-/* Shared library add-on to iptables to add LOG support. */
+/* Shared library add-on to ip6tables to add LOG support. */
#include <stdio.h>
#include <netdb.h>
#include <string.h>
#define LOG_DEFAULT_LEVEL LOG_WARNING
-/* Function which prints out usage message. */
static void LOG_help(void)
{
printf(
{ .name = NULL }
};
-/* Initialize the target. */
static void LOG_init(struct xt_entry_target *t)
{
struct ip6t_log_info *loginfo = (struct ip6t_log_info *)t->data;
#define IP6T_LOG_OPT_IPOPT 0x10
#define IP6T_LOG_OPT_UID 0x20
-/* Function which parses command options; returns true if it
- ate an option */
static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 1;
}
-/* Prints out the targinfo. */
static void LOG_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("prefix `%s' ", loginfo->prefix);
}
-/* Saves the union ip6t_targinfo in parsable form to stdout. */
static void LOG_save(const void *ip, const struct xt_entry_target *target)
{
const struct ip6t_log_info *loginfo
-/* Shared library add-on to iptables to add customized REJECT support.
+/* Shared library add-on to ip6tables to add customized REJECT support.
*
* (C) 2000 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
*
printf("\n");
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
-
-/* Function which prints out usage message. */
static void REJECT_help(void)
{
printf(
{ .name = NULL }
};
-/* Allocate and initialize the target. */
static void REJECT_init(struct xt_entry_target *t)
{
struct ip6t_reject_info *reject = (struct ip6t_reject_info *)t->data;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
}
-/* Prints out ipt_reject_info. */
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("reject-with %s ", reject_table[i].name);
}
-/* Saves ipt_reject in parsable form to stdout. */
static void REJECT_save(const void *ip, const struct xt_entry_target *target)
{
const struct ip6t_reject_info *reject
#include <errno.h>
#include <ip6tables.h>
#include <linux/netfilter_ipv6/ip6t_ah.h>
-
-/* Function which prints out usage message. */
+
static void ah_help(void)
{
printf(
free(buffer);
}
-/* Initialize the match. */
static void ah_init(struct xt_entry_match *m)
{
struct ip6t_ah *ahinfo = (struct ip6t_ah *)m->data;
ahinfo->hdrres = 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
printf("%s:%s%u ", name, inv, len);
}
-/* Prints out the union ip6t_matchinfo. */
static void ah_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
ah->invflags & ~IP6T_AH_INV_MASK);
}
-/* Saves the union ip6t_matchinfo in parsable form to stdout. */
static void ah_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_ah *ahinfo = (struct ip6t_ah *)match->data;
-/* Shared library add-on to ip6tables to add Hop-by-Hop and Dst headers support. */
+/* Shared library add-on to ip6tables to add Dst header support. */
#include <stdio.h>
#include <netdb.h>
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>
-/* Function which prints out usage message. */
static void dst_help(void)
{
printf(
return i;
}
-/* Initialize the match. */
static void dst_init(struct xt_entry_match *m)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)m->data;
optinfo->optsnr = 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the union ip6t_matchinfo. */
static void dst_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
optinfo->invflags & ~IP6T_OPTS_INV_MASK);
}
-/* Saves the union ip6t_matchinfo in parsable form to stdout. */
static void dst_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
#endif
#include <ip6tables.h>
-/* Function which prints out usage message. */
static void eui64_help(void)
{
printf(
" This module checks for EUI64 IPv6 addresses\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int eui64_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
#include <errno.h>
#include <ip6tables.h>
#include <linux/netfilter_ipv6/ip6t_frag.h>
-
-/* Function which prints out usage message. */
+
static void frag_help(void)
{
printf(
free(buffer);
}
-/* Initialize the match. */
static void frag_init(struct xt_entry_match *m)
{
struct ip6t_frag *fraginfo = (struct ip6t_frag *)m->data;
fraginfo->invflags = 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the union ip6t_matchinfo. */
static void frag_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
frag->invflags & ~IP6T_FRAG_INV_MASK);
}
-/* Saves the union ip6t_matchinfo in parsable form to stdout. */
static void frag_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_frag *fraginfo = (struct ip6t_frag *)match->data;
-/* Shared library add-on to ip6tables to add Hop-by-Hop and Dst headers support. */
+/* Shared library add-on to ip6tables to add Hop-by-Hop header support. */
#include <stdio.h>
#include <netdb.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
-
+
#define DEBUG 0
-/* Function which prints out usage message. */
static void hbh_help(void)
{
printf(
return i;
}
-/* Initialize the match. */
