1/*
2 * Author: Paul.Russell@rustcorp.com.au and mneuling@radlogic.com.au
3 *
4 * Based on the ipchains code by Paul Russell and Michael Neuling
5 *
6 * (C) 2000-2002 by the netfilter coreteam <coreteam@netfilter.org>:
7 * 		    Paul 'Rusty' Russell <rusty@rustcorp.com.au>
8 * 		    Marc Boucher <marc+nf@mbsi.ca>
9 * 		    James Morris <jmorris@intercode.com.au>
10 * 		    Harald Welte <laforge@gnumonks.org>
11 * 		    Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
12 *
13 *	iptables -- IP firewall administration for kernels with
14 *	firewall table (aimed for the 2.3 kernels)
15 *
16 *	See the accompanying manual page iptables(8) for information
17 *	about proper usage of this program.
18 *
19 *	This program is free software; you can redistribute it and/or modify
20 *	it under the terms of the GNU General Public License as published by
21 *	the Free Software Foundation; either version 2 of the License, or
22 *	(at your option) any later version.
23 *
24 *	This program is distributed in the hope that it will be useful,
25 *	but WITHOUT ANY WARRANTY; without even the implied warranty of
26 *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
27 *	GNU General Public License for more details.
28 *
29 *	You should have received a copy of the GNU General Public License
30 *	along with this program; if not, write to the Free Software
31 *	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32 */
33
34#include <stdio.h>
35#include <stdlib.h>
36#include <errno.h>
37#include <string.h>
38#include <iptables.h>
39#include "xtables-multi.h"
40#include "nft.h"
41
42static int
43xtables_main(int family, const char *progname, int argc, char *argv[])
44{
45	int ret;
46	char *table = "filter";
47	struct nft_handle h = {
48		.family = family,
49	};
50
51	xtables_globals.program_name = progname;
52	ret = xtables_init_all(&xtables_globals, family);
53	if (ret < 0) {
54		fprintf(stderr, "%s/%s Failed to initialize xtables\n",
55				xtables_globals.program_name,
56				xtables_globals.program_version);
57				exit(1);
58	}
59#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
60	init_extensions();
61	init_extensions4();
62#endif
63
64	if (nft_init(&h, xtables_ipv4) < 0) {
65		fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
66				xtables_globals.program_name,
67				xtables_globals.program_version,
68				strerror(errno));
69		nft_fini(&h);
70		exit(EXIT_FAILURE);
71	}
72
73	ret = do_commandx(&h, argc, argv, &table, false);
74	if (ret)
75		ret = nft_commit(&h);
76
77	nft_fini(&h);
78
79	if (!ret) {
80		if (errno == EINVAL) {
81			fprintf(stderr, "iptables: %s. "
82					"Run `dmesg' for more information.\n",
83				nft_strerror(errno));
84		} else {
85			fprintf(stderr, "iptables: %s.\n",
86				nft_strerror(errno));
87		}
88		if (errno == EAGAIN) {
89			exit(RESOURCE_PROBLEM);
90		}
91	}
92
93	exit(!ret);
94}
95
96int xtables_ip4_main(int argc, char *argv[])
97{
98	return xtables_main(NFPROTO_IPV4, "iptables", argc, argv);
99}
100
101int xtables_ip6_main(int argc, char *argv[])
102{
103	return xtables_main(NFPROTO_IPV6, "ip6tables", argc, argv);
104}
105