Blame - tc/m_ipt.c - platform/external/iproute2

blob: 098f610f9439ae89a0ea4fe8127310597f2ace27 [file] [log] [blame]

net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	1	/*
Stephen Hemminger	ae665a5	2006-12-05 10:10:22 -0800	[diff] [blame]	2	* m_ipt.c iptables based targets
Stephen Hemminger	3d0b743	2014-12-20 15:47:17 -0800	[diff] [blame]	3	* utilities mostly ripped from iptables <duh, its the linux way>
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	4	*
				5	* This program is free software; you can distribute it and/or
				6	* modify it under the terms of the GNU General Public License
				7	* as published by the Free Software Foundation; either version
				8	* 2 of the License, or (at your option) any later version.
				9	*
Stephen Hemminger	ae665a5	2006-12-05 10:10:22 -0800	[diff] [blame]	10	* Authors: J Hadi Salim (hadi@cyberus.ca)
Stephen Hemminger	de539ec	2007-03-06 13:03:19 -0800	[diff] [blame]	11	*/
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	12
				13	#include <syslog.h>
				14	#include <sys/socket.h>
				15	#include <netinet/in.h>
				16	#include <arpa/inet.h>
				17	#include <iptables.h>
Stephen Hemminger	ece02ea	2007-12-10 09:40:45 -0800	[diff] [blame]	18	#include <linux/netfilter.h>
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	19	#include <linux/netfilter_ipv4/ip_tables.h>
				20	#include "utils.h"
				21	#include "tc_util.h"
				22	#include <linux/tc_act/tc_ipt.h>
				23	#include <stdio.h>
				24	#include <dlfcn.h>
				25	#include <getopt.h>
				26	#include <errno.h>
				27	#include <string.h>
				28	#include <netdb.h>
				29	#include <stdlib.h>
				30	#include <ctype.h>
				31	#include <stdarg.h>
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	32	#include <unistd.h>
				33	#include <fcntl.h>
				34	#include <sys/wait.h>
				35
Mike Frysinger	95dd595	2007-03-05 17:50:49 -0800	[diff] [blame]	36	static const char *pname = "tc-ipt";
				37	static const char *tname = "mangle";
				38	static const char *pversion = "0.1";
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	39
				40	static const char *ipthooks[] = {
				41	"NF_IP_PRE_ROUTING",
				42	"NF_IP_LOCAL_IN",
				43	"NF_IP_FORWARD",
				44	"NF_IP_LOCAL_OUT",
				45	"NF_IP_POST_ROUTING",
				46	};
				47
				48	static struct option original_opts[] = {
				49	{"jump", 1, 0, 'j'},
				50	{0, 0, 0, 0}
				51	};
				52
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	53	static struct xtables_target *t_list;
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	54	static struct option *opts = original_opts;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	55	static unsigned int global_option_offset;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	56	#define OPTION_OFFSET 256
				57
Stephen Hemminger	de539ec	2007-03-06 13:03:19 -0800	[diff] [blame]	58	char *lib_dir;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	59
				60	void
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	61	xtables_register_target(struct xtables_target *me)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	62	{
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	63	me->next = t_list;
				64	t_list = me;
				65
				66	}
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	67
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	68	static void exit_tryhelp(int status)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	69	{
				70	fprintf(stderr, "Try `%s -h' or '%s --help' for more information.\n",
				71	pname, pname);
				72	exit(status);
				73	}
				74
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	75	static void exit_error(enum xtables_exittype status, char *msg, ...)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	76	{
				77	va_list args;
				78
				79	va_start(args, msg);
				80	fprintf(stderr, "%s v%s: ", pname, pversion);
				81	vfprintf(stderr, msg, args);
				82	va_end(args);
				83	fprintf(stderr, "\n");
				84	if (status == PARAMETER_PROBLEM)
				85	exit_tryhelp(status);
				86	if (status == VERSION_PROBLEM)
				87	fprintf(stderr,
				88	"Perhaps iptables or your kernel needs to be upgraded.\n");
				89	exit(status);
				90	}
				91
				92	/* stolen from iptables 1.2.11
				93	They should really have them as a library so i can link to them
				94	Email them next time i remember
				95	*/
				96
Denys Fedoryschenko	a589dcd	2009-02-07 08:49:32 -0500	[diff] [blame]	97	static void free_opts(struct option *local_opts)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	98	{
Denys Fedoryschenko	a589dcd	2009-02-07 08:49:32 -0500	[diff] [blame]	99	if (local_opts != original_opts) {
				100	free(local_opts);
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	101	opts = original_opts;
				102	global_option_offset = 0;
