libxtables: Move struct xtables_afinfo into xtables.h

The library "owns" this structure and maintains 'afinfo' pointer to
instances of it. With libxt_set, there's even an extension making use of
the data.

To avoid impact on library users, guard it by XTABLES_INTERNAL.

To eliminate the xshared.h include by libxt_set, DEBUGP has to be
redefined. Other extensions have similar defines, fix this later.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/extensions/libxt_set.c b/extensions/libxt_set.c
index 16921023a22f8694c3b2d1eaf6dc55d2666005d3..a2137ab1eb1803db5cb5fea5068cca32df1dc9e3 100644 (file)
--- a/extensions/libxt_set.c
+++ b/extensions/libxt_set.c
@@ -22,6 +22,12 @@
 #include <linux/netfilter/xt_set.h>
 #include "libxt_set.h"
 
+#ifdef DEBUG
+#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#else
+#define DEBUGP(x, args...)
+#endif
+
 /* Revision 0 */
 
 static void

diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
index ad895a7504d9d7679b5033bdc8ce7d0781e36620..597bf7ebe575a1e74184b5bee21ff91653ca3f94 100644 (file)
--- a/extensions/libxt_set.h
+++ b/extensions/libxt_set.h
@@ -6,7 +6,6 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <errno.h>
-#include "../iptables/xshared.h"
 
 static int
 get_version(unsigned *version)

diff --git a/include/xtables.h b/include/xtables.h
index f1937f3ea05308e4c83826bf9faa2e51bee53840..b8d8372d0e4989a4efeff8940370e7c42448ec2b 100644 (file)
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -665,6 +665,28 @@ void xtables_announce_chain(const char *name);
 
 extern void _init(void);
 
+/**
+ * xtables_afinfo - protocol family dependent information
+ * @kmod:              kernel module basename (e.g. "ip_tables")
+ * @proc_exists:       file which exists in procfs when module already loaded
+ * @libprefix:         prefix of .so library name (e.g. "libipt_")
+ * @family:            nfproto family
+ * @ipproto:           used by setsockopt (e.g. IPPROTO_IP)
+ * @so_rev_match:      optname to check revision support of match
+ * @so_rev_target:     optname to check revision support of target
+ */
+struct xtables_afinfo {
+       const char *kmod;
+       const char *proc_exists;
+       const char *libprefix;
+       uint8_t family;
+       uint8_t ipproto;
+       int so_rev_match;
+       int so_rev_target;
+};
+
+extern const struct xtables_afinfo *afinfo;
+
 #endif /* XTABLES_INTERNAL */
 
 #ifdef __cplusplus

diff --git a/iptables/xshared.h b/iptables/xshared.h
index 1d6b9bf4ee9b7c3783ef7496898ac9ada1f61909..1fdc760a32442544d70fceb26bf8a97a4b9b130d 100644 (file)
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -75,26 +75,6 @@ struct xtables_target;
 #define IPT_INV_ARPOP          0x0400
 #define IPT_INV_ARPHRD         0x0800
 
-/**
- * xtables_afinfo - protocol family dependent information
- * @kmod:              kernel module basename (e.g. "ip_tables")
- * @proc_exists:       file which exists in procfs when module already loaded
- * @libprefix:         prefix of .so library name (e.g. "libipt_")
- * @family:            nfproto family
- * @ipproto:           used by setsockopt (e.g. IPPROTO_IP)
- * @so_rev_match:      optname to check revision support of match
- * @so_rev_target:     optname to check revision support of target
- */
-struct xtables_afinfo {
-       const char *kmod;
-       const char *proc_exists;
-       const char *libprefix;
-       uint8_t family;
-       uint8_t ipproto;
-       int so_rev_match;
-       int so_rev_target;
-};
-
 /* trick for ebtables-compat, since watchers are targets */
 struct ebt_match {
        struct ebt_match                        *next;
@@ -187,8 +167,6 @@ int parse_counters(const char *string, struct xt_counters *ctr);
 bool tokenize_rule_counters(char **bufferp, char **pcnt, char **bcnt, int line);
 bool xs_has_arg(int argc, char *argv[]);
 
-extern const struct xtables_afinfo *afinfo;
-
 #define MAX_ARGC       255
 struct argv_store {
        int argc;