static void hbh_init(struct xt_entry_match *m)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)m->data;
optinfo->optsnr = 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the union ip6t_matchinfo. */
static void hbh_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
optinfo->invflags & ~IP6T_OPTS_INV_MASK);
}
-/* Saves the union ip6t_matchinfo in parsable form to stdout. */
static void hbh_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
-/* Shared library add-on to iptables to add ICMP support. */
+/* Shared library add-on to ip6tables to add ICMP support. */
#include <stdio.h>
#include <netdb.h>
#include <string.h>
printf("\n");
}
-/* Function which prints out usage message. */
static void icmp6_help(void)
{
printf(
}
}
-/* Initialize the match. */
static void icmp6_init(struct xt_entry_match *m)
{
struct ip6t_icmp *icmpv6info = (struct ip6t_icmp *)m->data;
icmpv6info->code[1] = 0xFF;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
printf(" codes %u-%u ", code_min, code_max);
}
-/* Prints out the union ipt_matchinfo. */
static void icmp6_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
icmpv6->invflags & ~IP6T_ICMP_INV);
}
-/* Saves the match in parsable form to stdout. */
static void icmp6_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data;
#define IPV6_HDR_HEADER 0x01
#define IPV6_HDR_SOFT 0x02
-/* Parses command options; returns 0 if it ate an option */
static int
ipv6header_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
return 1;
}
-/* Checks the flags variable */
static void ipv6header_check(unsigned int flags)
{
if (!flags) exit_error(PARAMETER_PROBLEM, "ip6t_ipv6header: no options specified");
printf("NONE");
}
-/* Prints out the match */
static void ipv6header_print(const void *ip,
const struct xt_entry_match *match, int numeric)
{
return;
}
-/* Saves the match */
static void ipv6header_save(const void *ip, const struct xt_entry_match *match)
{
-/* Shared library add-on to iptables to add policy support. */
-
+/* Shared library add-on to ip6tables to add policy support. */
#include <stdio.h>
#include <netdb.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
-
+
/*#define DEBUG 1*/
-/* Function which prints out usage message. */
static void rt_help(void)
{
printf(
return i;
}
-/* Initialize the match. */
static void rt_init(struct xt_entry_match *m)
{
struct ip6t_rt *rtinfo = (struct ip6t_rt *)m->data;
rtinfo->addrnr = 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the union ip6t_matchinfo. */
static void rt_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
rtinfo->invflags & ~IP6T_RT_INV_MASK);
}
-/* Saves the union ip6t_matchinfo in parsable form to stdout. */
static void rt_save(const void *ip, const struct xt_entry_match *match)
{
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
return buf;
}
-
-/* Prints out the targinfo. */
static void CLUSTERIP_print(const void *ip,
const struct xt_entry_target *target, int numeric)
{
cipinfo->hash_initval);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void CLUSTERIP_save(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_clusterip_tgt_info *cipinfo =
struct ip_nat_multi_range mr;
};
-/* Function which prints out usage message. */
static void DNAT_help(void)
{
printf(
return &(append_range(info, &range)->t);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
}
}
-/* Final check; must have specfied --to-source. */
static void DNAT_check(unsigned int flags)
{
if (!flags)
}
}
-/* Prints out the targinfo. */
static void DNAT_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
}
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void DNAT_save(const void *ip, const struct xt_entry_target *target)
{
struct ipt_natinfo *info = (void *)target;
"ECN target: Parameter --ecn-tcp-remove is required");
}
-/* Prints out the targinfo. */
static void ECN_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
}
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void ECN_save(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_ECN_info *einfo =
#define IPT_LOG_MASK 0x0f
#endif
-/* Function which prints out usage message. */
static void LOG_help(void)
{
printf(
{ .name = NULL }
};
-/* Initialize the target. */
static void LOG_init(struct xt_entry_target *t)
{
struct ipt_log_info *loginfo = (struct ipt_log_info *)t->data;
#define IPT_LOG_OPT_IPOPT 0x10
#define IPT_LOG_OPT_UID 0x20
-/* Function which parses command options; returns true if it
- ate an option */
static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 1;
}
-/* Prints out the targinfo. */
static void LOG_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("prefix `%s' ", loginfo->prefix);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void LOG_save(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_log_info *loginfo
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter/nf_nat.h>
-/* Function which prints out usage message. */
static void MASQUERADE_help(void)
{
printf(
{ .name = NULL }
