Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 1e01b0b82f70b0b11dcfbced485dbe7aeac4fb8c / . / extensions / libipt_set.h
blob: 3e70d7be98dcea5fd4bba8cce24e9b8f64c2d3be [file] [log] [blame]
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]1#ifndef _LIBIPT_SET_H
2#define _LIBIPT_SET_H
3
4#include <sys/types.h>
5#include <sys/socket.h>
6#include <errno.h>
7
8#ifdef DEBUG
9#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
10#else
11#define DEBUGP(x, args...)
12#endif
13
14static void
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]15parse_bindings(const char *opt_arg, struct ipt_set_info *info)
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]16{
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]17 char *saved = strdup(opt_arg);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]18 char *ptr, *tmp = saved;
19 int i = 0;
20
21 while (i < (IP_SET_MAX_BINDINGS - 1) && tmp != NULL) {
22 ptr = strsep(&tmp, ",");
23 if (strncmp(ptr, "src", 3) == 0)
24 info->flags[i++] |= IPSET_SRC;
25 else if (strncmp(ptr, "dst", 3) == 0)
26 info->flags[i++] |= IPSET_DST;
27 else
28 exit_error(PARAMETER_PROBLEM,
29 "You must spefify (the comma separated list of) 'src' or 'dst'.");
30 }
31
32 if (tmp)
33 exit_error(PARAMETER_PROBLEM,
34 "Can't follow bindings deeper than %i.",
35 IP_SET_MAX_BINDINGS - 1);
36
37 free(saved);
38}
39
Joszef Kadlecsik45ce2942006-06-23 10:01:08 +0000[diff] [blame]40static int get_set_getsockopt(void *data, socklen_t * size)
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]41{
42 int sockfd = -1;
43 sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
44 if (sockfd < 0)
45 exit_error(OTHER_PROBLEM,
46 "Can't open socket to ipset.\n");
47 /* Send! */
48 return getsockopt(sockfd, SOL_IP, SO_IP_SET, data, size);
49}
50
51static void get_set_byname(const char *setname, struct ipt_set_info *info)
52{
53 struct ip_set_req_get_set req;
Joszef Kadlecsik45ce2942006-06-23 10:01:08 +0000[diff] [blame]54 socklen_t size = sizeof(struct ip_set_req_get_set);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]55 int res;
56
57 req.op = IP_SET_OP_GET_BYNAME;
58 req.version = IP_SET_PROTOCOL_VERSION;
59 strncpy(req.set.name, setname, IP_SET_MAXNAMELEN);
60 req.set.name[IP_SET_MAXNAMELEN - 1] = '\0';
61 res = get_set_getsockopt(&req, &size);
62 if (res != 0)
63 exit_error(OTHER_PROBLEM,
64 "Problem when communicating with ipset, errno=%d.\n",
65 errno);
66 if (size != sizeof(struct ip_set_req_get_set))
67 exit_error(OTHER_PROBLEM,
68 "Incorrect return size from kernel during ipset lookup, "
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]69 "(want %zu, got %zu)\n",
70 sizeof(struct ip_set_req_get_set), (size_t)size);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]71 if (req.set.index == IP_SET_INVALID_ID)
72 exit_error(PARAMETER_PROBLEM,
73 "Set %s doesn't exist.\n", setname);
74
75 info->index = req.set.index;
76}
77
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]78static void get_set_byid(char * setname, ip_set_id_t idx)
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]79{
80 struct ip_set_req_get_set req;
Joszef Kadlecsik45ce2942006-06-23 10:01:08 +0000[diff] [blame]81 socklen_t size = sizeof(struct ip_set_req_get_set);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]82 int res;
83
84 req.op = IP_SET_OP_GET_BYINDEX;
85 req.version = IP_SET_PROTOCOL_VERSION;
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]86 req.set.index = idx;
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]87 res = get_set_getsockopt(&req, &size);
88 if (res != 0)
89 exit_error(OTHER_PROBLEM,
90 "Problem when communicating with ipset, errno=%d.\n",
91 errno);
92 if (size != sizeof(struct ip_set_req_get_set))
93 exit_error(OTHER_PROBLEM,
94 "Incorrect return size from kernel during ipset lookup, "
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]95 "(want %zu, got %zu)\n",
96 sizeof(struct ip_set_req_get_set), (size_t)size);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]97 if (req.set.name[0] == '\0')
98 exit_error(PARAMETER_PROBLEM,
Jan Engelhardtcbf07002008-04-14 16:03:52 +0200[diff] [blame]99 "Set id %i in kernel doesn't exist.\n", idx);
Joszef Kadlecsikb9a49382004-12-01 09:11:33 +0000[diff] [blame]100
101 strncpy(setname, req.set.name, IP_SET_MAXNAMELEN);
102}
103
104#endif /*_LIBIPT_SET_H*/