| Yasuyuki KOZAKAI | 5208806 | 2007-07-24 05:44:11 +0000 | [diff] [blame] | 1 | #ifndef _XTABLES_H |
| 2 | #define _XTABLES_H |
| 3 | |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 4 | #include <sys/types.h> |
| 5 | #include <linux/netfilter/x_tables.h> |
| 6 | #include <libiptc/libxtc.h> |
| 7 | |
| Yasuyuki KOZAKAI | 5cd1ff5 | 2007-07-24 05:55:12 +0000 | [diff] [blame] | 8 | #ifndef XT_LIB_DIR |
| 9 | #define XT_LIB_DIR "/usr/local/lib/iptables" |
| 10 | #endif |
| 11 | |
| 12 | #ifndef IPPROTO_SCTP |
| 13 | #define IPPROTO_SCTP 132 |
| 14 | #endif |
| 15 | #ifndef IPPROTO_DCCP |
| 16 | #define IPPROTO_DCCP 33 |
| 17 | #endif |
| 18 | #ifndef IPPROTO_UDPLITE |
| 19 | #define IPPROTO_UDPLITE 136 |
| 20 | #endif |
| 21 | |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 22 | /* protocol family dependent informations */ |
| 23 | struct afinfo { |
| 24 | /* protocol family */ |
| 25 | int family; |
| 26 | |
| 27 | /* prefix of library name (ex "libipt_" */ |
| 28 | char *libprefix; |
| 29 | |
| 30 | /* used by setsockopt (ex IPPROTO_IP */ |
| 31 | int ipproto; |
| 32 | |
| 33 | /* kernel module (ex "ip_tables" */ |
| 34 | char *kmod; |
| 35 | |
| 36 | /* optname to check revision support of match */ |
| 37 | int so_rev_match; |
| 38 | |
| 39 | /* optname to check revision support of match */ |
| 40 | int so_rev_target; |
| 41 | }; |
| 42 | |
| 43 | enum xt_tryload { |
| 44 | DONT_LOAD, |
| 45 | DURING_LOAD, |
| 46 | TRY_LOAD, |
| 47 | LOAD_MUST_SUCCEED |
| 48 | }; |
| 49 | |
| 50 | struct xtables_rule_match |
| 51 | { |
| 52 | struct xtables_rule_match *next; |
| 53 | struct xtables_match *match; |
| 54 | /* Multiple matches of the same type: the ones before |
| 55 | the current one are completed from parsing point of view */ |
| 56 | unsigned int completed; |
| 57 | }; |
| 58 | |
| 59 | /* Include file for additions: new matches and targets. */ |
| 60 | struct xtables_match |
| 61 | { |
| 62 | struct xtables_match *next; |
| 63 | |
| 64 | xt_chainlabel name; |
| 65 | |
| 66 | /* Revision of match (0 by default). */ |
| 67 | u_int8_t revision; |
| 68 | |
| 69 | u_int16_t family; |
| 70 | |
| 71 | const char *version; |
| 72 | |
| 73 | /* Size of match data. */ |
| 74 | size_t size; |
| 75 | |
| 76 | /* Size of match data relevent for userspace comparison purposes */ |
| 77 | size_t userspacesize; |
| 78 | |
| 79 | /* Function which prints out usage message. */ |
| 80 | void (*help)(void); |
| 81 | |
| 82 | /* Initialize the match. */ |
| Peter Riley | ea146a9 | 2007-09-02 13:09:07 +0000 | [diff] [blame] | 83 | void (*init)(struct xt_entry_match *m); |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 84 | |
| 85 | /* Function which parses command options; returns true if it |
| 86 | ate an option */ |
| 87 | /* entry is struct ipt_entry for example */ |
| 88 | int (*parse)(int c, char **argv, int invert, unsigned int *flags, |
| 89 | const void *entry, |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 90 | struct xt_entry_match **match); |
| 91 | |
| 92 | /* Final check; exit if not ok. */ |
| 93 | void (*final_check)(unsigned int flags); |
| 94 | |
| 95 | /* Prints out the match iff non-NULL: put space at end */ |
| 96 | /* ip is struct ipt_ip * for example */ |
| 97 | void (*print)(const void *ip, |
| 98 | const struct xt_entry_match *match, int numeric); |