};
-/* Initialize the target. */
static void MASQUERADE_init(struct xt_entry_target *t)
{
struct ip_nat_multi_range *mr = (struct ip_nat_multi_range *)t->data;
}
}
-/* Function which parses command options; returns true if it
- ate an option */
static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
}
}
-/* Prints out the targinfo. */
static void
MASQUERADE_print(const void *ip, const struct xt_entry_target *target,
int numeric)
printf("random ");
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void
MASQUERADE_save(const void *ip, const struct xt_entry_target *target)
{
#include <iptables.h>
#include <linux/netfilter_ipv4/ip_tables.h>
-/* Function which prints out usage message. */
static void MIRROR_help(void)
{
printf("MIRROR target takes no options\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int MIRROR_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
{ .name = NULL }
};
-/* Function which prints out usage message. */
static void NETMAP_help(void)
{
printf(MODULENAME" target options:\n"
return bits;
}
-/* Initialize the target. */
static void NETMAP_init(struct xt_entry_target *t)
{
struct ip_nat_multi_range *mr = (struct ip_nat_multi_range *)t->data;
range->max_ip = range->min_ip | ~netmask;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
}
}
-/* Final check; need --to */
static void NETMAP_check(unsigned int flags)
{
if (!flags)
MODULENAME" needs --%s", NETMAP_opts[0].name);
}
-/* Prints out the targinfo. */
static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("/%d", bits);
}
-/* Saves the targinfo in parsable form to stdout. */
static void NETMAP_save(const void *ip, const struct xt_entry_target *target)
{
printf("--%s ", NETMAP_opts[0].name);
{
xtables_register_target(&netmap_tg_reg);
}
-
#define IPT_REDIRECT_OPT_DEST 0x01
#define IPT_REDIRECT_OPT_RANDOM 0x02
-/* Function which prints out usage message. */
static void REDIRECT_help(void)
{
printf(
{ .name = NULL }
};
-/* Initialize the target. */
static void REDIRECT_init(struct xt_entry_target *t)
{
struct ip_nat_multi_range *mr = (struct ip_nat_multi_range *)t->data;
}
}
-/* Function which parses command options; returns true if it
- ate an option */
static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
}
}
-/* Prints out the targinfo. */
static void REDIRECT_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
}
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
{
struct ip_nat_multi_range *mr
printf("\n");
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
-
-/* Function which prints out usage message. */
static void REJECT_help(void)
{
printf(
{ .name = NULL }
};
-/* Allocate and initialize the target. */
static void REJECT_init(struct xt_entry_target *t)
{
struct ipt_reject_info *reject = (struct ipt_reject_info *)t->data;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
}
-/* Prints out ipt_reject_info. */
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("reject-with %s ", reject_table[i].name);
}
-/* Saves ipt_reject in parsable form to stdout. */
static void REJECT_save(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_reject_info *reject
/* For 64bit kernel / 32bit userspace */
#include <linux/netfilter_ipv4/ipt_SAME.h>
-/* Function which prints out usage message. */
static void SAME_help(void)
{
printf(
{ .name = NULL }
};
-/* Initialize the target. */
static void SAME_init(struct xt_entry_target *t)
{
struct ipt_same_info *mr = (struct ipt_same_info *)t->data;
#define IPT_SAME_OPT_NODST 0x02
#define IPT_SAME_OPT_RANDOM 0x04
-/* Function which parses command options; returns true if it
- ate an option */
static int SAME_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 1;
}
-/* Final check; need --to. */
static void SAME_check(unsigned int flags)
{
if (!(flags & IPT_SAME_OPT_TO))
"SAME needs --to");
}
-/* Prints out the targinfo. */
static void SAME_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("random ");
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void SAME_save(const void *ip, const struct xt_entry_target *target)
{
unsigned int count;
#include <linux/netfilter_ipv4/ipt_set.h>
#include "libipt_set.h"
-/* Function which prints out usage message. */
static void SET_help(void)
{
printf("SET target options:\n"
{ }
};
-/* Initialize the target. */
static void SET_init(struct xt_entry_target *target)
{
struct ipt_set_info_target *info =
*flags = 1;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int SET_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 1;
}
-/* Final check; must specify at least one. */
static void SET_check(unsigned int flags)
{
if (!flags)
printf(" ");
}
-/* Prints out the targinfo. */
static void SET_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
print_target("del-set", &info->del_set);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void SET_save(const void *ip, const struct xt_entry_target *target)
{
struct ipt_set_info_target *info =
