1 /* Copyright 2017 Jozsef Kadlecsik (kadlec@netfilter.org)
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License version 2 as
5 * published by the Free Software Foundation.
8 #include <libipset/types.h> /* ipset_args[] */
10 static const struct ipset_arg ipset_args
[] = {
11 [IPSET_ARG_FAMILY
] = {
12 .name
= { "family", NULL
},
13 .has_arg
= IPSET_MANDATORY_ARG
,
14 .opt
= IPSET_OPT_FAMILY
,
15 .parse
= ipset_parse_family
,
16 .print
= ipset_print_family
,
17 .help
= "[family inet|inet6]|[-4|-6]",
19 /* Alias: family inet */
21 .name
= { "-4", NULL
},
22 .has_arg
= IPSET_NO_ARG
,
23 .opt
= IPSET_OPT_FAMILY
,
24 .parse
= ipset_parse_family
,
27 /* Alias: family inet6 */
29 .name
= { "-6", NULL
},
30 .has_arg
= IPSET_NO_ARG
,
31 .opt
= IPSET_OPT_FAMILY
,
32 .parse
= ipset_parse_family
,
36 [IPSET_ARG_HASHSIZE
] = {
37 .name
= { "hashsize", NULL
},
38 .has_arg
= IPSET_MANDATORY_ARG
,
39 .opt
= IPSET_OPT_HASHSIZE
,
40 .parse
= ipset_parse_uint32
,
41 .print
= ipset_print_number
,
42 .help
= "[hashsize VALUE]",
44 [IPSET_ARG_MAXELEM
] = {
45 .name
= { "maxelem", NULL
},
46 .has_arg
= IPSET_MANDATORY_ARG
,
47 .opt
= IPSET_OPT_MAXELEM
,
48 .parse
= ipset_parse_uint32
,
49 .print
= ipset_print_number
,
50 .help
= "[maxelem VALUE]",
52 /* Ignored options: backward compatibilty */
53 [IPSET_ARG_PROBES
] = {
54 .name
= { "probes", NULL
},
55 .has_arg
= IPSET_MANDATORY_ARG
,
56 .opt
= IPSET_OPT_PROBES
,
57 .parse
= ipset_parse_ignored
,
58 .print
= ipset_print_number
,
60 [IPSET_ARG_RESIZE
] = {
61 .name
= { "resize", NULL
},
62 .has_arg
= IPSET_MANDATORY_ARG
,
63 .opt
= IPSET_OPT_RESIZE
,
64 .parse
= ipset_parse_ignored
,
65 .print
= ipset_print_number
,
68 .name
= { "gc", NULL
},
69 .has_arg
= IPSET_MANDATORY_ARG
,
71 .parse
= ipset_parse_ignored
,
72 .print
= ipset_print_number
,
74 [IPSET_ARG_IGNORED_FROM
] = {
75 .name
= { "from", NULL
},
76 .has_arg
= IPSET_MANDATORY_ARG
,
78 .parse
= ipset_parse_ignored
,
79 .print
= ipset_print_number
,
81 [IPSET_ARG_IGNORED_TO
] = {
82 .name
= { "to", NULL
},
83 .has_arg
= IPSET_MANDATORY_ARG
,
84 .opt
= IPSET_OPT_IP_TO
,
85 .parse
= ipset_parse_ignored
,
86 .print
= ipset_print_number
,
88 [IPSET_ARG_IGNORED_NETWORK
] = {
89 .name
= { "network", NULL
},
90 .has_arg
= IPSET_MANDATORY_ARG
,
92 .parse
= ipset_parse_ignored
,
93 .print
= ipset_print_number
,
97 .name
= { "size", NULL
},
98 .has_arg
= IPSET_MANDATORY_ARG
,
99 .opt
= IPSET_OPT_SIZE
,
100 .parse
= ipset_parse_uint32
,
101 .print
= ipset_print_number
,
102 .help
= "[size VALUE]",
104 /* IP-type elements */
105 [IPSET_ARG_IPRANGE
] = {
106 .name
= { "range", NULL
},
107 .has_arg
= IPSET_MANDATORY_ARG
,
109 .parse
= ipset_parse_netrange
,
110 .print
= ipset_print_ip
,
112 [IPSET_ARG_NETMASK
] = {
113 .name
= { "netmask", NULL
},
114 .has_arg
= IPSET_MANDATORY_ARG
,
115 .opt
= IPSET_OPT_NETMASK
