struct option *opts;
void (*exit_err)(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3)));
int (*compat_rev)(const char *name, uint8_t rev, int opt);
+ size_t target_maxnamelen;
};
#define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false}
.orig_opts = original_opts,
.exit_err = ip6tables_exit_error,
.compat_rev = xtables_compatible_revision,
+ .target_maxnamelen = XT_EXTENSION_MAXNAMELEN,
};
/* Table of legal combinations of commands and options. If any of the
"Invalid chain name `%s'", chainname);
}
-static const char *
-parse_target(const char *targetname)
-{
- const char *ptr;
-
- if (strlen(targetname) < 1)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name (too short)");
-
- if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s' (%u chars max)",
- targetname, XT_EXTENSION_MAXNAMELEN - 1);
-
- for (ptr = targetname; *ptr; ptr++)
- if (isspace(*ptr))
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s'", targetname);
- return targetname;
-}
-
static void
set_option(unsigned int *options, unsigned int option, uint8_t *invflg,
int invert)
return e;
}
-static void command_jump(struct iptables_command_state *cs)
-{
- size_t size;
-
- set_option(&cs->options, OPT_JUMP, &cs->fw6.ipv6.invflags, cs->invert);
- cs->jumpto = parse_target(optarg);
- /* TRY_LOAD (may be chain name) */
- cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
-
- if (cs->target == NULL)
- return;
-
- size = XT_ALIGN(sizeof(struct xt_entry_target)) + cs->target->size;
-
- cs->target->t = xtables_calloc(1, size);
- cs->target->t->u.target_size = size;
- if (cs->target->real_name == NULL) {
- strcpy(cs->target->t->u.user.name, cs->jumpto);
- } else {
- strcpy(cs->target->t->u.user.name, cs->target->real_name);
- if (!(cs->target->ext_flags & XTABLES_EXT_ALIAS))
- fprintf(stderr, "Notice: The %s target is converted into %s target "
- "in rule listing and saving.\n",
- cs->jumpto, cs->target->real_name);
- }
- cs->target->t->u.user.revision = cs->target->revision;
-
- xs_init_target(cs->target);
- if (cs->target->x6_options != NULL)
- opts = xtables_options_xfrm(ip6tables_globals.orig_opts, opts,
- cs->target->x6_options,
- &cs->target->option_offset);
- else
- opts = xtables_merge_options(ip6tables_globals.orig_opts, opts,
- cs->target->extra_opts,
- &cs->target->option_offset);
- if (opts == NULL)
- xtables_error(OTHER_PROBLEM, "can't alloc memory!");
-}
-
int do_command6(int argc, char *argv[], char **table,
struct xtc_handle **handle, bool restore)
{
set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
cs.invert);
cs.fw6.ipv6.flags |= IP6T_F_GOTO;
- cs.jumpto = parse_target(optarg);
+ cs.jumpto = xt_parse_target(optarg);
break;
#endif
case 'j':
+ set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
+ cs.invert);
command_jump(&cs);
break;
.orig_opts = original_opts,
.exit_err = iptables_exit_error,
.compat_rev = xtables_compatible_revision,
+ .target_maxnamelen = XT_EXTENSION_MAXNAMELEN,
};
/* Table of legal combinations of commands and options. If any of the
"Invalid chain name `%s'", chainname);
}
-static const char *
-parse_target(const char *targetname)
-{
- const char *ptr;
-
- if (strlen(targetname) < 1)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name (too short)");
-
- if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s' (%u chars max)",
- targetname, XT_EXTENSION_MAXNAMELEN - 1);
-
- for (ptr = targetname; *ptr; ptr++)
- if (isspace(*ptr))
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s'", targetname);
- return targetname;
-}
-
static void
set_option(unsigned int *options, unsigned int option, uint8_t *invflg,
int invert)
return e;
}
-static void command_jump(struct iptables_command_state *cs)
-{
- size_t size;
-
- set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags, cs->invert);
- cs->jumpto = parse_target(optarg);
- /* TRY_LOAD (may be chain name) */
- cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
-
- if (cs->target == NULL)
- return;
-
- size = XT_ALIGN(sizeof(struct xt_entry_target))
- + cs->target->size;
-
- cs->target->t = xtables_calloc(1, size);
- cs->target->t->u.target_size = size;
- if (cs->target->real_name == NULL) {