struct ip_nat_multi_range mr;
};
-/* Function which prints out usage message. */
static void SNAT_help(void)
{
printf(
return &(append_range(info, &range)->t);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
}
}
-/* Final check; must have specfied --to-source. */
static void SNAT_check(unsigned int flags)
{
if (!(flags & IPT_SNAT_OPT_SOURCE))
}
}
-/* Prints out the targinfo. */
static void SNAT_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
}
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void SNAT_save(const void *ip, const struct xt_entry_target *target)
{
struct ipt_natinfo *info = (void *)target;
}
}
-/* Function which prints out usage message. */
static void ULOG_help(void)
{
printf("ULOG target options:\n"
{ .name = NULL }
};
-/* Initialize the target. */
static void ULOG_init(struct xt_entry_target *t)
{
struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) t->data;
#define IPT_LOG_OPT_CPRANGE 0x04
#define IPT_LOG_OPT_QTHRESHOLD 0x08
-/* Function which parses command options; returns true if it
- ate an option */
static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 1;
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void ULOG_save(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_ulog_info *loginfo
printf("--ulog-qthreshold %u ", (unsigned int)loginfo->qthreshold);
}
-/* Prints out the targinfo. */
static void ULOG_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
#include <errno.h>
#include <iptables.h>
#include <linux/netfilter_ipv4/ipt_ah.h>
-
-/* Function which prints out usage message. */
+
static void ah_help(void)
{
printf(
free(buffer);
}
-/* Initialize the match. */
static void ah_init(struct xt_entry_match *m)
{
struct ipt_ah *ahinfo = (struct ipt_ah *)m->data;
#define AH_SPI 0x01
-/* Function which parses command options; returns true if it
- ate an option */
static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the union ipt_matchinfo. */
static void ah_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
ah->invflags & ~IPT_AH_INV_MASK);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void ah_save(const void *ip, const struct xt_entry_match *match)
{
const struct ipt_ah *ahinfo = (struct ipt_ah *)match->data;
"ECN match: some option required");
}
-/* Prints out the matchinfo. */
static void ecn_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
}
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void ecn_save(const void *ip, const struct xt_entry_match *match)
{
const struct ipt_ecn_info *einfo =
printf("\n");
}
-/* Function which prints out usage message. */
static void icmp_help(void)
{
printf(
}
}
-/* Initialize the match. */
static void icmp_init(struct xt_entry_match *m)
{
struct ipt_icmp *icmpinfo = (struct ipt_icmp *)m->data;
icmpinfo->code[1] = 0xFF;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
printf(" codes %u-%u ", code_min, code_max);
}
-/* Prints out the union ipt_matchinfo. */
static void icmp_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
icmp->invflags & ~IPT_ICMP_INV);
}
-/* Saves the match in parsable form to stdout. */
static void icmp_save(const void *ip, const struct xt_entry_match *match)
{
const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data;
#include <iptables.h>
#include <linux/netfilter_ipv4/ipt_realm.h>
-/* Function which prints out usage message. */
static void realm_help(void)
{
printf(
return NULL;
}
-
-/* Function which parses command options; returns true if it
- ate an option */
static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Prints out the matchinfo. */
static void realm_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
print_realm(ri->id, ri->mask, numeric);
}
-
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void realm_save(const void *ip, const struct xt_entry_match *match)
{
struct ipt_realm_info *ri = (struct ipt_realm_info *) match->data;
print_realm(ri->id, ri->mask, 0);
}
-/* Final check; must have specified --mark. */
static void realm_check(unsigned int flags)
{
if (!flags)
{
xtables_register_match(&realm_mt_reg);
}
-
-
#define IPT_RECENT_NAME_LEN 200
#endif /* IPT_RECENT_NAME_LEN */
-/* Options for this module */
static const struct option recent_opts[] = {
{ .name = "set", .has_arg = 0, .val = 201 },
{ .name = "rcheck", .has_arg = 0, .val = 202 },
{ .name = NULL }
};
-/* Function which prints out usage message. */
static void recent_help(void)
{
printf(
" --rdest Match/Save the destination address of each packet in the recent list table.\n"
RECENT_NAME " " RECENT_VER ": Stephen Frost <sfrost@snowman.net>. http://snowman.net/projects/ipt_recent/\n");
}
-
-/* Initialize the match. */
+
static void recent_init(struct xt_entry_match *match)
{
struct ipt_recent_info *info = (struct ipt_recent_info *)(match)->data;
(IPT_RECENT_SET | IPT_RECENT_CHECK | \
IPT_RECENT_UPDATE | IPT_RECENT_REMOVE)
-/* Function which parses command options; returns true if it
- ate an option */
