Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 3365332f89bd0fa65cea60a38e46a20346ba9964 / . / include / xtables.h
blob: 72e6ae22f12ce20660be614086d38b27d039936d [file] [log] [blame]
Yasuyuki KOZAKAI52088062007-07-24 05:44:11 +0000[diff] [blame]1#ifndef _XTABLES_H
2#define _XTABLES_H
3
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]4#include <sys/types.h>
5#include <linux/netfilter/x_tables.h>
6#include <libiptc/libxtc.h>
7
Yasuyuki KOZAKAI5cd1ff52007-07-24 05:55:12 +0000[diff] [blame]8#ifndef XT_LIB_DIR
9#define XT_LIB_DIR "/usr/local/lib/iptables"
10#endif
11
12#ifndef IPPROTO_SCTP
13#define IPPROTO_SCTP 132
14#endif
15#ifndef IPPROTO_DCCP
16#define IPPROTO_DCCP 33
17#endif
18#ifndef IPPROTO_UDPLITE
19#define IPPROTO_UDPLITE 136
20#endif
21
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]22/* protocol family dependent informations */
23struct afinfo {
24 /* protocol family */
25 int family;
26
27 /* prefix of library name (ex "libipt_" */
28 char *libprefix;
29
30 /* used by setsockopt (ex IPPROTO_IP */
31 int ipproto;
32
33 /* kernel module (ex "ip_tables" */
34 char *kmod;
35
36 /* optname to check revision support of match */
37 int so_rev_match;
38
39 /* optname to check revision support of match */
40 int so_rev_target;
41};
42
43enum xt_tryload {
44 DONT_LOAD,
45 DURING_LOAD,
46 TRY_LOAD,
47 LOAD_MUST_SUCCEED
48};
49
50struct xtables_rule_match
51{
52 struct xtables_rule_match *next;
53 struct xtables_match *match;
54 /* Multiple matches of the same type: the ones before
55 the current one are completed from parsing point of view */
56 unsigned int completed;
57};
58
59/* Include file for additions: new matches and targets. */
60struct xtables_match
61{
62 struct xtables_match *next;
63
64 xt_chainlabel name;
65
66 /* Revision of match (0 by default). */
67 u_int8_t revision;
68
69 u_int16_t family;
70
71 const char *version;
72
73 /* Size of match data. */
74 size_t size;
75
76 /* Size of match data relevent for userspace comparison purposes */
77 size_t userspacesize;
78
79 /* Function which prints out usage message. */
80 void (*help)(void);
81
82 /* Initialize the match. */
83 void (*init)(struct xt_entry_match *m, unsigned int *nfcache);
84
85 /* Function which parses command options; returns true if it
86 ate an option */
87 /* entry is struct ipt_entry for example */
88 int (*parse)(int c, char **argv, int invert, unsigned int *flags,
89 const void *entry,
90 unsigned int *nfcache,
91 struct xt_entry_match **match);
92
93 /* Final check; exit if not ok. */
94 void (*final_check)(unsigned int flags);
95
96 /* Prints out the match iff non-NULL: put space at end */
97 /* ip is struct ipt_ip * for example */
98 void (*print)(const void *ip,
99 const struct xt_entry_match *match, int numeric);
100
101 /* Saves the match info in parsable form to stdout. */
102 /* ip is struct ipt_ip * for example */
103 void (*save)(const void *ip, const struct xt_entry_match *match);
104
105 /* Pointer to list of extra command-line options */
106 const struct option *extra_opts;
107
108 /* Ignore these men behind the curtain: */
109 unsigned int option_offset;
110 struct xt_entry_match *m;
111 unsigned int mflags;
112#ifdef NO_SHARED_LIBS
113 unsigned int loaded; /* simulate loading so options are merged properly */
114#endif
115};
116
117struct xtables_target
118{
119 struct xtables_target *next;
120
121 xt_chainlabel name;
122
123 /* Revision of target (0 by default). */
124 u_int8_t revision;
125
126 u_int16_t family;
127
128 const char *version;
129
130 /* Size of target data. */
131 size_t size;
132
133 /* Size of target data relevent for userspace comparison purposes */
134 size_t userspacesize;
135
136 /* Function which prints out usage message. */
137 void (*help)(void);
138
139 /* Initialize the target. */
140 void (*init)(struct xt_entry_target *t, unsigned int *nfcache);
141
142 /* Function which parses command options; returns true if it
143 ate an option */