				103	}
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	104	}
				105
				106	static struct option *
				107	merge_options(struct option oldopts, const struct option newopts,
				108	unsigned int *option_offset)
				109	{
				110	struct option *merge;
				111	unsigned int num_old, num_new, i;
				112
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	113	for (num_old = 0; oldopts[num_old].name; num_old++);
				114	for (num_new = 0; newopts[num_new].name; num_new++);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	115
				116	*option_offset = global_option_offset + OPTION_OFFSET;
				117
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	118	merge = malloc(sizeof(struct option) * (num_new + num_old + 1));
				119	memcpy(merge, oldopts, num_old * sizeof(struct option));
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	120	for (i = 0; i < num_new; i++) {
				121	merge[num_old + i] = newopts[i];
				122	merge[num_old + i].val += *option_offset;
				123	}
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	124	memset(merge + num_old + num_new, 0, sizeof(struct option));
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	125
				126	return merge;
				127	}
				128
				129	static void *
				130	fw_calloc(size_t count, size_t size)
				131	{
				132	void *p;
				133
				134	if ((p = (void *) calloc(count, size)) == NULL) {
				135	perror("iptables: calloc failed");
				136	exit(1);
				137	}
				138	return p;
				139	}
				140
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	141	static struct xtables_target *
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	142	find_t(char *name)
				143	{
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	144	struct xtables_target *m;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	145
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	146	for (m = t_list; m; m = m->next) {
				147	if (strcmp(m->name, name) == 0)
				148	return m;
				149	}
				150
				151	return NULL;
				152	}
				153
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	154	static struct xtables_target *
Stephen Hemminger	de539ec	2007-03-06 13:03:19 -0800	[diff] [blame]	155	get_target_name(const char *name)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	156	{
				157	void *handle;
				158	char *error;
				159	char new_name, lname;
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	160	struct xtables_target *m;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	161	char path[strlen(lib_dir) + sizeof("/libipt_.so") + strlen(name)];
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	162
Mike Frysinger	f2e27cf	2009-11-06 06:09:22 -0500	[diff] [blame]	163	#ifdef NO_SHARED_LIBS
				164	return NULL;
				165	#endif
				166
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	167	new_name = malloc(strlen(name) + 1);
				168	lname = malloc(strlen(name) + 1);
				169	if (new_name)
				170	memset(new_name, '\0', strlen(name) + 1);
				171	else
				172	exit_error(PARAMETER_PROBLEM, "get_target_name");
				173
				174	if (lname)
				175	memset(lname, '\0', strlen(name) + 1);
				176	else
				177	exit_error(PARAMETER_PROBLEM, "get_target_name");
				178
				179	strcpy(new_name, name);
				180	strcpy(lname, name);
				181
				182	if (isupper(lname[0])) {
				183	int i;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	184
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	185	for (i = 0; i < strlen(name); i++) {
				186	lname[i] = tolower(lname[i]);
				187	}
				188	}
				189
				190	if (islower(new_name[0])) {
				191	int i;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	192
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	193	for (i = 0; i < strlen(new_name); i++) {
				194	new_name[i] = toupper(new_name[i]);
				195	}
				196	}
				197
Denys Fedoryshchenko	53c0178	2007-12-24 11:51:11 -0500	[diff] [blame]	198	/* try libxt_xx first */
				199	sprintf(path, "%s/libxt_%s.so", lib_dir, new_name);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	200	handle = dlopen(path, RTLD_LAZY);
				201	if (!handle) {
Denys Fedoryshchenko	53c0178	2007-12-24 11:51:11 -0500	[diff] [blame]	202	/* try libipt_xx next */
				203	sprintf(path, "%s/libipt_%s.so", lib_dir, new_name);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	204	handle = dlopen(path, RTLD_LAZY);
Denys Fedoryshchenko	53c0178	2007-12-24 11:51:11 -0500	[diff] [blame]	205
				206	if (!handle) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	207	sprintf(path, "%s/libxt_%s.so", lib_dir, lname);
Denys Fedoryshchenko	53c0178	2007-12-24 11:51:11 -0500	[diff] [blame]	208	handle = dlopen(path, RTLD_LAZY);
				209	}
				210
				211	if (!handle) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	212	sprintf(path, "%s/libipt_%s.so", lib_dir, lname);
