15cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifndef _XTABLES_H 25cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define _XTABLES_H 35cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 45cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* 55cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * Changing any structs/functions may incur a needed change 65cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * in libxtables_vcurrent/vage too. 75cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 85cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 95cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <sys/socket.h> /* PF_* */ 105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <sys/types.h> 115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <limits.h> 125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <stdbool.h> 135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <stddef.h> 145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <stdint.h> 155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <netinet/in.h> 165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <net/if.h> 175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <linux/types.h> 185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <linux/netfilter.h> 195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <linux/netfilter/x_tables.h> 205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifndef IPPROTO_SCTP 225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define IPPROTO_SCTP 132 235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifndef IPPROTO_DCCP 255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define IPPROTO_DCCP 33 265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifndef IPPROTO_MH 285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# define IPPROTO_MH 135 295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifndef IPPROTO_UDPLITE 315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define IPPROTO_UDPLITE 136 325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#include <xtables-version.h> 355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct in_addr; 375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* 395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * .size is here so that there is a somewhat reasonable check 405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * against the chosen .type. 415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define XTOPT_POINTER(stype, member) \ 435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger .ptroff = offsetof(stype, member), \ 445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger .size = sizeof(((stype *)NULL)->member) 455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define XTOPT_TABLEEND {.name = NULL} 465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * Select the format the input has to conform to, as well as the target type 495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (area pointed to with XTOPT_POINTER). Note that the storing is not always 505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * uniform. @cb->val will be populated with as much as there is space, i.e. 515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * exactly 2 items for ranges, but the target area can receive more values 525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (e.g. in case of ranges), or less values (e.g. %XTTYPE_HOSTMASK). 535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * 545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_NONE: option takes no argument 555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_UINT*: standard integer 565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_UINT*RC: colon-separated range of standard integers 575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_DOUBLE: double-precision floating point number 585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_STRING: arbitrary string 595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_TOSMASK: 8-bit TOS value with optional mask 605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_MARKMASK32: 32-bit mark with optional mask 615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_SYSLOGLEVEL: syslog level by name or number 625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_HOST: one host or address (ptr: union nf_inet_addr) 635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_HOSTMASK: one host or address, with an optional prefix length 645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (ptr: union nf_inet_addr; only host portion is stored) 655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_PROTOCOL: protocol number/name from /etc/protocols (ptr: uint8_t) 665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_PORT: 16-bit port name or number (supports %XTOPT_NBO) 675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_PORTRC: colon-separated port range (names acceptable), 685cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (supports %XTOPT_NBO) 695cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_PLEN: prefix length 705cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_PLENMASK: prefix length (ptr: union nf_inet_addr) 715cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTTYPE_ETHERMAC: Ethernet MAC address in hex form 725cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 735cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerenum xt_option_type { 745cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_NONE, 755cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT8, 765cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT16, 775cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT32, 785cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT64, 795cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT8RC, 805cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT16RC, 815cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT32RC, 825cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_UINT64RC, 835cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_DOUBLE, 845cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_STRING, 855cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_TOSMASK, 865cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_MARKMASK32, 875cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_SYSLOGLEVEL, 885cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_HOST, 895cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_HOSTMASK, 905cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_PROTOCOL, 915cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_PORT, 925cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_PORTRC, 935cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_PLEN, 945cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_PLENMASK, 955cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTTYPE_ETHERMAC, 965cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 975cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 985cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 995cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTOPT_INVERT: option is invertible (usable with !) 1005cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTOPT_MAND: option is mandatory 1015cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTOPT_MULTI: option may be specified multiple times 1025cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTOPT_PUT: store value into memory at @ptroff 1035cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * %XTOPT_NBO: store value in network-byte order 1045cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (only certain XTTYPEs recognize this) 1055cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 1065cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerenum xt_option_flags { 1075cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTOPT_INVERT = 1 << 0, 1085cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTOPT_MAND = 1 << 1, 1095cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTOPT_MULTI = 1 << 2, 1105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTOPT_PUT = 1 << 3, 1115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTOPT_NBO = 1 << 4, 1125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 1135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 1145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 1155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @name: name of option 1165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @type: type of input and validation