,
116 .parse
= ipset_parse_netmask
,
117 .print
= ipset_print_number
,
118 .help
= "[netmask CIDR]",
120 /* Port-type elements */
121 [IPSET_ARG_PORTRANGE
] = {
122 .name
= { "range", NULL
},
123 .has_arg
= IPSET_MANDATORY_ARG
,
124 .opt
= IPSET_OPT_PORT
,
125 .parse
= ipset_parse_tcp_udp_port
,
126 .print
= ipset_print_port
,
128 /* Setname type elements */
129 [IPSET_ARG_BEFORE
] = {
130 .name
= { "before", NULL
},
131 .has_arg
= IPSET_MANDATORY_ARG
,
132 .opt
= IPSET_OPT_NAMEREF
,
133 .parse
= ipset_parse_before
,
134 .help
= "[before|after NAME]",
136 [IPSET_ARG_AFTER
] = {
137 .name
= { "after", NULL
},
138 .has_arg
= IPSET_MANDATORY_ARG
,
139 .opt
= IPSET_OPT_NAMEREF
,
140 .parse
= ipset_parse_after
,
142 /* Backward compatibility */
143 [IPSET_ARG_FROM_IP
] = {
144 .name
= { "from", NULL
},
145 .has_arg
= IPSET_MANDATORY_ARG
,
147 .parse
= ipset_parse_single_ip
,
149 [IPSET_ARG_TO_IP
] = {
150 .name
= { "to", NULL
},
151 .has_arg
= IPSET_MANDATORY_ARG
,
152 .opt
= IPSET_OPT_IP_TO
,
153 .parse
= ipset_parse_single_ip
,
155 [IPSET_ARG_NETWORK
] = {
156 .name
= { "network", NULL
},
157 .has_arg
= IPSET_MANDATORY_ARG
,
159 .parse
= ipset_parse_net
,
161 [IPSET_ARG_FROM_PORT
] = {
162 .name
= { "from", NULL
},
163 .has_arg
= IPSET_MANDATORY_ARG
,
164 .opt
= IPSET_OPT_PORT
,
165 .parse
= ipset_parse_single_tcp_port
,
167 [IPSET_ARG_TO_PORT
] = {
168 .name
= { "to", NULL
},
169 .has_arg
= IPSET_MANDATORY_ARG
,
170 .opt
= IPSET_OPT_PORT_TO
,
171 .parse
= ipset_parse_single_tcp_port
,
173 /* Extra flags, options */
174 [IPSET_ARG_FORCEADD
] = {
175 .name
= { "forceadd", NULL
},
176 .has_arg
= IPSET_NO_ARG
,
177 .opt
= IPSET_OPT_FORCEADD
,
178 .parse
= ipset_parse_flag
,
179 .print
= ipset_print_flag
,
180 .help
= "[forceadd]",
182 [IPSET_ARG_MARKMASK
] = {
183 .name
= { "markmask", NULL
},
184 .has_arg
= IPSET_MANDATORY_ARG
,
185 .opt
= IPSET_OPT_MARKMASK
,
186 .parse
= ipset_parse_uint32
,
187 .print
= ipset_print_mark
,
188 .help
= "markmask VALUE",
190 [IPSET_ARG_NOMATCH
] = {
191 .name
= { "nomatch", NULL
},
192 .has_arg
= IPSET_NO_ARG
,
193 .opt
= IPSET_OPT_NOMATCH
,
194 .parse
= ipset_parse_flag
,
195 .print
= ipset_print_flag
,
198 [IPSET_ARG_IFACE_WILDCARD
] = {
199 .name
= { "wildcard", NULL
},
200 .has_arg
= IPSET_NO_ARG
,
201 .opt
= IPSET_OPT_IFACE_WILDCARD
,
202 .parse
= ipset_parse_flag
,
203 .print
= ipset_print_flag
,
204 .help
= "[wildcard]",
207 [IPSET_ARG_TIMEOUT
] = {
208 .name
= { "timeout", NULL
},
209 .has_arg
= IPSET_MANDATORY_ARG
,
210 .opt
= IPSET_OPT_TIMEOUT
,
211 .parse
= ipset_parse_timeout
,
212 .print
= ipset_print_number
,
213 .help
= "[timeout VALUE]",
215 [IPSET_ARG_COUNTERS
] = {
216 .name
= { "counters", NULL
},
217 .has_arg
= IPSET_NO_ARG
,
218 .opt
= IPSET_OPT_COUNTERS
,
219 .parse
= ipset_parse_flag
,
220 .print
= ipset_print_flag
,
221 .help
= "[counters]",