Denys Fedoryshchenko	53c0178	2007-12-24 11:51:11 -0500	[diff] [blame]	213	handle = dlopen(path, RTLD_LAZY);
				214	}
				215	/* ok, lets give up .. */
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	216	if (!handle) {
				217	fputs(dlerror(), stderr);
				218	printf("\n");
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	219	free(new_name);
Thomas Jarosch	1a6543c	2011-10-03 05:23:30 +0000	[diff] [blame]	220	free(lname);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	221	return NULL;
				222	}
				223	}
				224
				225	m = dlsym(handle, new_name);
				226	if ((error = dlerror()) != NULL) {
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	227	m = (struct xtables_target *) dlsym(handle, lname);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	228	if ((error = dlerror()) != NULL) {
				229	m = find_t(new_name);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	230	if (m == NULL) {
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	231	m = find_t(lname);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	232	if (m == NULL) {
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	233	fputs(error, stderr);
				234	fprintf(stderr, "\n");
				235	dlclose(handle);
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	236	free(new_name);
Thomas Jarosch	1a6543c	2011-10-03 05:23:30 +0000	[diff] [blame]	237	free(lname);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	238	return NULL;
				239	}
				240	}
				241	}
				242	}
				243
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	244	free(new_name);
Thomas Jarosch	1a6543c	2011-10-03 05:23:30 +0000	[diff] [blame]	245	free(lname);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	246	return m;
				247	}
				248
net[shemminger]!shemminger	894b1c6	2005-03-30 18:19:55 +0000	[diff] [blame]	249	static void set_revision(char *name, u_int8_t revision)
				250	{
				251	/* Old kernel sources don't have ".revision" field,
				252	* but we stole a byte from name. */
				253	name[IPT_FUNCTION_MAXNAMELEN - 2] = '\0';
				254	name[IPT_FUNCTION_MAXNAMELEN - 1] = revision;
				255	}
				256
Stephen Hemminger	ae665a5	2006-12-05 10:10:22 -0800	[diff] [blame]	257	/*
net[shemminger]!shemminger	894b1c6	2005-03-30 18:19:55 +0000	[diff] [blame]	258	* we may need to check for version mismatch
				259	*/
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	260	static int build_st(struct xtables_target target, struct ipt_entry_target t)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	261	{
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	262	if (target) {
				263	size_t size;
				264
				265	size =
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	266	XT_ALIGN(sizeof(struct ipt_entry_target)) + target->size;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	267
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	268	if (t == NULL) {
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	269	target->t = fw_calloc(1, size);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	270	target->t->u.target_size = size;
net[shemminger]!shemminger	894b1c6	2005-03-30 18:19:55 +0000	[diff] [blame]	271
				272	if (target->init != NULL)
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	273	target->init(target->t);
net[shemminger]!shemminger	894b1c6	2005-03-30 18:19:55 +0000	[diff] [blame]	274	set_revision(target->t->u.user.name, target->revision);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	275	} else {
				276	target->t = t;
				277	}
				278	strcpy(target->t->u.user.name, target->name);
				279	return 0;
				280	}
				281
				282	return -1;
				283	}
				284
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	285	static int parse_ipt(struct action_util a, int argc_p,
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	286	char **argv_p, int tca_id, struct nlmsghdr n)
				287	{
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	288	struct xtables_target *m = NULL;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	289	struct ipt_entry fw;
				290	struct rtattr *tail;
				291	int c;
				292	int rargc = *argc_p;
				293	char *argv = argv_p;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	294	int argc = 0, iargc = 0;
				295	char k[16];
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	296	int size = 0;
				297	int iok = 0, ok = 0;
				298	__u32 hook = 0, index = 0;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	299
Stephen Hemminger	de539ec	2007-03-06 13:03:19 -0800	[diff] [blame]	300	lib_dir = getenv("IPTABLES_LIB_DIR");
				301	if (!lib_dir)
				302	lib_dir = IPT_LIB_DIR;
				303
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	304	{
				305	int i;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	306