method, see %XTTYPE_* 1175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @id: unique number (within extension) for option, 0-31 1185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @excl: bitmask of flags that cannot be used with this option 1195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @also: bitmask of flags that must be used with this option 1205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @flags: bitmask of option flags, see %XTOPT_* 1215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @ptroff: offset into private structure for member 1225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @size: size of the item pointed to by @ptroff; this is a safeguard 1235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @min: lowest allowed value (for singular integral types) 1245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @max: highest allowed value (for singular integral types) 1255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 1265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xt_option_entry { 1275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *name; 1285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger enum xt_option_type type; 1295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int id, excl, also, flags; 1305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int ptroff; 1315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t size; 1325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int min, max; 1335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 1345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 1355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 1365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @arg: input from command line 1375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @ext_name: name of extension currently being processed 1385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @entry: current option being processed 1395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @data: per-extension kernel data block 1405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @xflags: options of the extension that have been used 1415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @invert: whether option was used with ! 1425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @nvals: number of results in uXX_multi 1435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @val: parsed result 1445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @udata: per-extension private scratch area 1455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (cf. xtables_{match,target}->udata_size) 1465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 1475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xt_option_call { 1485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *arg, *ext_name; 1495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *entry; 1505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *data; 1515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int xflags; 1525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger bool invert; 1535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t nvals; 1545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger union { 1555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t u8, u8_range[2], syslog_level, protocol; 1565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint16_t u16, u16_range[2], port, port_range[2]; 1575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint32_t u32, u32_range[2]; 1585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint64_t u64, u64_range[2]; 1595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger double dbl; 1605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct { 1615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger union nf_inet_addr haddr, hmask; 1625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t hlen; 1635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger }; 1645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct { 1655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t tos_value, tos_mask; 1665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger }; 1675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct { 1685cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint32_t mark, mask; 1695cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger }; 1705cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t ethermac[6]; 1715cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger } val; 1725cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Wished for a world where the ones below were gone: */ 1735cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger union { 1745cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_match **match; 1755cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_target **target; 1765cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger }; 1775cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *xt_entry; 1785cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *udata; 1795cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 1805cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 1815cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 1825cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @ext_name: name of extension currently being processed 1835cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @data: per-extension (kernel) data block 1845cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @udata: per-extension private scratch area 1855cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * (cf. xtables_{match,target}->udata_size) 1865cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * @xflags: options of the extension that have been used 1875cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 1885cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xt_fcheck_call { 1895cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *ext_name; 1905cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *data, *udata; 1915cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int xflags; 1925cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 1935cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 1945cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 1955cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * A "linear"/linked-list based name<->id map, for files similar to 1965cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * /etc/iproute2/. 1975cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 1985cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_lmap { 1995cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger char *name; 2005cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger int id; 2015cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_lmap *next; 2025cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 2035cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2045cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerenum xtables_ext_flags { 2055cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTABLES_EXT_ALIAS = 1 << 0, 2065cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 2075cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2085cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* Include file for additions: new matches and targets. */ 2095cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_match 2105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger{ 2115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* 2125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * ABI/API version this module requires. Must be first member, 2135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * as the rest of this struct may be subject to ABI changes. 