static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return 1;
}
-/* Final check; must have specified a specific option. */
static void recent_check(unsigned int flags)
{
if (!(flags & RECENT_CMDS))
"--update");
}
-/* Prints out the matchinfo. */
static void recent_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
if(info->side == IPT_RECENT_DEST) printf("side: dest");
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void recent_save(const void *ip, const struct xt_entry_match *match)
{
struct ipt_recent_info *info = (struct ipt_recent_info *)match->data;
if(info->side == IPT_RECENT_DEST) printf("--rdest ");
}
-/* Structure for iptables to use to communicate with module */
static struct xtables_match recent_mt_reg = {
.name = "recent",
.version = XTABLES_VERSION,
#include <linux/netfilter_ipv4/ipt_set.h>
#include "libipt_set.h"
-/* Function which prints out usage message. */
static void set_help(void)
{
printf("set match options:\n"
{ }
};
-/* Initialize the match. */
static void set_init(struct xt_entry_match *match)
{
struct ipt_set_info_match *info =
}
-/* Function which parses command options; returns true if it ate an option */
static int set_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return 1;
}
-/* Final check; must have specified --set. */
static void set_check(unsigned int flags)
{
if (!flags)
print_match("set", &info->match_set);
}
-/* Saves the matchinfo in parsable form to stdout. */
static void set_save(const void *ip, const struct xt_entry_match *match)
{
struct ipt_set_info_match *info =
#include <getopt.h>
#include <iptables.h>
-/* Function which prints out usage message. */
static void unclean_help(void)
{
printf("unclean match takes no options\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int unclean_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
#include <linux/types.h>
#include <linux/pkt_sched.h>
-/* Function which prints out usage message. */
static void
CLASSIFY_help(void)
{
return 0;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
CLASSIFY_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry,
printf("%x:%x ", TC_H_MAJ(priority)>>16, TC_H_MIN(priority));
}
-/* Prints out the targinfo. */
static void
CLASSIFY_print(const void *ip,
const struct xt_entry_target *target,
CLASSIFY_print_class(clinfo->priority, numeric);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void
CLASSIFY_save(const void *ip, const struct xt_entry_target *target)
{
F_SR_MARK = 1 << 1,
};
-/* Function which prints out usage message. */
static void CONNMARK_help(void)
{
printf(
info->nfmask = ~0U;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
CONNMARK_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
printf("%s0x%lx", text, mask);
}
-
-/* Prints out the target info. */
static void CONNMARK_print(const void *ip,
const struct xt_entry_target *target, int numeric)
{
}
}
-/* Saves the target into in parsable form to stdout. */
static void CONNMARK_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_connmark_target_info *markinfo =
printf("0x%02x ", dscp);
}
-/* Prints out the targinfo. */
static void DSCP_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
print_dscp(dinfo->dscp, numeric);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void DSCP_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_DSCP_info *dinfo =
F_MARK = 1 << 0,
};
-/* Function which prints out usage message. */
static void MARK_help(void)
{
printf(
" is required");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
printf("0x%lx ", mark);
}
-/* Prints out the targinfo. */
static void MARK_print_v0(const void *ip,
const struct xt_entry_target *target, int numeric)
{
print_mark(markinfo->mark);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void MARK_save_v0(const void *ip, const struct xt_entry_target *target)
{
const struct xt_mark_target_info *markinfo =
print_mark(markinfo->mark);
}
-/* Prints out the targinfo. */
static void MARK_print_v1(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("MARK xset 0x%x/0x%x ", info->mark, info->mask);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void MARK_save_v1(const void *ip, const struct xt_entry_target *target)
{
const struct xt_mark_target_info_v1 *markinfo =
return 1;
}
-/* Prints out the targinfo. */
static void NFQUEUE_print(const void *ip,
const struct xt_entry_target *target, int numeric)
{
printf("NFQUEUE num %u", tinfo->queuenum);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void NFQUEUE_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_NFQ_info *tinfo =
#include <xtables.h>
#include <linux/netfilter/x_tables.h>
-/* Function which prints out usage message. */
static void NOTRACK_help(void)
{
printf("NOTRACK target takes no options\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
NOTRACK_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{ .name = NULL }
};
-/*
- * Function which parses command options; returns true if it
- * ate an option.