144 /* entry is struct ipt_entry for example */
145 int (*parse)(int c, char **argv, int invert, unsigned int *flags,
146 const void *entry,
147 struct xt_entry_target **targetinfo);
148
149 /* Final check; exit if not ok. */
150 void (*final_check)(unsigned int flags);
151
152 /* Prints out the target iff non-NULL: put space at end */
153 void (*print)(const void *ip,
154 const struct xt_entry_target *target, int numeric);
155
156 /* Saves the targinfo in parsable form to stdout. */
157 void (*save)(const void *ip,
158 const struct xt_entry_target *target);
159
160 /* Pointer to list of extra command-line options */
Jan Engelhardt33653322007-07-30 13:20:43 +0000[diff] [blame^]161 const struct option *extra_opts;
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]162
163 /* Ignore these men behind the curtain: */
164 unsigned int option_offset;
165 struct xt_entry_target *t;
166 unsigned int tflags;
167 unsigned int used;
168#ifdef NO_SHARED_LIBS
169 unsigned int loaded; /* simulate loading so options are merged properly */
170#endif
171};
172
173extern char *lib_dir;
174
Yasuyuki KOZAKAI3dfa4482007-07-24 05:45:33 +0000[diff] [blame]175extern void *fw_calloc(size_t count, size_t size);
176extern void *fw_malloc(size_t size);
177
Yasuyuki KOZAKAI0b82e8e2007-07-24 05:47:40 +0000[diff] [blame]178extern const char *modprobe;
179extern int xtables_insmod(const char *modname, const char *modprobe, int quiet);
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]180extern int load_xtables_ko(const char *modprobe, int quiet);
181
182/* This is decleared in ip[6]tables.c */
183extern struct afinfo afinfo;
184
185/* Keeping track of external matches and targets: linked lists. */
186extern struct xtables_match *xtables_matches;
187extern struct xtables_target *xtables_targets;
188
189/* Your shared library should call one of these. */
190extern void xtables_register_match(struct xtables_match *me);
191extern void xtables_register_target(struct xtables_target *me);
192
193extern struct xtables_match *find_match(const char *name, enum xt_tryload,
194 struct xtables_rule_match **match);
195extern struct xtables_target *find_target(const char *name, enum xt_tryload);
Yasuyuki KOZAKAI0b82e8e2007-07-24 05:47:40 +0000[diff] [blame]196
Yasuyuki KOZAKAI04f8c542007-07-24 05:53:48 +0000[diff] [blame]197extern int string_to_number_ll(const char *s,
198 unsigned long long min,
199 unsigned long long max,
200 unsigned long long *ret);
201extern int string_to_number_l(const char *s,
202 unsigned long min,
203 unsigned long max,
204 unsigned long *ret);
205extern int string_to_number(const char *s,
206 unsigned int min,
207 unsigned int max,
208 unsigned int *ret);
209extern int service_to_port(const char *name, const char *proto);
210extern u_int16_t parse_port(const char *port, const char *proto);
211extern void
212parse_interface(const char *arg, char *vianame, unsigned char *mask);
213
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]214enum exittype {
215 OTHER_PROBLEM = 1,
216 PARAMETER_PROBLEM,
217 VERSION_PROBLEM,
218 RESOURCE_PROBLEM
219};
220
221/* this is a special 64bit data type that is 8-byte aligned */
222#define aligned_u64 unsigned long long __attribute__((aligned(8)))
223
224extern void exit_printhelp() __attribute__((noreturn));
225extern void exit_tryhelp(int) __attribute__((noreturn));
226int check_inverse(const char option[], int *invert, int *optind, int argc);
227void exit_error(enum exittype, char *, ...)__attribute__((noreturn,
228 format(printf,2,3)));
229extern const char *program_name, *program_version;
230
231#define _init __attribute__((constructor)) my_init
232#ifdef NO_SHARED_LIBS
233# ifdef _INIT
234# undef _init
235# define _init _INIT
236# endif
237 extern void init_extensions(void);
238#endif
239
240#define __be32 u_int32_t
241#define __le32 u_int32_t
242#define __be16 u_int16_t
243#define __le16 u_int16_t
244
Yasuyuki KOZAKAI52088062007-07-24 05:44:11 +0000[diff] [blame]245#endif /* _XTABLES_H */