2145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 2155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *version; 2165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_match *next; 2185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *name; 2205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *real_name; 2215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Revision of match (0 by default). */ 2235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t revision; 2245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Extension flags */ 2265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t ext_flags; 2275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint16_t family; 2295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Size of match data. */ 2315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t size; 2325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Size of match data relevant for userspace comparison purposes */ 2345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t userspacesize; 2355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Function which prints out usage message. */ 2375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*help)(void); 2385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Initialize the match. */ 2405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*init)(struct xt_entry_match *m); 2415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Function which parses command options; returns true if it 2435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger ate an option */ 2445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* entry is struct ipt_entry for example */ 2455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger int (*parse)(int c, char **argv, int invert, unsigned int *flags, 2465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const void *entry, 2475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_match **match); 2485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Final check; exit if not ok. */ 2505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*final_check)(unsigned int flags); 2515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Prints out the match iff non-NULL: put space at end */ 2535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* ip is struct ipt_ip * for example */ 2545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*print)(const void *ip, 2555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_entry_match *match, int numeric); 2565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Saves the match info in parsable form to stdout. */ 2585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* ip is struct ipt_ip * for example */ 2595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*save)(const void *ip, const struct xt_entry_match *match); 2605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Print match name or alias */ 2625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *(*alias)(const struct xt_entry_match *match); 2635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Pointer to list of extra command-line options */ 2655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct option *extra_opts; 2665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* New parser */ 2685cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*x6_parse)(struct xt_option_call *); 2695cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*x6_fcheck)(struct xt_fcheck_call *); 2705cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *x6_options; 2715cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2725cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Size of per-extension instance extra "global" scratch space */ 2735cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t udata_size; 2745cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2755cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Ignore these men behind the curtain: */ 2765cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *udata; 2775cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int option_offset; 2785cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_match *m; 2795cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int mflags; 2805cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int loaded; /* simulate loading so options are merged properly */ 2815cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 2825cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2835cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_target 2845cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger{ 2855cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* 2865cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * ABI/API version this module requires. Must be first member, 2875cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * as the rest of this struct may be subject to ABI changes. 2885cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 2895cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *version; 2905cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2915cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_target *next; 2925cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2935cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2945cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *name; 2955cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2965cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Real target behind this, if any. */ 2975cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *real_name; 2985cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 2995cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Revision of target (0 by default). */ 3005cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t revision; 3015cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3025cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Extension flags */ 3035cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t ext_flags; 3045cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3055cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint16_t family; 3065cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3075cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3085cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Size of target data. */ 3095cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t size; 3105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Size of target data relevant for userspace comparison purposes */ 3125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t userspacesize; 3135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Function which prints out usage message. */ 3155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*help)(void); 3165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Initialize the target. */ 3185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*init)(struct xt_entry_target *t); 3195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Function which parses command options; returns true if it 3215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger ate an option */ 3225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* entry is struct ipt_entry for example */ 3235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger int (*parse)(int c, char **argv, int invert, unsigned int *flags, 3245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const void *entry, 3255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_target **targetinfo); 3265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Final check; exit if not ok. */ 3285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*final_check)(unsigned int flags); 3295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Prints out the target iff non-NULL: put space at end */ 3315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*print)(const void *ip, 3325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_entry_target *target, int numeric); 3335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Saves the targinfo in parsable form to stdout. */ 3355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*save)(const void *ip, 3365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_entry_target *target); 3375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Print target name or alias */ 3395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *(*alias)(const struct xt_entry_target *target); 3405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Pointer to list of extra command-line options */ 3425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct option *extra_opts; 3435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* New parser */ 3455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*x6_parse)(struct xt_option_call *); 3465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*x6_fcheck)(struct xt_fcheck_call *); 3475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *x6_options; 3485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger size_t udata_size; 3505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Ignore these men behind the curtain: */ 3525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void *udata; 3535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int option_offset; 3545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xt_entry_target *t; 3555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int tflags; 3565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int used; 3575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int loaded; /* simulate loading so options are merged properly */ 3585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 3595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_rule_match { 3615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_rule_match *next; 3625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_match *match; 3635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger /* Multiple matches of the same type: the ones before 3645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger the current one are completed from parsing point of view */ 3655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger bool completed; 3665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 3675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3685cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 3695cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * struct xtables_pprot - 3705cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * 3715cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * A few hardcoded protocols for 'all' and in case the user has no 3725cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * /etc/protocols. 3735cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 3745cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_pprot { 3755cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *name; 3765cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uint8_t num; 3775cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 3785cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3795cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerenum xtables_tryload { 3805cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_DONT_LOAD, 3815cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_DURING_LOAD, 3825cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_TRY_LOAD, 3835cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_LOAD_MUST_SUCCEED, 3845cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 3855cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3865cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerenum xtables_exittype { 3875cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger OTHER_PROBLEM = 1, 3885cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger PARAMETER_PROBLEM, 3895cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger VERSION_PROBLEM, 3905cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger RESOURCE_PROBLEM, 3915cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_ONLY_ONCE, 3925cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_NO_INVERT, 3935cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_BAD_VALUE, 3945cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger XTF_ONE_ACTION, 3955cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 3965cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 3975cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerstruct xtables_globals 3985cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger{ 3995cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int option_offset; 4005cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const char *program_name, *program_version; 4015cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct option *orig_opts; 4025cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct option *opts; 4035cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger void (*exit_err)(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3))); 4045cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger int (*compat_rev)(const char *name, uint8_t rev, int opt); 4055cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger}; 4065cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4075cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false} 4085cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4095cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifdef __cplusplus 4105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern "C" { 4115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 4125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_modprobe_program; 4145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_match *xtables_matches; 4155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_target *xtables_targets; 4165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_init(void); 4185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_set_nfproto(uint8_t); 4195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void *xtables_calloc(size_t, size_t); 4205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void *xtables_malloc(size_t); 4215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void *xtables_realloc(void *, size_t); 4225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_insmod(const char *, const char *, bool); 4245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_load_ko(const char *, bool); 4255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_set_params(struct xtables_globals *xtp); 4265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_free_opts(int reset_offset); 4275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct option *xtables_merge_options(struct option *origopts, 4285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct option *oldopts, const struct option *newopts, 4295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int *option_offset); 4305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_init_all(struct xtables_globals *xtp, uint8_t nfproto); 4325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_match *xtables_find_match(const char *name, 4335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger enum xtables_tryload, struct xtables_rule_match **match); 4345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_target *xtables_find_target(const char *name, 4355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger enum xtables_tryload); 4365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_compatible_revision(const char *name, uint8_t revision, 4375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger int opt); 4385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_rule_matches_free(struct xtables_rule_match **matches); 4405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* Your shared library should call one of these. */ 4425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_register_match(struct xtables_match *me); 4435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_register_matches(struct xtables_match *, unsigned int); 4445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_register_target(struct xtables_target *me); 4455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_register_targets(struct xtables_target *, unsigned int); 4465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern bool xtables_strtoul(const char *, char **, uintmax_t *, 4485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger uintmax_t, uintmax_t); 4495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern bool xtables_strtoui(const char *, char **, unsigned int *, 4505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int, unsigned int); 4515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_service_to_port(const char *name, const char *proto); 4525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern uint16_t xtables_parse_port(const char *port, const char *proto); 4535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void 4545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerxtables_parse_interface(const char *arg, char *vianame, unsigned char *mask); 4555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* this is a special 64bit data type that is 8-byte aligned */ 4575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define aligned_u64 uint64_t __attribute__((aligned(8))) 4585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_globals *xt_params; 4605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define xtables_error (xt_params->exit_err) 4615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_param_act(unsigned int, const char *, ...); 4635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ipaddr_to_numeric(const struct in_addr *); 4655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ipaddr_to_anyname(const struct in_addr *); 4665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ipmask_to_numeric(const