• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Shared library add-on to ip666666tables for NFQ
2  *
3  * (C) 2005 by Harald Welte <laforge@netfilter.org>
4  *
5  * This program is distributed under the terms of GNU GPL v2, 1991
6  *
7  */
8 #include <stdio.h>
9 #include <string.h>
10 #include <stdlib.h>
11 #include <getopt.h>
12 
13 #include <ip6tables.h>
14 #include <linux/netfilter_ipv6/ip6_tables.h>
15 #include <linux/netfilter_ipv4/ipt_NFQUEUE.h>
16 
init(struct ip6t_entry_target * t,unsigned int * nfcache)17 static void init(struct ip6t_entry_target *t, unsigned int *nfcache)
18 {
19 }
20 
help(void)21 static void help(void)
22 {
23 	printf(
24 "NFQUEUE target options\n"
25 "  --queue-num value		Send packet to QUEUE number <value>.\n"
26 "  		                Valid queue numbers are 0-65535\n"
27 );
28 }
29 
30 static struct option opts[] = {
31 	{ "queue-num", 1, 0, 'F' },
32 	{ 0 }
33 };
34 
35 static void
parse_num(const char * s,struct ipt_NFQ_info * tinfo)36 parse_num(const char *s, struct ipt_NFQ_info *tinfo)
37 {
38 	unsigned int num;
39 
40 	if (string_to_number(s, 0, 65535, &num) == -1)
41 		exit_error(PARAMETER_PROBLEM,
42 			   "Invalid queue number `%s'\n", s);
43 
44     	tinfo->queuenum = num & 0xffff;
45     	return;
46 }
47 
48 static int
parse(int c,char ** argv,int invert,unsigned int * flags,const struct ip6t_entry * entry,struct ip6t_entry_target ** target)49 parse(int c, char **argv, int invert, unsigned int *flags,
50       const struct ip6t_entry *entry,
51       struct ip6t_entry_target **target)
52 {
53 	struct ipt_NFQ_info *tinfo
54 		= (struct ipt_NFQ_info *)(*target)->data;
55 
56 	switch (c) {
57 	case 'F':
58 		if (*flags)
59 			exit_error(PARAMETER_PROBLEM, "NFQUEUE target: "
60 				   "Only use --queue-num ONCE!");
61 		parse_num(optarg, tinfo);
62 		break;
63 	default:
64 		return 0;
65 	}
66 
67 	return 1;
68 }
69 
70 static void
final_check(unsigned int flags)71 final_check(unsigned int flags)
72 {
73 }
74 
75 /* Prints out the targinfo. */
76 static void
print(const struct ip6t_ip6 * ip,const struct ip6t_entry_target * target,int numeric)77 print(const struct ip6t_ip6 *ip,
78       const struct ip6t_entry_target *target,
79       int numeric)
80 {
81 	const struct ipt_NFQ_info *tinfo =
82 		(const struct ipt_NFQ_info *)target->data;
83 	printf("NFQUEUE num %u", tinfo->queuenum);
84 }
85 
86 /* Saves the union ip6t_targinfo in parsable form to stdout. */
87 static void
save(const struct ip6t_ip6 * ip,const struct ip6t_entry_target * target)88 save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
89 {
90 	const struct ipt_NFQ_info *tinfo =
91 		(const struct ipt_NFQ_info *)target->data;
92 
93 	printf("--queue-num %u ", tinfo->queuenum);
94 }
95 
96 static struct ip6tables_target nfqueue = {
97 	.next		= NULL,
98 	.name		= "NFQUEUE",
99 	.version	= IPTABLES_VERSION,
100 	.size		= IP6T_ALIGN(sizeof(struct ipt_NFQ_info)),
101 	.userspacesize	= IP6T_ALIGN(sizeof(struct ipt_NFQ_info)),
102 	.help		= &help,
103 	.init		= &init,
104 	.parse		= &parse,
105 	.final_check	= &final_check,
106 	.print		= &print,
107 	.save		= &save,
108 	.extra_opts	= opts
109 };
110 
_init(void)111 void _init(void)
112 {
113 	register_target6(&nfqueue);
114 }
115