• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #ifndef IPTABLES_XSHARED_H
2 #define IPTABLES_XSHARED_H 1
3 
4 #include <limits.h>
5 #include <stdint.h>
6 #include <netinet/in.h>
7 #include <net/if.h>
8 #include <linux/netfilter_ipv4/ip_tables.h>
9 #include <linux/netfilter_ipv6/ip6_tables.h>
10 
11 enum {
12 	OPT_NONE        = 0,
13 	OPT_NUMERIC     = 1 << 0,
14 	OPT_SOURCE      = 1 << 1,
15 	OPT_DESTINATION = 1 << 2,
16 	OPT_PROTOCOL    = 1 << 3,
17 	OPT_JUMP        = 1 << 4,
18 	OPT_VERBOSE     = 1 << 5,
19 	OPT_EXPANDED    = 1 << 6,
20 	OPT_VIANAMEIN   = 1 << 7,
21 	OPT_VIANAMEOUT  = 1 << 8,
22 	OPT_LINENUMBERS = 1 << 9,
23 	OPT_COUNTERS    = 1 << 10,
24 };
25 
26 struct xtables_globals;
27 struct xtables_rule_match;
28 struct xtables_target;
29 
30 /**
31  * xtables_afinfo - protocol family dependent information
32  * @kmod:		kernel module basename (e.g. "ip_tables")
33  * @proc_exists:	file which exists in procfs when module already loaded
34  * @libprefix:		prefix of .so library name (e.g. "libipt_")
35  * @family:		nfproto family
36  * @ipproto:		used by setsockopt (e.g. IPPROTO_IP)
37  * @so_rev_match:	optname to check revision support of match
38  * @so_rev_target:	optname to check revision support of target
39  */
40 struct xtables_afinfo {
41 	const char *kmod;
42 	const char *proc_exists;
43 	const char *libprefix;
44 	uint8_t family;
45 	uint8_t ipproto;
46 	int so_rev_match;
47 	int so_rev_target;
48 };
49 
50 struct iptables_command_state {
51 	union {
52 		struct ipt_entry fw;
53 		struct ip6t_entry fw6;
54 	};
55 	int invert;
56 	int c;
57 	unsigned int options;
58 	struct xtables_rule_match *matches;
59 	struct xtables_target *target;
60 	char *protocol;
61 	int proto_used;
62 	const char *jumpto;
63 	char **argv;
64 };
65 
66 typedef int (*mainfunc_t)(int, char **);
67 
68 struct subcommand {
69 	const char *name;
70 	mainfunc_t main;
71 };
72 
73 enum {
74 	XT_OPTION_OFFSET_SCALE = 256,
75 };
76 
77 extern void print_extension_helps(const struct xtables_target *,
78 	const struct xtables_rule_match *);
79 extern const char *proto_to_name(uint8_t, int);
80 extern int command_default(struct iptables_command_state *,
81 	struct xtables_globals *);
82 extern struct xtables_match *load_proto(struct iptables_command_state *);
83 extern int subcmd_main(int, char **, const struct subcommand *);
84 
85 extern const struct xtables_afinfo *afinfo;
86 
87 #endif /* IPTABLES_XSHARED_H */
88