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	307	for (i = 0; i < rargc; i++) {
				308	if (NULL == argv[i] \|\| 0 == strcmp(argv[i], "action")) {
				309	break;
				310	}
				311	}
				312	iargc = argc = i;
				313	}
				314
				315	if (argc <= 2) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	316	fprintf(stderr, "bad arguments to ipt %d vs %d\n", argc, rargc);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	317	return -1;
				318	}
				319
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	320	while (1) {
				321	c = getopt_long(argc, argv, "j:", opts, NULL);
				322	if (c == -1)
				323	break;
				324	switch (c) {
				325	case 'j':
				326	m = get_target_name(optarg);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	327	if (m != NULL) {
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	328
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	329	if (build_st(m, NULL) < 0) {
				330	printf(" %s error\n", m->name);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	331	return -1;
				332	}
				333	opts =
				334	merge_options(opts, m->extra_opts,
				335	&m->option_offset);
				336	} else {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	337	fprintf(stderr, " failed to find target %s\n\n", optarg);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	338	return -1;
				339	}
				340	ok++;
				341	break;
				342
				343	default:
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	344	memset(&fw, 0, sizeof(fw));
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	345	if (m) {
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	346	m->parse(c - m->option_offset, argv, 0,
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	347	&m->tflags, NULL, &m->t);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	348	} else {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	349	fprintf(stderr, " failed to find target %s\n\n", optarg);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	350	return -1;
				351
				352	}
				353	ok++;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	354	break;
				355
				356	}
				357	}
				358
				359	if (iargc > optind) {
				360	if (matches(argv[optind], "index") == 0) {
				361	if (get_u32(&index, argv[optind + 1], 10)) {
				362	fprintf(stderr, "Illegal \"index\"\n");
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	363	free_opts(opts);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	364	return -1;
				365	}
				366	iok++;
				367
				368	optind += 2;
				369	}
				370	}
				371
				372	if (!ok && !iok) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	373	fprintf(stderr, " ipt Parser BAD!! (%s)\n", *argv);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	374	return -1;
				375	}
				376
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	377	/* check that we passed the correct parameters to the target */
				378	if (m)
				379	m->final_check(m->tflags);
				380
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	381	{
				382	struct tcmsg *t = NLMSG_DATA(n);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	383
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	384	if (t->tcm_parent != TC_H_ROOT
				385	&& t->tcm_parent == TC_H_MAJ(TC_H_INGRESS)) {
				386	hook = NF_IP_PRE_ROUTING;
				387	} else {
				388	hook = NF_IP_POST_ROUTING;
				389	}
				390	}
				391
2!tgraf	fc78a8e	2005-01-18 01:24:18 +0000	[diff] [blame]	392	tail = NLMSG_TAIL(n);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	393	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
				394	fprintf(stdout, "tablename: %s hook: %s\n ", tname, ipthooks[hook]);
				395	fprintf(stdout, "\ttarget: ");
				396
				397	if (m)
				398	m->print(NULL, m->t, 0);
				399	fprintf(stdout, " index %d\n", index);
				400
				401	if (strlen(tname) > 16) {
				402	size = 16;
				403	k[15] = 0;
				404	} else {
				405	size = 1 + strlen(tname);
				406	}
				407	strncpy(k, tname, size);
				408
				409	addattr_l(n, MAX_MSG, TCA_IPT_TABLE, k, size);
				410	addattr_l(n, MAX_MSG, TCA_IPT_HOOK, &hook, 4);
				411	addattr_l(n, MAX_MSG, TCA_IPT_INDEX, &index, 4);
				412	if (m)
				413	addattr_l(n, MAX_MSG, TCA_IPT_TARG, m->t, m->t->u.target_size);
2!tgraf	fc78a8e	2005-01-18 01:24:18 +0000	[diff] [blame]	414	tail->rta_len = (void ) NLMSG_TAIL(n) - (void ) tail;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	415
				416	argc -= optind;
				417	argv += optind;
				418	*argc_p = rargc - iargc;
				419	*argv_p = argv;
Stephen Hemminger	ae665a5	2006-12-05 10:10:22 -0800	[diff] [blame]	420
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	421	optind = 0;
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	422	free_opts(opts);
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	423	/* Clear flags if target will be used again */