- strcpy(cs->target->t->u.user.name, cs->jumpto);
- } else {
- /* Alias support for userspace side */
- strcpy(cs->target->t->u.user.name, cs->target->real_name);
- if (!(cs->target->ext_flags & XTABLES_EXT_ALIAS))
- fprintf(stderr, "Notice: The %s target is converted into %s target "
- "in rule listing and saving.\n",
- cs->jumpto, cs->target->real_name);
- }
- cs->target->t->u.user.revision = cs->target->revision;
-
- xs_init_target(cs->target);
-
- if (cs->target->x6_options != NULL)
- opts = xtables_options_xfrm(iptables_globals.orig_opts, opts,
- cs->target->x6_options,
- &cs->target->option_offset);
- else
- opts = xtables_merge_options(iptables_globals.orig_opts, opts,
- cs->target->extra_opts,
- &cs->target->option_offset);
- if (opts == NULL)
- xtables_error(OTHER_PROBLEM, "can't alloc memory!");
-}
-
int do_command4(int argc, char *argv[], char **table,
struct xtc_handle **handle, bool restore)
{
set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
cs.invert);
cs.fw.ip.flags |= IPT_F_GOTO;
- cs.jumpto = parse_target(optarg);
+ cs.jumpto = xt_parse_target(optarg);
break;
#endif
case 'j':
+ set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
+ cs.invert);
command_jump(&cs);
break;
#include <config.h>
+#include <ctype.h>
#include <getopt.h>
#include <errno.h>
#include <libgen.h>
xtables_error(OTHER_PROBLEM, "can't alloc memory!");
xt_params->opts = opts;
}
+
+const char *xt_parse_target(const char *targetname)
+{
+ const char *ptr;
+
+ if (strlen(targetname) < 1)
+ xtables_error(PARAMETER_PROBLEM,
+ "Invalid target name (too short)");
+
+ if (strlen(targetname) >= xt_params->target_maxnamelen)
+ xtables_error(PARAMETER_PROBLEM,
+ "Invalid target name `%s' (%zu chars max)",
+ targetname, xt_params->target_maxnamelen - 1);
+
+ for (ptr = targetname; *ptr; ptr++)
+ if (isspace(*ptr))
+ xtables_error(PARAMETER_PROBLEM,
+ "Invalid target name `%s'", targetname);
+ return targetname;
+}
+
+void command_jump(struct iptables_command_state *cs)
+{
+ struct option *opts = xt_params->opts;
+ size_t size;
+
+ cs->jumpto = xt_parse_target(optarg);
+ /* TRY_LOAD (may be chain name) */
+ cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
+
+ if (cs->target == NULL)
+ return;
+
+ size = XT_ALIGN(sizeof(struct xt_entry_target)) + cs->target->size;
+
+ cs->target->t = xtables_calloc(1, size);
+ cs->target->t->u.target_size = size;
+ if (cs->target->real_name == NULL) {
+ strcpy(cs->target->t->u.user.name, cs->jumpto);
+ } else {
+ /* Alias support for userspace side */
+ strcpy(cs->target->t->u.user.name, cs->target->real_name);
+ if (!(cs->target->ext_flags & XTABLES_EXT_ALIAS))
+ fprintf(stderr, "Notice: The %s target is converted into %s target "
+ "in rule listing and saving.\n",
+ cs->jumpto, cs->target->real_name);
+ }
+ cs->target->t->u.user.revision = cs->target->revision;
+ xs_init_target(cs->target);
+
+ if (cs->target->x6_options != NULL)
+ opts = xtables_options_xfrm(xt_params->orig_opts, opts,
+ cs->target->x6_options,
+ &cs->target->option_offset);
+ else
+ opts = xtables_merge_options(xt_params->orig_opts, opts,
+ cs->target->extra_opts,
+ &cs->target->option_offset);
+ if (opts == NULL)
+ xtables_error(OTHER_PROBLEM, "can't alloc memory!");
+ xt_params->opts = opts;
+}
unsigned int format);
void command_match(struct iptables_command_state *cs);
+const char *xt_parse_target(const char *targetname);
+void command_jump(struct iptables_command_state *cs);
#endif /* IPTABLES_XSHARED_H */
.orig_opts = original_opts,
.exit_err = xtables_exit_error,
.compat_rev = nft_compatible_revision,
+ .target_maxnamelen = sizeof(arpt_chainlabel),
};
/* Table of legal combinations of commands and options. If any of the
return rulenum;
}
-static const char *
-parse_target(const char *targetname)
-{
- const char *ptr;
-
- if (strlen(targetname) < 1)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name (too short)");
-
- if (strlen(targetname)+1 > sizeof(arpt_chainlabel))
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s' (%zu chars max)",
- targetname, sizeof(arpt_chainlabel)-1);
-
- for (ptr = targetname; *ptr; ptr++)
- if (isspace(*ptr))
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s'", targetname);