struct in_addr *); 4675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct in_addr *xtables_numeric_to_ipaddr(const char *); 4685cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct in_addr *xtables_numeric_to_ipmask(const char *); 4695cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_ipmask_to_cidr(const struct in_addr *); 4705cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_ipparse_any(const char *, struct in_addr **, 4715cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct in_addr *, unsigned int *); 4725cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_ipparse_multiple(const char *, struct in_addr **, 4735cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct in_addr **, unsigned int *); 4745cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4755cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct in6_addr *xtables_numeric_to_ip6addr(const char *); 4765cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ip6addr_to_numeric(const struct in6_addr *); 4775cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ip6addr_to_anyname(const struct in6_addr *); 4785cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_ip6mask_to_numeric(const struct in6_addr *); 4795cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_ip6mask_to_cidr(const struct in6_addr *); 4805cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_ip6parse_any(const char *, struct in6_addr **, 4815cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct in6_addr *, unsigned int *); 4825cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_ip6parse_multiple(const char *, struct in6_addr **, 4835cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct in6_addr **, unsigned int *); 4845cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4855cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/** 4865cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * Print the specified value to standard output, quoting dangerous 4875cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger * characters if required. 4885cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger */ 4895cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_save_string(const char *value); 4905cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 4915cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_NUMERIC 0x0001 4925cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_NOCOUNTS 0x0002 4935cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_KILOMEGAGIGA 0x0004 4945cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_OPTIONS 0x0008 4955cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_NOTABLE 0x0010 4965cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_NOTARGET 0x0020 4975cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_VIA 0x0040 4985cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_NONEWLINE 0x0080 4995cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_LINENUMBERS 0x0100 5005cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5015cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT_PRINT_RULE (FMT_NOCOUNTS | FMT_OPTIONS | FMT_VIA \ 5025cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger | FMT_NUMERIC | FMT_NOTABLE) 5035cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab)) 5045cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5055cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_print_num(uint64_t number, unsigned int format); 5065cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5075cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) 5085cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# ifdef _INIT 5095cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# undef _init 5105cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# define _init _INIT 5115cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# endif 5125cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger extern void init_extensions(void); 5135cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger extern void init_extensions4(void); 5145cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger extern void init_extensions6(void); 5155cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#else 5165cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# define _init __attribute__((constructor)) _INIT 5175cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 5185cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5195cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const struct xtables_pprot xtables_chain_protos[]; 5205cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern uint16_t xtables_parse_protocol(const char *s); 5215cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5225cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* kernel revision handling */ 5235cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int kernel_version; 5245cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void get_kernel_version(void); 5255cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define LINUX_VERSION(x,y,z) (0x10000*(x) + 0x100*(y) + z) 5265cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define LINUX_VERSION_MAJOR(x) (((x)>>16) & 0xFF) 5275cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define LINUX_VERSION_MINOR(x) (((x)>> 8) & 0xFF) 5285cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#define LINUX_VERSION_PATCH(x) ( (x) & 0xFF) 5295cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5305cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* xtoptions.c */ 5315cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_metavalidate(const char *, 5325cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *); 5335cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct option *xtables_options_xfrm(struct option *, struct option *, 5345cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *, 5355cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger unsigned int *); 5365cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_parse(struct xt_option_call *); 5375cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_tpcall(unsigned int, char **, bool, 5385cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_target *, void *); 5395cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_mpcall(unsigned int, char **, bool, 5405cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger struct xtables_match *, void *); 5415cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_tfcall(struct xtables_target *); 5425cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_option_mfcall(struct xtables_match *); 5435cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_options_fcheck(const char *, unsigned int, 5445cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger const struct xt_option_entry *); 5455cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5465cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern struct xtables_lmap *xtables_lmap_init(const char *); 5475cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void xtables_lmap_free(struct xtables_lmap *); 5485cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern int xtables_lmap_name2id(const struct xtables_lmap *, const char *); 5495cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern const char *xtables_lmap_id2name(const struct xtables_lmap *, int); 5505cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5515cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifdef XTABLES_INTERNAL 5525cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5535cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger/* Shipped modules rely on this... */ 5545cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5555cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# ifndef ARRAY_SIZE 5565cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x))) 5575cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger# endif 5585cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5595cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemmingerextern void _init(void); 5605cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5615cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 5625cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5635cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#ifdef __cplusplus 5645cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger} /* extern "C" */ 5655cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif 5665cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger 5675cd1adba79d33644debd4ba498bb262c5bebcfbaStephen Hemminger#endif /* _XTABLES_H */ 568