- */
static int SECMARK_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
print_secmark(info);
}
-/* Saves the target info in parsable form to stdout. */
static void SECMARK_save(const void *ip, const struct xt_entry_target *target)
{
struct xt_secmark_target_info *info =
struct xt_tcpmss_info mss;
};
-/* Function which prints out usage message. */
static void __TCPMSS_help(int hdrsize)
{
printf(
{ .name = NULL }
};
-/* Function which parses command options; returns true if it
- ate an option */
static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target,
int hdrsize)
"TCPMSS target: At least one parameter is required");
}
-/* Prints out the targinfo. */
static void TCPMSS_print(const void *ip, const struct xt_entry_target *target,
int numeric)
{
printf("TCPMSS set %u ", mssinfo->mss);
}
-/* Saves the union ipt_targinfo in parsable form to stdout. */
static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_tcpmss_info *mssinfo =
#include <xtables.h>
#include <linux/netfilter/x_tables.h>
-/* Function which prints out usage message. */
static void TRACE_help(void)
{
printf("TRACE target takes no options\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int TRACE_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
#include <xtables.h>
#include <linux/netfilter/xt_comment.h>
-/* Function which prints out usage message. */
static void comment_help(void)
{
printf(
strcpy((char *)info->comment, s);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
comment_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
return 1;
}
-/* Final check; must have specified --comment. */
static void comment_check(unsigned int flags)
{
if (!flags)
"COMMENT match: You must specify `--comment'");
}
-/* Prints out the matchinfo. */
static void
comment_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
#include <linux/netfilter/nf_conntrack_common.h>
#include <linux/netfilter/xt_connbytes.h>
-/* Function which prints out usage message. */
static void connbytes_help(void)
{
printf(
(unsigned long long)si->count.to);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
connbytes_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
}
}
-/* Prints out the matchinfo. */
static void
connbytes_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_direction(sinfo);
}
-/* Saves the matchinfo in parsable form to stdout. */
static void connbytes_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_connbytes_info *sinfo = (struct xt_connbytes_info *)match->data;
return false;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
connmark_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
"connmark: The --mark option is required");
}
-/* Prints out the matchinfo. */
static void
connmark_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_mark(info->mark, info->mask);
}
-/* Saves the matchinfo in parsable form to stdout. */
static void connmark_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_connmark_info *info = (struct xt_connmark_info *)match->data;
#include <linux/netfilter/nf_conntrack_common.h>
#include <arpa/inet.h>
-/* Function which prints out usage message. */
static void conntrack_mt_help(void)
{
printf(
info->expires_max = max;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
}
}
-/* Saves the matchinfo in parsable form to stdout. */
static void
matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, const char *optpfx)
{
}
}
-/* Prints out the matchinfo. */
static void conntrack_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
conntrack_dump((const void *)match->data, "", AF_INET6, numeric);
}
-/* Saves the matchinfo in parsable form to stdout. */
static void conntrack_save(const void *ip, const struct xt_entry_match *match)
{
matchinfo_print(ip, match, 1, "--");
#define DEBUGP(format, fist...)
#endif
-/* Initialize the match. */
static void dccp_init(struct xt_entry_match *m)
{
struct xt_dccp_info *einfo = (struct xt_dccp_info *)m->data;
printf("option=%s%u ", invert ? "!" : "", option);
}
-/* Prints out the matchinfo. */
static void
dccp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
}
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void dccp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_dccp_info *einfo =
xtables_register_match(&dccp_match);
xtables_register_match(&dccp_match6);
}
-
printf("0x%02x ", dscp);
}
-/* Prints out the matchinfo. */
static void
dscp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_dscp(dinfo->dscp, dinfo->invert, numeric);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void dscp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_dscp_info *dinfo =
#include <xtables.h>
#include <linux/netfilter/xt_esp.h>
-/* Function which prints out usage message. */
static void esp_help(void)
{
printf(
free(buffer);
}
-/* Initialize the match. */
static void esp_init(struct xt_entry_match *m)
{
struct xt_esp *espinfo = (struct xt_esp *)m->data;
#define ESP_SPI 0x01
-/* Function which parses command options; returns true if it
- ate an option */
static int
esp_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
}
}
-/* Prints out the union ipt_matchinfo. */
static void
esp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
esp->invflags & ~XT_ESP_INV_MASK);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void esp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_esp *espinfo = (struct xt_esp *)match->data;
#define XT_HASHLIMIT_GCINTERVAL 1000
#define XT_HASHLIMIT_EXPIRE 10000
-/* Function which prints out usage message. */
