extensions/libipt_comment.c - platform/external/iptables - Gitiles

 /* Shared library add-on to iptables to add comment match support.
  *
  * ChangeLog
  *     2003-05-13: Brad Fisher <brad@info-link.net>
  *         Initial comment match
  *     2004-05-12: Brad Fisher <brad@info-link.net>
  *         Port to patch-o-matic-ng
  */
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <getopt.h>

 #include <iptables.h>
 #include <linux/netfilter_ipv4/ipt_comment.h>

 /* Function which prints out usage message. */
 static void
 help(void)
 {
 	printf(
 		"COMMENT match options:\n"
 		"--comment COMMENT             Attach a comment to a rule\n\n"
 		);
 }

 static struct option opts[] = {
 	{ "comment", 1, 0, '1' },
 	{0}
 };

 static void
 parse_comment(const char *s, struct ipt_comment_info *info)
 {
 	int slen = strlen(s);

 	if (slen >= IPT_MAX_COMMENT_LEN) {
 		exit_error(PARAMETER_PROBLEM,
 			"COMMENT must be shorter than %i characters", IPT_MAX_COMMENT_LEN);
 	}
 	strcpy((char *)info->comment, s);
 }

 /* Function which parses command options; returns true if it
    ate an option */
 static int
 parse(int c, char **argv, int invert, unsigned int *flags,
       const struct ipt_entry *entry,
       unsigned int *nfcache,
       struct ipt_entry_match **match)
 {
 	struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)(*match)->data;

 	switch (c) {
 	case '1':
 		check_inverse(argv[optind-1], &invert, &optind, 0);
 		if (invert) {
 			exit_error(PARAMETER_PROBLEM,
 					"Sorry, you can't have an inverted comment");
 		}
 		parse_comment(argv[optind-1], commentinfo);
 		*flags = 1;
 		break;

 	default:
 		return 0;
 	}
 	return 1;
 }

 /* Final check; must have specified --comment. */
 static void
 final_check(unsigned int flags)
 {
 	if (!flags)
 		exit_error(PARAMETER_PROBLEM,
 			   "COMMENT match: You must specify `--comment'");
 }

 /* Prints out the matchinfo. */
 static void
 print(const struct ipt_ip *ip,
       const struct ipt_entry_match *match,
       int numeric)
 {
 	struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)match->data;

 	commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0';
 	printf("/* %s */ ", commentinfo->comment);
 }

 /* Saves the union ipt_matchinfo in parsable form to stdout. */
 static void
 save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 {
 	struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)match->data;

 	commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0';
 	printf("--comment \"%s\" ", commentinfo->comment);
 }

 static struct iptables_match comment = {
     .next 		= NULL,
     .name 		= "comment",
     .version 		= IPTABLES_VERSION,
     .size 		= IPT_ALIGN(sizeof(struct ipt_comment_info)),
     .userspacesize	= IPT_ALIGN(sizeof(struct ipt_comment_info)),
     .help		= &help,
     .parse 		= &parse,
     .final_check 	= &final_check,
     .print 		= &print,
     .save 		= &save,
     .extra_opts		= opts
 };

 void _init(void)
 {
 	register_match(&comment);
 }
	/* Shared library add-on to iptables to add comment match support.
	*
	* ChangeLog
	* 2003-05-13: Brad Fisher <brad@info-link.net>
	* Initial comment match
	* 2004-05-12: Brad Fisher <brad@info-link.net>
	* Port to patch-o-matic-ng
	*/
	#include <stdio.h>
	#include <string.h>
	#include <stdlib.h>
	#include <getopt.h>

	#include <iptables.h>
	#include <linux/netfilter_ipv4/ipt_comment.h>

	/* Function which prints out usage message. */
	static void
	help(void)
	{
	printf(
	"COMMENT match options:\n"
	"--comment COMMENT Attach a comment to a rule\n\n"
	);
	}

	static struct option opts[] = {
	{ "comment", 1, 0, '1' },
	{0}
	};

	static void
	parse_comment(const char s, struct ipt_comment_info info)
	{
	int slen = strlen(s);

	if (slen >= IPT_MAX_COMMENT_LEN) {
	exit_error(PARAMETER_PROBLEM,
	"COMMENT must be shorter than %i characters", IPT_MAX_COMMENT_LEN);
	}
	strcpy((char *)info->comment, s);
	}

	/* Function which parses command options; returns true if it
	ate an option */
	static int
	parse(int c, char *argv, int invert, unsigned int flags,
	const struct ipt_entry *entry,
	unsigned int *nfcache,
	struct ipt_entry_match **match)
	{
	struct ipt_comment_info commentinfo = (struct ipt_comment_info )(*match)->data;

	switch (c) {
	case '1':
	check_inverse(argv[optind-1], &invert, &optind, 0);
	if (invert) {
	exit_error(PARAMETER_PROBLEM,
	"Sorry, you can't have an inverted comment");
	}
	parse_comment(argv[optind-1], commentinfo);
	*flags = 1;
	break;

	default:
	return 0;
	}
	return 1;
	}

	/* Final check; must have specified --comment. */
	static void
	final_check(unsigned int flags)
	{
	if (!flags)
	exit_error(PARAMETER_PROBLEM,
	"COMMENT match: You must specify `--comment'");
	}

	/* Prints out the matchinfo. */
	static void
	print(const struct ipt_ip *ip,
	const struct ipt_entry_match *match,
	int numeric)
	{
	struct ipt_comment_info commentinfo = (struct ipt_comment_info )match->data;

	commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0';
	printf("/* %s */ ", commentinfo->comment);
	}

	/* Saves the union ipt_matchinfo in parsable form to stdout. */
	static void
	save(const struct ipt_ip ip, const struct ipt_entry_match match)
	{
	struct ipt_comment_info commentinfo = (struct ipt_comment_info )match->data;

	commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0';
	printf("--comment \"%s\" ", commentinfo->comment);
	}

	static struct iptables_match comment = {
	.next = NULL,
	.name = "comment",
	.version = IPTABLES_VERSION,
	.size = IPT_ALIGN(sizeof(struct ipt_comment_info)),
	.userspacesize = IPT_ALIGN(sizeof(struct ipt_comment_info)),
	.help = &help,
	.parse = &parse,
	.final_check = &final_check,
	.print = &print,
	.save = &save,
	.extra_opts = opts
	};

	void _init(void)
	{
	register_match(&comment);
	}