- return targetname;
-}
-
static void
set_option(unsigned int *options, unsigned int option, u_int16_t *invflg,
int invert)
return nft_rule_list(h, chain, table, rulenum, format);
}
-static struct xtables_target *command_jump(struct arpt_entry *fw,
- const char *jumpto)
-{
- struct xtables_target *target;
- size_t size;
-
- /* XTF_TRY_LOAD (may be chain name) */
- target = xtables_find_target(jumpto, XTF_TRY_LOAD);
-
- if (!target)
- return NULL;
-
- size = XT_ALIGN(sizeof(struct xt_entry_target))
- + target->size;
-
- target->t = xtables_calloc(1, size);
- target->t->u.target_size = size;
- strncpy(target->t->u.user.name, jumpto, sizeof(target->t->u.user.name) - 1);
- target->t->u.user.name[sizeof(target->t->u.user.name)-1] = '\0';
- target->t->u.user.revision = target->revision;
-
- xs_init_target(target);
-
- if (target->x6_options != NULL)
- opts = xtables_options_xfrm(arptables_globals.orig_opts,
- opts, target->x6_options,
- &target->option_offset);
- else
- opts = xtables_merge_options(arptables_globals.orig_opts,
- opts, target->extra_opts,
- &target->option_offset);
-
- return target;
-}
-
static int
append_entry(struct nft_handle *h,
const char *chain,
case 'j':
set_option(&options, OPT_JUMP, &cs.arp.arp.invflags,
invert);
- cs.jumpto = parse_target(optarg);
- cs.target = command_jump(&cs.arp, cs.jumpto);
+ command_jump(&cs);
break;
case 'i':
.orig_opts = original_opts,
.exit_err = xtables_exit_error,
.compat_rev = nft_compatible_revision,
+ .target_maxnamelen = XT_EXTENSION_MAXNAMELEN,
};
/* Table of legal combinations of commands and options. If any of the
return rulenum;
}
-static const char *
-parse_target(const char *targetname)
-{
- const char *ptr;
-
- if (strlen(targetname) < 1)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name (too short)");
-
- if (strlen(targetname) >= XT_EXTENSION_MAXNAMELEN)
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s' (%u chars max)",
- targetname, XT_EXTENSION_MAXNAMELEN - 1);
-
- for (ptr = targetname; *ptr; ptr++)
- if (isspace(*ptr))
- xtables_error(PARAMETER_PROBLEM,
- "Invalid target name `%s'", targetname);
- return targetname;
-}
-
static void
set_option(unsigned int *options, unsigned int option, uint8_t *invflg,
int invert)
return nft_rule_list_save(h, chain, table, rulenum, counters);
}
-static void command_jump(struct iptables_command_state *cs)
-{
- size_t size;
-
- set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags, cs->invert);
- cs->jumpto = parse_target(optarg);
- /* TRY_LOAD (may be chain name) */
- cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
-
- if (cs->target == NULL)
- return;
-
- size = XT_ALIGN(sizeof(struct xt_entry_target))
- + cs->target->size;
-
- cs->target->t = xtables_calloc(1, size);
- cs->target->t->u.target_size = size;
- if (cs->target->real_name == NULL) {
- strcpy(cs->target->t->u.user.name, cs->jumpto);
- } else {
- /* Alias support for userspace side */
- strcpy(cs->target->t->u.user.name, cs->target->real_name);
- if (!(cs->target->ext_flags & XTABLES_EXT_ALIAS))
- fprintf(stderr, "Notice: The %s target is converted into %s target "
- "in rule listing and saving.\n",
- cs->jumpto, cs->target->real_name);
- }
- cs->target->t->u.user.revision = cs->target->revision;
- xs_init_target(cs->target);
-
- if (cs->target->x6_options != NULL)
- opts = xtables_options_xfrm(xtables_globals.orig_opts, opts,
- cs->target->x6_options,
- &cs->target->option_offset);
- else
- opts = xtables_merge_options(xtables_globals.orig_opts, opts,
- cs->target->extra_opts,
- &cs->target->option_offset);
- if (opts == NULL)
- xtables_error(OTHER_PROBLEM, "can't alloc memory!");
-}
-
void do_parse(struct nft_handle *h, int argc, char *argv[],
struct nft_xt_cmd_parse *p, struct iptables_command_state *cs,
struct xtables_args *args)
set_option(&cs->options, OPT_JUMP, &args->invflags,
cs->invert);
args->goto_set = true;
- cs->jumpto = parse_target(optarg);
+ cs->jumpto = xt_parse_target(optarg);
break;
#endif
case 'j':
+ set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags,
+ cs->invert);
command_jump(cs);
break;
projects / thirdparty / iptables.git / commitdiff