static void hashlimit_help(void)
{
printf(
return 1;
}
-/* Initialize the match. */
static void hashlimit_init(struct xt_entry_match *m)
{
struct xt_hashlimit_info *r = (struct xt_hashlimit_info *)m->data;
PARAM_DSTMASK = 1 << 9,
};
-/* Function which parses command options; returns true if it
- ate an option */
static int
hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
flags, c, invert, 128);
}
-/* Final check; nothing. */
static void hashlimit_check(unsigned int flags)
{
if (!(flags & PARAM_LIMIT))
putchar(' ');
}
-/* Prints out the matchinfo. */
static void hashlimit_print(const void *ip,
const struct xt_entry_match *match, int numeric)
{
hashlimit_mt_print(info, 128);
}
-/* FIXME: Make minimalist: only print rate if not default --RR */
static void hashlimit_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_hashlimit_info *r =
#include <xtables.h>
#include <linux/netfilter/xt_helper.h>
-/* Function which prints out usage message. */
static void helper_help(void)
{
printf(
{ .name = NULL }
};
-/* Function which parses command options; returns true if it
- ate an option */
static int
helper_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
return 1;
}
-/* Final check; must have specified --helper. */
static void helper_check(unsigned int flags)
{
if (!flags)
"helper match: You must specify `--helper'");
}
-/* Prints out the info. */
static void
helper_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
}
-/* Saves the union ipt_info in parsable form to stdout. */
static void helper_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_helper_info *info = (struct xt_helper_info *)match->data;
#include <xtables.h>
#include <linux/netfilter/xt_length.h>
-/* Function which prints out usage message. */
static void length_help(void)
{
printf(
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
length_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
return 1;
}
-/* Final check; must have specified --length. */
static void length_check(unsigned int flags)
{
if (!flags)
"length: You must specify `--length'");
}
-/* Common match printing code. */
static void
print_length(struct xt_length_info *info)
{
printf("%u:%u ", info->min, info->max);
}
-/* Prints out the matchinfo. */
static void
length_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_length((struct xt_length_info *)match->data);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void length_save(const void *ip, const struct xt_entry_match *match)
{
printf("--length ");
#define XT_LIMIT_AVG "3/hour"
#define XT_LIMIT_BURST 5
-/* Function which prints out usage message. */
static void limit_help(void)
{
printf(
return 1;
}
-/* Initialize the match. */
static void limit_init(struct xt_entry_match *m)
{
struct xt_rateinfo *r = (struct xt_rateinfo *)m->data;
"Sorry: burst too large for that avg rate.\n");
*/
-/* Function which parses command options; returns true if it
- ate an option */
static int
limit_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name);
}
-/* Prints out the matchinfo. */
static void
limit_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
printf("burst %u ", r->burst);
}
-/* FIXME: Make minimalist: only print rate if not default --RR */
static void limit_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_rateinfo *r = (struct xt_rateinfo *)match->data;
#include <xtables.h>
#include <linux/netfilter/xt_mac.h>
-/* Function which prints out usage message. */
static void mac_help(void)
{
printf(
}
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
mac_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
printf(" ");
}
-/* Final check; must have specified --mac. */
static void mac_check(unsigned int flags)
{
if (!flags)
"You must specify `--mac-source'");
}
-/* Prints out the matchinfo. */
static void
mac_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_mac(info->srcaddr);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void mac_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_mac_info *info = (void *)match->data;
return false;
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
mark_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
print_mark(info->mark, info->mask);
}
-/* Prints out the matchinfo. */
static void
mark_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
print_mark(info->mark, info->mask);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void
mark_save(const void *ip, const struct xt_entry_match *match)
{
printf("\n");
}
-/* Function which prints out usage message. */
static void pkttype_help(void)
{
printf(
{ .name = NULL }
};
-/* print usage */
static void quota_help(void)
{
printf("quota match options:\n"
" --quota quota quota (bytes)\n");
}
-/* print matchinfo */
static void
quota_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
printf("quota: %llu bytes", (unsigned long long) q->quota);
}
-/* save matchinfo */
static void
quota_save(const void *ip, const struct xt_entry_match *match)
{
return 1;
}
-/* parse all options, returning true if we found any for us */
static int
quota_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
#include <linux/netfilter/xt_sctp.h>
/* Some ZS!#@:$%*#$! has replaced the ELEMCOUNT macro in ipt_sctp.h with
- * ARRAY_SIZE without noticing that this file is used from userserspace,
+ * ARRAY_SIZE without noticing that this file is used from userspace,
* and userspace doesn't have ARRAY_SIZE */
#ifndef ELEMCOUNT
static void
print_chunk(u_int32_t chunknum, int numeric);
