• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Author: Paul.Russell@rustcorp.com.au and mneuling@radlogic.com.au
3  *
4  * Based on the ipchains code by Paul Russell and Michael Neuling
5  *
6  * (C) 2000-2002 by the netfilter coreteam <coreteam@netfilter.org>:
7  * 		    Paul 'Rusty' Russell <rusty@rustcorp.com.au>
8  * 		    Marc Boucher <marc+nf@mbsi.ca>
9  * 		    James Morris <jmorris@intercode.com.au>
10  * 		    Harald Welte <laforge@gnumonks.org>
11  * 		    Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
12  *
13  *	iptables -- IP firewall administration for kernels with
14  *	firewall table (aimed for the 2.3 kernels)
15  *
16  *	See the accompanying manual page iptables(8) for information
17  *	about proper usage of this program.
18  *
19  *	This program is free software; you can redistribute it and/or modify
20  *	it under the terms of the GNU General Public License as published by
21  *	the Free Software Foundation; either version 2 of the License, or
22  *	(at your option) any later version.
23  *
24  *	This program is distributed in the hope that it will be useful,
25  *	but WITHOUT ANY WARRANTY; without even the implied warranty of
26  *	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
27  *	GNU General Public License for more details.
28  *
29  *	You should have received a copy of the GNU General Public License
30  *	along with this program; if not, write to the Free Software
31  *	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32  */
33 
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <errno.h>
37 #include <string.h>
38 #include <iptables.h>
39 #include "xtables-multi.h"
40 #include "nft.h"
41 
42 static int
xtables_main(int family,const char * progname,int argc,char * argv[])43 xtables_main(int family, const char *progname, int argc, char *argv[])
44 {
45 	int ret;
46 	char *table = "filter";
47 	struct nft_handle h;
48 
49 	xtables_globals.program_name = progname;
50 	ret = xtables_init_all(&xtables_globals, family);
51 	if (ret < 0) {
52 		fprintf(stderr, "%s/%s Failed to initialize xtables\n",
53 				xtables_globals.program_name,
54 				xtables_globals.program_version);
55 				exit(1);
56 	}
57 #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
58 	init_extensions();
59 	init_extensions4();
60 #endif
61 
62 	if (nft_init(&h, family, xtables_ipv4) < 0) {
63 		fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
64 				xtables_globals.program_name,
65 				xtables_globals.program_version,
66 				strerror(errno));
67 		exit(EXIT_FAILURE);
68 	}
69 
70 	ret = do_commandx(&h, argc, argv, &table, false);
71 	if (ret)
72 		ret = nft_commit(&h);
73 
74 	nft_fini(&h);
75 	xtables_fini();
76 
77 	if (!ret) {
78 		fprintf(stderr, "%s: %s.%s\n", progname, nft_strerror(errno),
79 			(errno == EINVAL ?
80 			 " Run `dmesg' for more information." : ""));
81 
82 		if (errno == EAGAIN)
83 			exit(RESOURCE_PROBLEM);
84 	}
85 
86 	exit(!ret);
87 }
88 
xtables_ip4_main(int argc,char * argv[])89 int xtables_ip4_main(int argc, char *argv[])
90 {
91 	return xtables_main(NFPROTO_IPV4, "iptables", argc, argv);
92 }
93 
xtables_ip6_main(int argc,char * argv[])94 int xtables_ip6_main(int argc, char *argv[])
95 {
96 	return xtables_main(NFPROTO_IPV6, "ip6tables", argc, argv);
97 }
98