Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / e44ea7faa17c10c68f14f5338a7cc6e3291a0ce7 / . / include / xtables.h.in
blob: 3099de8f97cd8dca75025e5e937b8922ac94bab1 [file] [log] [blame]
Yasuyuki KOZAKAI52088062007-07-24 05:44:11 +0000[diff] [blame]1#ifndef _XTABLES_H
2#define _XTABLES_H
3
Jan Engelhardtdacafa52009-01-27 20:56:23 +0100[diff] [blame]4/*
5 * Changing any structs/functions may incur a needed change
6 * in libxtables_vcurrent/vage too.
7 */
8
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]9#include <sys/socket.h> /* PF_* */
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]10#include <sys/types.h>
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]11#include <stdbool.h>
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]12#include <netinet/in.h>
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]13#include <net/if.h>
Jan Engelhardt5e9eaed2007-12-17 13:12:01 +0000[diff] [blame]14#include <linux/types.h>
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]15#include <linux/netfilter.h>
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]16#include <linux/netfilter/x_tables.h>
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]17
Yasuyuki KOZAKAI5cd1ff52007-07-24 05:55:12 +0000[diff] [blame]18#ifndef IPPROTO_SCTP
19#define IPPROTO_SCTP 132
20#endif
21#ifndef IPPROTO_DCCP
22#define IPPROTO_DCCP 33
23#endif
24#ifndef IPPROTO_UDPLITE
25#define IPPROTO_UDPLITE 136
26#endif
27
Jan Engelhardtdacafa52009-01-27 20:56:23 +0100[diff] [blame]28#define XTABLES_VERSION "libxtables.so.@libxtables_vmajor@"
29#define XTABLES_VERSION_CODE @libxtables_vmajor@
Jan Engelhardt493c7122008-04-15 11:15:16 +0200[diff] [blame]30
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]31struct in_addr;
32
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]33/* Include file for additions: new matches and targets. */
34struct xtables_match
35{
36 struct xtables_match *next;
37
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]38 const char *name;
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]39
40 /* Revision of match (0 by default). */
41 u_int8_t revision;
42
43 u_int16_t family;
44
45 const char *version;
46
47 /* Size of match data. */
48 size_t size;
49
50 /* Size of match data relevent for userspace comparison purposes */
51 size_t userspacesize;
52
53 /* Function which prints out usage message. */
54 void (*help)(void);
55
56 /* Initialize the match. */
Peter Rileyea146a92007-09-02 13:09:07 +0000[diff] [blame]57 void (*init)(struct xt_entry_match *m);
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]58
59 /* Function which parses command options; returns true if it
60 ate an option */
61 /* entry is struct ipt_entry for example */
62 int (*parse)(int c, char **argv, int invert, unsigned int *flags,
63 const void *entry,
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]64 struct xt_entry_match **match);
65
66 /* Final check; exit if not ok. */
67 void (*final_check)(unsigned int flags);
68
69 /* Prints out the match iff non-NULL: put space at end */
70 /* ip is struct ipt_ip * for example */
71 void (*print)(const void *ip,
72 const struct xt_entry_match *match, int numeric);
73
74 /* Saves the match info in parsable form to stdout. */
75 /* ip is struct ipt_ip * for example */
76 void (*save)(const void *ip, const struct xt_entry_match *match);
77
78 /* Pointer to list of extra command-line options */
79 const struct option *extra_opts;
80
81 /* Ignore these men behind the curtain: */
82 unsigned int option_offset;
83 struct xt_entry_match *m;
84 unsigned int mflags;
85#ifdef NO_SHARED_LIBS
86 unsigned int loaded; /* simulate loading so options are merged properly */
87#endif
88};
89
90struct xtables_target
91{
92 struct xtables_target *next;
93
Jan Engelhardtef18e812008-08-04 12:47:48 +0200[diff] [blame]94 const char *name;
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]95
96 /* Revision of target (0 by default). */
97 u_int8_t revision;
98
99 u_int16_t family;
100
101 const char *version;
102
103 /* Size of target data. */
104 size_t size;
105
106 /* Size of target data relevent for userspace comparison purposes */
107 size_t userspacesize;
108
109 /* Function which prints out usage message. */
110 void (*help)(void);
111
112 /* Initialize the target. */
Peter Rileyea146a92007-09-02 13:09:07 +0000[diff] [blame]113 void (*init)(struct xt_entry_target *t);
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]114
115 /* Function which parses command options; returns true if it
116 ate an option */
117 /* entry is struct ipt_entry for example */
118 int (*parse)(int c, char **argv, int invert, unsigned int *flags,
119 const void *entry,