-/* Initialize the match. */
static void sctp_init(struct xt_entry_match *m)
{
int i;
return;
}
-/* Prints out the matchinfo. */
static void
sctp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
}
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void sctp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_sctp_info *einfo =
xtables_register_match(&sctp_match);
xtables_register_match(&sctp_match6);
}
-
#include <getopt.h>
#include <xtables.h>
-/* Function which prints out usage message. */
static void standard_help(void)
{
printf(
"(If target is DROP, ACCEPT, RETURN or nothing)\n");
}
-/* Function which parses command options; returns true if it
- ate an option */
static int standard_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
#define XT_STATE_UNTRACKED (1 << (IP_CT_NUMBER + 1))
#endif
-/* Function which prints out usage message. */
static void
state_help(void)
{
exit_error(PARAMETER_PROBLEM, "Bad state `%s'", arg);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
state_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry,
return 1;
}
-/* Final check; must have specified --state. */
static void state_final_check(unsigned int flags)
{
if (!flags)
printf(" ");
}
-/* Prints out the matchinfo. */
static void
state_print(const void *ip,
const struct xt_entry_match *match,
state_print_state(sinfo->statemask);
}
-/* Saves the matchinfo in parsable form to stdout. */
static void state_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_state_info *sinfo = (struct xt_state_info *)match->data;
return 1;
}
-/* Final check; must have specified --mark. */
static void statistic_check(unsigned int flags)
{
if (!(flags & 0x1))
global_info->u.nth.packet;
}
-/* Prints out the matchinfo. */
static void print_match(const struct xt_statistic_info *info, char *prefix)
{
if (info->flags & XT_STATISTIC_INVERT)
print_match(info, "");
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void statistic_save(const void *ip, const struct xt_entry_match *match)
{
struct xt_statistic_info *info = (struct xt_statistic_info *)match->data;
#include <stddef.h>
#include <linux/netfilter/xt_string.h>
-/* Function which prints out usage message. */
static void string_help(void)
{
printf(
#define TO 0x8
#define ICASE 0x10
-/* Function which parses command options; returns true if it
- ate an option */
static int
string_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
return 1;
}
-
-/* Final check; must have specified --string. */
static void string_check(unsigned int flags)
{
if (!(flags & STRING))
printf("\" "); /* closing space and quote */
}
-/* Prints out the matchinfo. */
static void
string_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
printf("ICASE ");
}
-
-/* Saves the union ipt_matchinfo in parseable form to stdout. */
static void string_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_string_info *info =
#include <xtables.h>
#include <linux/netfilter/xt_tcpudp.h>
-/* Function which prints out usage message. */
static void tcp_help(void)
{
printf(
*result = (u_int8_t)ret;
}
-/* Initialize the match. */
static void tcp_init(struct xt_entry_match *m)
{
struct xt_tcp *tcpinfo = (struct xt_tcp *)m->data;
#define TCP_FLAGS 0x04
#define TCP_OPTION 0x08
-/* Function which parses command options; returns true if it
- ate an option. */
static int
tcp_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
}
}
-/* Prints out the union ipt_matchinfo. */
static void
tcp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
tcp->invflags & ~XT_TCP_INV_MASK);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void tcp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_tcp *tcpinfo = (struct xt_tcp *)match->data;
#include <xtables.h>
#include <linux/netfilter/xt_tcpmss.h>
-/* Function which prints out usage message. */
static void tcpmss_help(void)
{
printf(
free(buffer);
}
-/* Function which parses command options; returns true if it
- ate an option */
static int
tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
printf("%u:%u ", mss_min, mss_max);
}
-/* Final check; must have specified --mss. */
static void tcpmss_check(unsigned int flags)
{
if (!flags)
"tcpmss match: You must specify `--mss'");
}
-/* Prints out the matchinfo. */
static void
tcpmss_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
mssinfo->invert, numeric);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void tcpmss_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_tcpmss_match_info *mssinfo =
return number;
}
-/* Function which parses command options; returns true if it ate an option */
static int u32_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
#include <xtables.h>
#include <linux/netfilter/xt_tcpudp.h>
-/* Function which prints out usage message. */
static void udp_help(void)
{
printf(
free(buffer);
}
-/* Initialize the match. */
static void udp_init(struct xt_entry_match *m)
{
struct xt_udp *udpinfo = (struct xt_udp *)m->data;
#define UDP_SRC_PORTS 0x01
#define UDP_DST_PORTS 0x02
-/* Function which parses command options; returns true if it
- ate an option */
static int
udp_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
}
}
-/* Prints out the union ipt_matchinfo. */
static void
udp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
udp->invflags & ~XT_UDP_INV_MASK);
}
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
static void udp_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_udp *udpinfo = (struct xt_udp *)match->data;
projects / thirdparty / iptables.git / commitdiff
