Blame - extensions/libxt_NFQUEUE.c - platform/external/iptables

blob: 6c448425d12cec699150ccc68c9eaa6528a863a9 [file] [log] [blame]

Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	1	/* Shared library add-on to iptables for NFQ
				2	*
				3	* (C) 2005 by Harald Welte <laforge@netfilter.org>
				4	*
				5	* This program is distributed under the terms of GNU GPL v2, 1991
				6	*
				7	*/
Jan Engelhardt	32b8e61	2010-07-23 21:16:14 +0200	[diff] [blame]	8	#include <stdbool.h>
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	9	#include <stdio.h>
				10	#include <string.h>
				11	#include <stdlib.h>
				12	#include <getopt.h>
				13
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	14	#include <xtables.h>
				15	#include <linux/netfilter/x_tables.h>
				16	#include <linux/netfilter/xt_NFQUEUE.h>
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	17
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	18	static void NFQUEUE_help(void)
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	19	{
				20	printf(
				21	"NFQUEUE target options\n"
				22	" --queue-num value Send packet to QUEUE number <value>.\n"
				23	" Valid queue numbers are 0-65535\n"
				24	);
				25	}
				26
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	27	static void NFQUEUE_help_v1(void)
				28	{
				29	NFQUEUE_help();
				30	printf(
				31	" --queue-balance first:last Balance flows between queues <value> to <value>.\n");
				32	}
				33
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	34	static void NFQUEUE_help_v2(void)
				35	{
				36	NFQUEUE_help_v1();
				37	printf(
				38	" --queue-bypass Bypass Queueing if no queue instance exists.\n");
				39	}
				40
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	41	static const struct option NFQUEUE_opts[] = {
Jan Engelhardt	32b8e61	2010-07-23 21:16:14 +0200	[diff] [blame]	42	{.name = "queue-num", .has_arg = true, .val = 'F'},
				43	{.name = "queue-balance", .has_arg = true, .val = 'B'},
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	44	{.name = "queue-bypass", .has_arg = false,.val = 'P'},
Jan Engelhardt	32b8e61	2010-07-23 21:16:14 +0200	[diff] [blame]	45	XT_GETOPT_TABLEEND,
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	46	};
				47
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	48	static void exit_badqueue(const char *s)
				49	{
				50	xtables_error(PARAMETER_PROBLEM, "Invalid queue number `%s'\n", s);
				51	}
				52
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	53	static void
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	54	parse_num(const char s, struct xt_NFQ_info tinfo)
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	55	{
				56	unsigned int num;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	57
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	58	if (!xtables_strtoui(s, NULL, &num, 0, UINT16_MAX))
				59	exit_badqueue(s);
				60
				61	tinfo->queuenum = num;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	62	}
				63
				64	static int
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	65	NFQUEUE_parse(int c, char *argv, int invert, unsigned int flags,
				66	const void entry, struct xt_entry_target *target)
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	67	{
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	68	struct xt_NFQ_info *tinfo
				69	= (struct xt_NFQ_info )(target)->data;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	70
				71	switch (c) {
				72	case 'F':
				73	if (*flags)
Jan Engelhardt	1829ed4	2009-02-21 03:29:44 +0100	[diff] [blame]	74	xtables_error(PARAMETER_PROBLEM, "NFQUEUE target: "
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	75	"Only use --queue-num ONCE!");
				76	parse_num(optarg, tinfo);
Eric Leblond	6fdefcf	2005-08-05 18:35:09 +0000	[diff] [blame]	77	break;
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	78	case 'B':
				79	xtables_error(PARAMETER_PROBLEM, "NFQUEUE target: "
				80	"--queue-balance not supported (kernel too old?)");
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	81	}
				82
				83	return 1;
				84	}
				85
				86	static int
				87	NFQUEUE_parse_v1(int c, char *argv, int invert, unsigned int flags,
				88	const void entry, struct xt_entry_target *target)
				89	{
				90	struct xt_NFQ_info_v1 info = (void )(*target)->data;
				91	char *colon;
				92	unsigned int firstqueue, lastqueue;
				93
				94	switch (c) {
				95	case 'F': /* fallthrough */
				96	case 'B':
				97	if (*flags)
				98	xtables_error(PARAMETER_PROBLEM, "NFQUEUE target: "
				99	"Only use --queue-num ONCE!");
				100
				101	if (!xtables_strtoui(optarg, &colon, &firstqueue, 0, UINT16_MAX))
				102	exit_badqueue(optarg);
				103
				104	info->queuenum = firstqueue;
				105
				106	if (c == 'F') {
				107	if (*colon)
				108	exit_badqueue(optarg);
				109	break;
				110	}
				111
				112	if (*colon != ':')
				113	xtables_error(PARAMETER_PROBLEM, "Bad range \"%s\"", optarg);
				114
				115	if (!xtables_strtoui(colon + 1, NULL, &lastqueue, 1, UINT16_MAX))
				116	exit_badqueue(optarg);
				117
				118	if (firstqueue >= lastqueue)
				119	xtables_error(PARAMETER_PROBLEM, "%u should be less than %u",
				120	firstqueue, lastqueue);
				121	info->queues_total = lastqueue - firstqueue + 1;
				122	break;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	123	}
				124
				125	return 1;
				126	}
				127
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	128	static int
				129	NFQUEUE_parse_v2(int c, char *argv, int invert, unsigned int flags,