| 99 | |
| 100 | /* Saves the match info in parsable form to stdout. */ |
| 101 | /* ip is struct ipt_ip * for example */ |
| 102 | void (*save)(const void *ip, const struct xt_entry_match *match); |
| 103 | |
| 104 | /* Pointer to list of extra command-line options */ |
| 105 | const struct option *extra_opts; |
| 106 | |
| 107 | /* Ignore these men behind the curtain: */ |
| 108 | unsigned int option_offset; |
| 109 | struct xt_entry_match *m; |
| 110 | unsigned int mflags; |
| 111 | #ifdef NO_SHARED_LIBS |
| 112 | unsigned int loaded; /* simulate loading so options are merged properly */ |
| 113 | #endif |
| 114 | }; |
| 115 | |
| 116 | struct xtables_target |
| 117 | { |
| 118 | struct xtables_target *next; |
| 119 | |
| 120 | xt_chainlabel name; |
| 121 | |
| 122 | /* Revision of target (0 by default). */ |
| 123 | u_int8_t revision; |
| 124 | |
| 125 | u_int16_t family; |
| 126 | |
| 127 | const char *version; |
| 128 | |
| 129 | /* Size of target data. */ |
| 130 | size_t size; |
| 131 | |
| 132 | /* Size of target data relevent for userspace comparison purposes */ |
| 133 | size_t userspacesize; |
| 134 | |
| 135 | /* Function which prints out usage message. */ |
| 136 | void (*help)(void); |
| 137 | |
| 138 | /* Initialize the target. */ |
| Peter Riley | ea146a9 | 2007-09-02 13:09:07 +0000 | [diff] [blame] | 139 | void (*init)(struct xt_entry_target *t); |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 140 | |
| 141 | /* Function which parses command options; returns true if it |
| 142 | ate an option */ |
| 143 | /* entry is struct ipt_entry for example */ |
| 144 | int (*parse)(int c, char **argv, int invert, unsigned int *flags, |
| 145 | const void *entry, |
| 146 | struct xt_entry_target **targetinfo); |
| 147 | |
| 148 | /* Final check; exit if not ok. */ |
| 149 | void (*final_check)(unsigned int flags); |
| 150 | |
| 151 | /* Prints out the target iff non-NULL: put space at end */ |
| 152 | void (*print)(const void *ip, |
| 153 | const struct xt_entry_target *target, int numeric); |
| 154 | |
| 155 | /* Saves the targinfo in parsable form to stdout. */ |
| 156 | void (*save)(const void *ip, |
| 157 | const struct xt_entry_target *target); |
| 158 | |
| 159 | /* Pointer to list of extra command-line options */ |
| Jan Engelhardt | 3365332 | 2007-07-30 13:20:43 +0000 | [diff] [blame] | 160 | const struct option *extra_opts; |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 161 | |
| 162 | /* Ignore these men behind the curtain: */ |
| 163 | unsigned int option_offset; |
| 164 | struct xt_entry_target *t; |
| 165 | unsigned int tflags; |
| 166 | unsigned int used; |
| 167 | #ifdef NO_SHARED_LIBS |
| 168 | unsigned int loaded; /* simulate loading so options are merged properly */ |
| 169 | #endif |
| 170 | }; |
| 171 | |
| 172 | extern char *lib_dir; |
| 173 | |
| Yasuyuki KOZAKAI | 3dfa448 | 2007-07-24 05:45:33 +0000 | [diff] [blame] | 174 | extern void *fw_calloc(size_t count, size_t size); |
| 175 | extern void *fw_malloc(size_t size); |
| 176 | |
| Yasuyuki KOZAKAI | 0b82e8e | 2007-07-24 05:47:40 +0000 | [diff] [blame] | 177 | extern const char *modprobe; |
| 178 | extern int xtables_insmod(const char *modname, const char *modprobe, int quiet); |
