifndef IPTABLES_XSHARED_H 2#define IPTABLES_XSHARED_H 1 3 4#include <limits.h> 5#include <stdbool.h> 6#include <stdint.h> 7#include <netinet/in.h> 8#include <net/if.h> 9#include <linux/netfilter_ipv4/ip_tables.h> 10#include <linux/netfilter_ipv6/ip6_tables.h> 11 12enum { 13 OPT_NONE = 0, 14 OPT_NUMERIC = 1 << 0, 15 OPT_SOURCE = 1 << 1, 16 OPT_DESTINATION = 1 << 2, 17 OPT_PROTOCOL = 1 << 3, 18 OPT_JUMP = 1 << 4, 19 OPT_VERBOSE = 1 << 5, 20 OPT_EXPANDED = 1 << 6, 21 OPT_VIANAMEIN = 1 << 7, 22 OPT_VIANAMEOUT = 1 << 8, 23 OPT_LINENUMBERS = 1 << 9, 24 OPT_COUNTERS = 1 << 10, 25}; 26 27struct xtables_globals; 28struct xtables_rule_match; 29struct xtables_target; 30 31/** 32 * xtables_afinfo - protocol family dependent information 33 * @kmod: kernel module basename (e.g. "ip_tables") 34 * @proc_exists: file which exists in procfs when module already loaded 35 * @libprefix: prefix of .so library name (e.g. "libipt_") 36 * @family: nfproto family 37 * @ipproto: used by setsockopt (e.g. IPPROTO_IP) 38 * @so_rev_match: optname to check revision support of match 39 * @so_rev_target: optname to check revision support of target 40 */ 41struct xtables_afinfo { 42 const char *kmod; 43 const char *proc_exists; 44 const char *libprefix; 45 uint8_t family; 46 uint8_t ipproto; 47 int so_rev_match; 48 int so_rev_target; 49}; 50 51struct iptables_command_state { 52 union { 53 struct ipt_entry fw; 54 struct ip6t_entry fw6; 55 }; 56 int invert; 57 int c; 58 unsigned int options; 59 struct xtables_rule_match *matches; 60 struct xtables_target *target; 61 char *protocol; 62 int proto_used; 63 const char *jumpto; 64 char **argv; 65}; 66 67typedef int (*mainfunc_t)(int, char **); 68 69struct subcommand { 70 const char *name; 71 mainfunc_t main; 72}; 73 74enum { 75 XT_OPTION_OFFSET_SCALE = 256, 76}; 77 78extern void print_extension_helps(const struct xtables_target *, 79 const struct xtables_rule_match *); 80extern const char *proto_to_name(uint8_t, int); 81extern int command_default(struct iptables_command_state *, 82 struct xtables_globals *); 83extern struct xtables_match *load_proto(struct iptables_command_state *); 84extern int subcmd_main(int, char **, const struct subcommand *); 85extern void xs_init_target(struct xtables_target *); 86extern void xs_init_match(struct xtables_match *); 87extern bool xtables_lock(bool wait); 88 89extern const struct xtables_afinfo *afinfo; 90 91#endif /* IPTABLES_XSHARED_H */ 92