223 [IPSET_ARG_PACKETS
] = {
224 .name
= { "packets", NULL
},
225 .has_arg
= IPSET_MANDATORY_ARG
,
226 .opt
= IPSET_OPT_PACKETS
,
227 .parse
= ipset_parse_uint64
,
228 .print
= ipset_print_number
,
229 .help
= "[packets VALUE]",
231 [IPSET_ARG_BYTES
] = {
232 .name
= { "bytes", NULL
},
233 .has_arg
= IPSET_MANDATORY_ARG
,
234 .opt
= IPSET_OPT_BYTES
,
235 .parse
= ipset_parse_uint64
,
236 .print
= ipset_print_number
,
237 .help
= "[bytes VALUE]",
239 [IPSET_ARG_COMMENT
] = {
240 .name
= { "comment", NULL
},
241 .has_arg
= IPSET_NO_ARG
,
242 .opt
= IPSET_OPT_CREATE_COMMENT
,
243 .parse
= ipset_parse_flag
,
244 .print
= ipset_print_flag
,
247 [IPSET_ARG_ADT_COMMENT
] = {
248 .name
= { "comment", NULL
},
249 .has_arg
= IPSET_MANDATORY_ARG
,
250 .opt
= IPSET_OPT_ADT_COMMENT
,
251 .parse
= ipset_parse_comment
,
252 .print
= ipset_print_comment
,
253 .help
= "[comment \"string\"]",
255 [IPSET_ARG_SKBINFO
] = {
256 .name
= { "skbinfo", NULL
},
257 .has_arg
= IPSET_NO_ARG
,
258 .opt
= IPSET_OPT_SKBINFO
,
259 .parse
= ipset_parse_flag
,
260 .print
= ipset_print_flag
,
263 [IPSET_ARG_SKBMARK
] = {
264 .name
= { "skbmark", NULL
},
265 .has_arg
= IPSET_MANDATORY_ARG
,
266 .opt
= IPSET_OPT_SKBMARK
,
267 .parse
= ipset_parse_skbmark
,
268 .print
= ipset_print_skbmark
,
269 .help
= "[skbmark VALUE]",
271 [IPSET_ARG_SKBPRIO
] = {
272 .name
= { "skbprio", NULL
},
273 .has_arg
= IPSET_MANDATORY_ARG
,
274 .opt
= IPSET_OPT_SKBPRIO
,
275 .parse
= ipset_parse_skbprio
,
276 .print
= ipset_print_skbprio
,
277 .help
= "[skbprio VALUE]",
279 [IPSET_ARG_SKBQUEUE
] = {
280 .name
= { "skbqueue", NULL
},
281 .has_arg
= IPSET_MANDATORY_ARG
,
282 .opt
= IPSET_OPT_SKBQUEUE
,
283 .parse
= ipset_parse_uint16
,
284 .print
= ipset_print_number
,
285 .help
= "[skbqueue VALUE]",
287 [IPSET_ARG_BUCKETSIZE
] = {
288 .name
= { "bucketsize", NULL
},
289 .has_arg
= IPSET_MANDATORY_ARG
,
290 .opt
= IPSET_OPT_BUCKETSIZE
,
291 .parse
= ipset_parse_uint8
,
292 .print
= ipset_print_number
,
293 .help
= "[bucketsize VALUE]",
295 [IPSET_ARG_INITVAL
] = {
296 .name
= { "initval", NULL
},
297 .has_arg
= IPSET_MANDATORY_ARG
,
298 .opt
= IPSET_OPT_INITVAL
,
299 .parse
= ipset_parse_uint32
,
300 .print
= ipset_print_hexnumber
,
301 .help
= "[initval VALUE]",
303 [IPSET_ARG_BITMASK
] = {
304 .name
= { "bitmask", NULL
},
305 .has_arg
= IPSET_MANDATORY_ARG
,
306 .opt
= IPSET_OPT_BITMASK
,
307 .parse
= ipset_parse_bitmask
,
308 .print
= ipset_print_ip
,
309 .help
= "[bitmask bitmask]",
313 const struct ipset_arg
*
314 ipset_keyword(enum ipset_keywords i
)
316 return (i
> IPSET_ARG_NONE
&& i
< IPSET_ARG_MAX
)
317 ? &ipset_args
[i
] : NULL
;
321 ipset_ignored_optname(unsigned int opt
)
323 enum ipset_keywords i
;
325 for (i
= IPSET_ARG_NONE
+ 1 ; i
< IPSET_ARG_MAX
; i
++)
326 if (ipset_args
[i
].opt
== opt
)
327 return ipset_args
[i
].name
[0];