• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #ifndef IPTABLES_XSHARED_H
2 #define IPTABLES_XSHARED_H 1
3 
4 #include <limits.h>
5 #include <stdbool.h>
6 #include <stdint.h>
7 #include <netinet/in.h>
8 #include <net/if.h>
9 #include <linux/netfilter_ipv4/ip_tables.h>
10 #include <linux/netfilter_ipv6/ip6_tables.h>
11 
12 enum {
13 	OPT_NONE        = 0,
14 	OPT_NUMERIC     = 1 << 0,
15 	OPT_SOURCE      = 1 << 1,
16 	OPT_DESTINATION = 1 << 2,
17 	OPT_PROTOCOL    = 1 << 3,
18 	OPT_JUMP        = 1 << 4,
19 	OPT_VERBOSE     = 1 << 5,
20 	OPT_EXPANDED    = 1 << 6,
21 	OPT_VIANAMEIN   = 1 << 7,
22 	OPT_VIANAMEOUT  = 1 << 8,
23 	OPT_LINENUMBERS = 1 << 9,
24 	OPT_COUNTERS    = 1 << 10,
25 };
26 
27 struct xtables_globals;
28 struct xtables_rule_match;
29 struct xtables_target;
30 
31 /**
32  * xtables_afinfo - protocol family dependent information
33  * @kmod:		kernel module basename (e.g. "ip_tables")
34  * @proc_exists:	file which exists in procfs when module already loaded
35  * @libprefix:		prefix of .so library name (e.g. "libipt_")
36  * @family:		nfproto family
37  * @ipproto:		used by setsockopt (e.g. IPPROTO_IP)
38  * @so_rev_match:	optname to check revision support of match
39  * @so_rev_target:	optname to check revision support of target
40  */
41 struct xtables_afinfo {
42 	const char *kmod;
43 	const char *proc_exists;
44 	const char *libprefix;
45 	uint8_t family;
46 	uint8_t ipproto;
47 	int so_rev_match;
48 	int so_rev_target;
49 };
50 
51 struct iptables_command_state {
52 	union {
53 		struct ipt_entry fw;
54 		struct ip6t_entry fw6;
55 	};
56 	int invert;
57 	int c;
58 	unsigned int options;
59 	struct xtables_rule_match *matches;
60 	struct xtables_target *target;
61 	char *protocol;
62 	int proto_used;
63 	const char *jumpto;
64 	char **argv;
65 };
66 
67 typedef int (*mainfunc_t)(int, char **);
68 
69 struct subcommand {
70 	const char *name;
71 	mainfunc_t main;
72 };
73 
74 enum {
75 	XT_OPTION_OFFSET_SCALE = 256,
76 };
77 
78 extern void print_extension_helps(const struct xtables_target *,
79 	const struct xtables_rule_match *);
80 extern const char *proto_to_name(uint8_t, int);
81 extern int command_default(struct iptables_command_state *,
82 	struct xtables_globals *);
83 extern struct xtables_match *load_proto(struct iptables_command_state *);
84 extern int subcmd_main(int, char **, const struct subcommand *);
85 extern void xs_init_target(struct xtables_target *);
86 extern void xs_init_match(struct xtables_match *);
87 extern bool xtables_lock(bool wait);
88 
89 extern const struct xtables_afinfo *afinfo;
90 
91 #endif /* IPTABLES_XSHARED_H */
92