| Yasuyuki KOZAKAI | 0d502bc | 2007-07-24 05:52:07 +0000 | [diff] [blame] | 179 | extern int load_xtables_ko(const char *modprobe, int quiet); |
| 180 | |
| 181 | /* This is decleared in ip[6]tables.c */ |
| 182 | extern struct afinfo afinfo; |
| 183 | |
| 184 | /* Keeping track of external matches and targets: linked lists. */ |
| 185 | extern struct xtables_match *xtables_matches; |
| 186 | extern struct xtables_target *xtables_targets; |
| 187 | |
| 188 | /* Your shared library should call one of these. */ |
| 189 | extern void xtables_register_match(struct xtables_match *me); |
| 190 | extern void xtables_register_target(struct xtables_target *me); |
| 191 | |
| 192 | extern struct xtables_match *find_match(const char *name, enum xt_tryload, |
| 193 | struct xtables_rule_match **match); |
| 194 | extern struct xtables_target *find_target(const char *name, enum xt_tryload); |
| Yasuyuki KOZAKAI | 0b82e8e | 2007-07-24 05:47:40 +0000 | [diff] [blame] | 195 | |
| Yasuyuki KOZAKAI | 04f8c54 | 2007-07-24 05:53:48 +0000 | [diff] [blame] | 196 | extern int string_to_number_ll(const char *s, |
| 197 | unsigned long long min, |
| 198 | unsigned long long max, |
| 199 | unsigned long long *ret); |
| 200 | extern int string_to_number_l(const char *s, |
| 201 | unsigned long min, |
| 202 | unsigned long max, |
| 203 | unsigned long *ret); |
| 204 | extern int string_to_number(const char *s, |
| 205 | unsigned int min, |
| 206 | unsigned int max, |
| 207 | unsigned int *ret); |
| 208 | extern int service_to_port(const char *name, const char *proto); |
| 209 | extern u_int16_t parse_port(const char *port, const char *proto); |
| 210 | extern void |
| 211 | parse_interface(const char *arg, char *vianame, unsigned char *mask); |
| 212 | |
| Yasuyuki KOZAKAI | a3732db | 2007-07-24 06:39:40 +0000 | [diff] [blame] | 213 | enum exittype { |
| 214 | OTHER_PROBLEM = 1, |
| 215 | PARAMETER_PROBLEM, |
| 216 | VERSION_PROBLEM, |
| 217 | RESOURCE_PROBLEM |
| 218 | }; |
| 219 | |
| 220 | /* this is a special 64bit data type that is 8-byte aligned */ |
| Patrick McHardy | c329d6a | 2007-09-05 14:19:23 +0000 | [diff] [blame] | 221 | #define aligned_u64 u_int64_t __attribute__((aligned(8))) |
| Yasuyuki KOZAKAI | a3732db | 2007-07-24 06:39:40 +0000 | [diff] [blame] | 222 | |
| 223 | extern void exit_printhelp() __attribute__((noreturn)); |
| 224 | extern void exit_tryhelp(int) __attribute__((noreturn)); |
| 225 | int check_inverse(const char option[], int *invert, int *optind, int argc); |
| Jan Engelhardt | d884051 | 2007-08-01 15:19:15 +0000 | [diff] [blame] | 226 | void exit_error(enum exittype, const char *, ...)__attribute__((noreturn, |
| Yasuyuki KOZAKAI | a3732db | 2007-07-24 06:39:40 +0000 | [diff] [blame] | 227 | format(printf,2,3))); |
| 228 | extern const char *program_name, *program_version; |
| 229 | |
| 230 | #define _init __attribute__((constructor)) my_init |
| 231 | #ifdef NO_SHARED_LIBS |
| 232 | # ifdef _INIT |
| 233 | # undef _init |
| 234 | # define _init _INIT |
| 235 | # endif |
| 236 | extern void init_extensions(void); |
| 237 | #endif |
| 238 | |
| 239 | #define __be32 u_int32_t |
| 240 | #define __le32 u_int32_t |
| 241 | #define __be16 u_int16_t |
| 242 | #define __le16 u_int16_t |
| 243 | |
| Yasuyuki KOZAKAI | 5208806 | 2007-07-24 05:44:11 +0000 | [diff] [blame] | 244 | #endif /* _XTABLES_H */ |