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	424	m->tflags = 0;
				425	m->used = 0;
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	426	/* Free allocated memory */
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	427	if (m->t)
				428	free(m->t);
Denys Fedoryshchenko	6e34e7d	2009-01-06 19:41:50 -0800	[diff] [blame]	429
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	430
				431	return 0;
				432
				433	}
				434
				435	static int
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	436	print_ipt(struct action_util au, FILE f, struct rtattr *arg)
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	437	{
				438	struct rtattr *tb[TCA_IPT_MAX + 1];
				439	struct ipt_entry_target *t = NULL;
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	440
				441	if (arg == NULL)
				442	return -1;
				443
Patrick McHardy	c6ab5b8	2007-06-20 01:37:53 +0200	[diff] [blame]	444	lib_dir = getenv("IPTABLES_LIB_DIR");
				445	if (!lib_dir)
				446	lib_dir = IPT_LIB_DIR;
				447
2!tgraf	7893400	2005-01-18 22:11:58 +0000	[diff] [blame]	448	parse_rtattr_nested(tb, TCA_IPT_MAX, arg);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	449
				450	if (tb[TCA_IPT_TABLE] == NULL) {
				451	fprintf(f, "[NULL ipt table name ] assuming mangle ");
				452	} else {
				453	fprintf(f, "tablename: %s ",
Stephen Hemminger	ff24746	2012-04-10 08:47:55 -0700	[diff] [blame]	454	rta_getattr_str(tb[TCA_IPT_TABLE]));
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	455	}
				456
				457	if (tb[TCA_IPT_HOOK] == NULL) {
				458	fprintf(f, "[NULL ipt hook name ]\n ");
				459	return -1;
				460	} else {
				461	__u32 hook;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	462
Stephen Hemminger	ff24746	2012-04-10 08:47:55 -0700	[diff] [blame]	463	hook = rta_getattr_u32(tb[TCA_IPT_HOOK]);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	464	fprintf(f, " hook: %s\n", ipthooks[hook]);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	465	}
				466
				467	if (tb[TCA_IPT_TARG] == NULL) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	468	fprintf(f, "\t[NULL ipt target parameters ]\n");
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	469	return -1;
				470	} else {
Alexander Aring	9b32f89	2016-05-29 20:27:13 +0200	[diff] [blame]	471	struct xtables_target *m = NULL;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	472
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	473	t = RTA_DATA(tb[TCA_IPT_TARG]);
				474	m = get_target_name(t->u.user.name);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	475	if (m != NULL) {
				476	if (build_st(m, t) < 0) {
				477	fprintf(stderr, " %s error\n", m->name);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	478	return -1;
				479	}
				480
				481	opts =
				482	merge_options(opts, m->extra_opts,
				483	&m->option_offset);
				484	} else {
				485	fprintf(stderr, " failed to find target %s\n\n",
				486	t->u.user.name);
				487	return -1;
				488	}
				489	fprintf(f, "\ttarget ");
				490	m->print(NULL, m->t, 0);
				491	if (tb[TCA_IPT_INDEX] == NULL) {
				492	fprintf(f, " [NULL ipt target index ]\n");
				493	} else {
				494	__u32 index;
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	495
Stephen Hemminger	ff24746	2012-04-10 08:47:55 -0700	[diff] [blame]	496	index = rta_getattr_u32(tb[TCA_IPT_INDEX]);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	497	fprintf(f, "\n\tindex %d", index);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	498	}
				499
				500	if (tb[TCA_IPT_CNT]) {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	501	struct tc_cnt *c = RTA_DATA(tb[TCA_IPT_CNT]);
				502
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	503	fprintf(f, " ref %d bind %d", c->refcnt, c->bindcnt);
				504	}
				505	if (show_stats) {
				506	if (tb[TCA_IPT_TM]) {
				507	struct tcf_t *tm = RTA_DATA(tb[TCA_IPT_TM]);
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	508
				509	print_tm(f, tm);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	510	}
Stephen Hemminger	ae665a5	2006-12-05 10:10:22 -0800	[diff] [blame]	511	}
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	512	fprintf(f, "\n");
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	513
				514	}
shemminger	6d4662d	2005-06-23 17:36:38 +0000	[diff] [blame]	515	free_opts(opts);
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	516
				517	return 0;
				518	}
				519
				520	struct action_util ipt_action_util = {
Stephen Hemminger	32a121c	2016-03-21 11:48:36 -0700	[diff] [blame]	521	.id = "ipt",
				522	.parse_aopt = parse_ipt,
				523	.print_aopt = print_ipt,
net[shemminger]!shemminger	1ffd7fd	2005-01-17 23:26:23 +0000	[diff] [blame]	524	};