);
}
+static void ct_help_v1(void)
+{
+ printf(
+"CT target options:\n"
+" --notrack Don't track connection\n"
+" --helper name Use conntrack helper 'name' for connection\n"
+" --timeout name Use timeout policy 'name' for connection\n"
+" --ctevents event[,event...] Generate specified conntrack events for connection\n"
+" --expevents event[,event...] Generate specified expectation events for connection\n"
+" --zone ID Assign/Lookup connection in zone ID\n"
+ );
+}
+
enum {
O_NOTRACK = 0,
O_HELPER,
+ O_TIMEOUT,
O_CTEVENTS,
O_EXPEVENTS,
O_ZONE,
};
#undef s
+#define s struct xt_ct_target_info_v1
+static const struct xt_option_entry ct_opts_v1[] = {
+ {.name = "notrack", .id = O_NOTRACK, .type = XTTYPE_NONE},
+ {.name = "helper", .id = O_HELPER, .type = XTTYPE_STRING,
+ .flags = XTOPT_PUT, XTOPT_POINTER(s, helper)},
+ {.name = "timeout", .id = O_TIMEOUT, .type = XTTYPE_STRING,
+ .flags = XTOPT_PUT, XTOPT_POINTER(s, timeout)},
+ {.name = "ctevents", .id = O_CTEVENTS, .type = XTTYPE_STRING},
+ {.name = "expevents", .id = O_EXPEVENTS, .type = XTTYPE_STRING},
+ {.name = "zone", .id = O_ZONE, .type = XTTYPE_UINT16,
+ .flags = XTOPT_PUT, XTOPT_POINTER(s, zone)},
+ XTOPT_TABLEEND,
+};
+#undef s
+
struct event_tbl {
const char *name;
unsigned int event;
}
}
+static void ct_parse_v1(struct xt_option_call *cb)
+{
+ struct xt_ct_target_info_v1 *info = cb->data;
+
+ xtables_option_parse(cb);
+ switch (cb->entry->id) {
+ case O_NOTRACK:
+ info->flags |= XT_CT_NOTRACK;
+ break;
+ case O_CTEVENTS:
+ info->ct_events = ct_parse_events(ct_event_tbl,
+ ARRAY_SIZE(ct_event_tbl),
+ cb->arg);
+ break;
+ case O_EXPEVENTS:
+ info->exp_events = ct_parse_events(exp_event_tbl,
+ ARRAY_SIZE(exp_event_tbl),
+ cb->arg);
+ break;
+ }
+}
+
static void ct_print(const void *ip, const struct xt_entry_target *target, int numeric)
{
const struct xt_ct_target_info *info =
printf("zone %u ", info->zone);
}
+static void
+ct_print_v1(const void *ip, const struct xt_entry_target *target, int numeric)
+{
+ const struct xt_ct_target_info_v1 *info =
+ (const struct xt_ct_target_info_v1 *)target->data;
+
+ printf(" CT");
+ if (info->flags & XT_CT_NOTRACK)
+ printf(" notrack");
+ if (info->helper[0])
+ printf(" helper %s", info->helper);
+ if (info->timeout[0])
+ printf(" timeout %s", info->timeout);
+ if (info->ct_events)
+ ct_print_events("ctevents", ct_event_tbl,
+ ARRAY_SIZE(ct_event_tbl), info->ct_events);
+ if (info->exp_events)
+ ct_print_events("expevents", exp_event_tbl,
+ ARRAY_SIZE(exp_event_tbl), info->exp_events);
+ if (info->zone)
+ printf("zone %u ", info->zone);
+}
+
static void ct_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_ct_target_info *info =
printf(" --zone %u", info->zone);
}
-static struct xtables_target ct_target = {
- .family = NFPROTO_UNSPEC,
- .name = "CT",
- .version = XTABLES_VERSION,
- .size = XT_ALIGN(sizeof(struct xt_ct_target_info)),
- .userspacesize = offsetof(struct xt_ct_target_info, ct),
- .help = ct_help,
- .print = ct_print,
- .save = ct_save,
- .x6_parse = ct_parse,
- .x6_options = ct_opts,
+static void ct_save_v1(const void *ip, const struct xt_entry_target *target)
+{
+ const struct xt_ct_target_info_v1 *info =
+ (const struct xt_ct_target_info_v1 *)target->data;
+
+ if (info->flags & XT_CT_NOTRACK)
+ printf(" --notrack");
+ if (info->helper[0])
+ printf(" --helper %s", info->helper);
+ if (info->timeout[0])
+ printf(" --timeout %s", info->timeout);
+ if (info->ct_events)
+ ct_print_events("--ctevents", ct_event_tbl,
+ ARRAY_SIZE(ct_event_tbl), info->ct_events);
+ if (info->exp_events)
+ ct_print_events("--expevents", exp_event_tbl,
+ ARRAY_SIZE(exp_event_tbl), info->exp_events);
+ if (info->zone)
+ printf(" --zone %u", info->zone);
+}
+
+static struct xtables_target ct_target_reg[] = {
+ {
+ .family = NFPROTO_UNSPEC,
+ .name = "CT",
+ .version = XTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_ct_target_info)),
+ .userspacesize = offsetof(struct xt_ct_target_info, ct),
+ .help = ct_help,
+ .print = ct_print,
+ .save = ct_save,
+ .x6_parse = ct_parse,
+ .x6_options = ct_opts,
+ },
+ {
+ .family = NFPROTO_UNSPEC,
+ .name = "CT",
+ .revision = 1,
+ .version = XTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_ct_target_info_v1)),
+ .userspacesize = offsetof(struct xt_ct_target_info_v1, ct),
+ .help = ct_help_v1,
+ .print = ct_print_v1,
+ .save = ct_save_v1,
+ .x6_parse = ct_parse_v1,
+ .x6_options = ct_opts_v1,
+ },
};
void _init(void)
{
- xtables_register_target(&ct_target);
+ xtables_register_targets(ct_target_reg, ARRAY_SIZE(ct_target_reg));
}
projects / thirdparty / iptables.git / commitdiff