				130	const void entry, struct xt_entry_target *target)
				131	{
				132	if (c == 'P') {
				133	struct xt_NFQ_info_v2 info = (void )(*target)->data;
				134	info->bypass = 1;
				135	return 1;
				136	}
				137	return NFQUEUE_parse_v1(c, argv, invert, flags, entry, target);
				138	}
				139
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	140	static void NFQUEUE_print(const void *ip,
				141	const struct xt_entry_target *target, int numeric)
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	142	{
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	143	const struct xt_NFQ_info *tinfo =
				144	(const struct xt_NFQ_info *)target->data;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	145	printf("NFQUEUE num %u", tinfo->queuenum);
				146	}
				147
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	148	static void NFQUEUE_print_v1(const void *ip,
				149	const struct xt_entry_target *target, int numeric)
				150	{
				151	const struct xt_NFQ_info_v1 tinfo = (const void )target->data;
				152	unsigned int last = tinfo->queues_total;
				153
				154	if (last > 1) {
				155	last += tinfo->queuenum - 1;
				156	printf("NFQUEUE balance %u:%u", tinfo->queuenum, last);
				157	} else {
				158	printf("NFQUEUE num %u", tinfo->queuenum);
				159	}
				160	}
				161
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	162	static void NFQUEUE_print_v2(const void *ip,
				163	const struct xt_entry_target *target, int numeric)
				164	{
				165	const struct xt_NFQ_info_v2 info = (void ) target->data;
				166
				167	NFQUEUE_print_v1(ip, target, numeric);
				168	if (info->bypass)
				169	printf(" bypass");
				170	}
				171
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	172	static void NFQUEUE_save(const void ip, const struct xt_entry_target target)
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	173	{
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	174	const struct xt_NFQ_info *tinfo =
				175	(const struct xt_NFQ_info *)target->data;
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	176
				177	printf("--queue-num %u ", tinfo->queuenum);
				178	}
				179
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	180	static void NFQUEUE_save_v1(const void ip, const struct xt_entry_target target)
				181	{
				182	const struct xt_NFQ_info_v1 tinfo = (const void )target->data;
				183	unsigned int last = tinfo->queues_total;
				184
				185	if (last > 1) {
				186	last += tinfo->queuenum - 1;
				187	printf("--queue-balance %u:%u ", tinfo->queuenum, last);
				188	} else {
				189	printf("--queue-num %u ", tinfo->queuenum);
				190	}
				191	}
				192
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	193	static void NFQUEUE_save_v2(const void ip, const struct xt_entry_target target)
				194	{
				195	const struct xt_NFQ_info_v2 info = (void ) target->data;
				196
				197	NFQUEUE_save_v1(ip, target);
				198
				199	if (info->bypass)
				200	printf("--queue-bypass ");
				201	}
				202
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	203	static void NFQUEUE_init_v1(struct xt_entry_target *t)
				204	{
				205	struct xt_NFQ_info_v1 tinfo = (void )t->data;
				206	tinfo->queues_total = 1;
				207	}
				208
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	209	static struct xtables_target nfqueue_targets[] = {
				210	{
Jan Engelhardt	c5e8573	2009-06-12 20:55:44 +0200	[diff] [blame]	211	.family = NFPROTO_UNSPEC,
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	212	.name = "NFQUEUE",
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	213	.version = XTABLES_VERSION,
Yasuyuki KOZAKAI	a2e89cc	2007-07-24 07:29:36 +0000	[diff] [blame]	214	.size = XT_ALIGN(sizeof(struct xt_NFQ_info)),
				215	.userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info)),
Jan Engelhardt	932e648	2007-10-04 16:27:30 +0000	[diff] [blame]	216	.help = NFQUEUE_help,
				217	.parse = NFQUEUE_parse,
				218	.print = NFQUEUE_print,
				219	.save = NFQUEUE_save,
				220	.extra_opts = NFQUEUE_opts
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	221	},{
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	222	.family = NFPROTO_UNSPEC,
				223	.revision = 1,
				224	.name = "NFQUEUE",
				225	.version = XTABLES_VERSION,
				226	.size = XT_ALIGN(sizeof(struct xt_NFQ_info_v1)),
				227	.userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info_v1)),
				228	.help = NFQUEUE_help_v1,
				229	.init = NFQUEUE_init_v1,
				230	.parse = NFQUEUE_parse_v1,
				231	.print = NFQUEUE_print_v1,
				232	.save = NFQUEUE_save_v1,
				233	.extra_opts = NFQUEUE_opts,
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	234	},{
				235	.family = NFPROTO_UNSPEC,
				236	.revision = 2,
				237	.name = "NFQUEUE",
				238	.version = XTABLES_VERSION,
				239	.size = XT_ALIGN(sizeof(struct xt_NFQ_info_v2)),
				240	.userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info_v2)),
				241	.help = NFQUEUE_help_v2,
				242	.init = NFQUEUE_init_v1,
				243	.parse = NFQUEUE_parse_v2,
				244	.print = NFQUEUE_print_v2,
				245	.save = NFQUEUE_save_v2,
				246	.extra_opts = NFQUEUE_opts,
				247	}
Florian Westphal	4282d89	2009-08-20 16:39:05 +0200	[diff] [blame]	248	};
				249
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	250	void _init(void)
				251	{
Florian Westphal	6924b49	2011-01-20 11:27:42 +0100	[diff] [blame^]	252	xtables_register_targets(nfqueue_targets, ARRAY_SIZE(nfqueue_targets));
Harald Welte	daa1ef3	2005-07-19 21:44:58 +0000	[diff] [blame]	253	}