120 struct xt_entry_target **targetinfo);
121
122 /* Final check; exit if not ok. */
123 void (*final_check)(unsigned int flags);
124
125 /* Prints out the target iff non-NULL: put space at end */
126 void (*print)(const void *ip,
127 const struct xt_entry_target *target, int numeric);
128
129 /* Saves the targinfo in parsable form to stdout. */
130 void (*save)(const void *ip,
131 const struct xt_entry_target *target);
132
133 /* Pointer to list of extra command-line options */
Jan Engelhardt33653322007-07-30 13:20:43 +0000[diff] [blame]134 const struct option *extra_opts;
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]135
136 /* Ignore these men behind the curtain: */
137 unsigned int option_offset;
138 struct xt_entry_target *t;
139 unsigned int tflags;
140 unsigned int used;
141#ifdef NO_SHARED_LIBS
142 unsigned int loaded; /* simulate loading so options are merged properly */
143#endif
144};
145
Jan Engelhardt2338efd2009-01-27 15:23:01 +0100[diff] [blame]146struct xtables_rule_match {
147 struct xtables_rule_match *next;
148 struct xtables_match *match;
149 /* Multiple matches of the same type: the ones before
150 the current one are completed from parsing point of view */
151 bool completed;
152};
153
154enum xtables_tryload {
155 XTF_DONT_LOAD,
156 XTF_DURING_LOAD,
157 XTF_TRY_LOAD,
158 XTF_LOAD_MUST_SUCCEED,
159};
160
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]161enum xtables_exittype {
162 OTHER_PROBLEM = 1,
163 PARAMETER_PROBLEM,
164 VERSION_PROBLEM,
165 RESOURCE_PROBLEM,
166 XTF_ONLY_ONCE,
167 XTF_NO_INVERT,
168 XTF_BAD_VALUE,
169 XTF_ONE_ACTION,
170};
171
Jan Engelhardtdacafa52009-01-27 20:56:23 +0100[diff] [blame]172extern const char *xtables_program_name;
Jan Engelhardtc021c3c2009-01-27 15:10:05 +0100[diff] [blame]173extern const char *xtables_modprobe_program;
Jan Engelhardt2338efd2009-01-27 15:23:01 +0100[diff] [blame]174extern struct xtables_match *xtables_matches;
175extern struct xtables_target *xtables_targets;
Jan Engelhardtc021c3c2009-01-27 15:10:05 +0100[diff] [blame]176
Jan Engelhardt39bf9c82009-01-27 15:59:06 +0100[diff] [blame]177extern void xtables_init(void);
Jan Engelhardt630ef482009-01-27 14:58:41 +0100[diff] [blame]178extern void *xtables_calloc(size_t, size_t);
179extern void *xtables_malloc(size_t);
180
Jan Engelhardtc021c3c2009-01-27 15:10:05 +0100[diff] [blame]181extern int xtables_insmod(const char *, const char *, bool);
182extern int xtables_load_ko(const char *, bool);
183
Jan Engelhardt2338efd2009-01-27 15:23:01 +0100[diff] [blame]184extern struct xtables_match *xtables_find_match(const char *name,
185 enum xtables_tryload, struct xtables_rule_match **match);
186extern struct xtables_target *xtables_find_target(const char *name,
187 enum xtables_tryload);
188
Yasuyuki KOZAKAI0d502bc2007-07-24 05:52:07 +0000[diff] [blame]189/* Your shared library should call one of these. */
190extern void xtables_register_match(struct xtables_match *me);
191extern void xtables_register_target(struct xtables_target *me);
192
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]193extern bool xtables_strtoul(const char *, char **, unsigned long *,
Jan Engelhardtcd9e7aa2008-01-20 13:18:54 +0000[diff] [blame]194 unsigned long, unsigned long);
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]195extern bool xtables_strtoui(const char *, char **, unsigned int *,
Jan Engelhardtcd9e7aa2008-01-20 13:18:54 +0000[diff] [blame]196 unsigned int, unsigned int);
Yasuyuki KOZAKAI04f8c542007-07-24 05:53:48 +0000[diff] [blame]197extern int service_to_port(const char *name, const char *proto);
198extern u_int16_t parse_port(const char *port, const char *proto);
199extern void
200parse_interface(const char *arg, char *vianame, unsigned char *mask);
201
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]202/* this is a special 64bit data type that is 8-byte aligned */
Patrick McHardyc329d6a2007-09-05 14:19:23 +0000[diff] [blame]203#define aligned_u64 u_int64_t __attribute__((aligned(8)))
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]204
Jan Engelhardtdbb77542008-02-11 00:33:30 +0100[diff] [blame]205int check_inverse(const char option[], int *invert, int *my_optind, int argc);
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]206void exit_error(enum xtables_exittype, const char *, ...)
207 __attribute__((noreturn, format(printf,2,3)));
208extern void xtables_param_act(unsigned int, const char *, ...);
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]209
Jan Engelhardte44ea7f2009-01-30 03:55:09 +0100[diff] [blame^]210extern const char *xtables_ipaddr_to_numeric(const struct in_addr *);
211extern const char *xtables_ipaddr_to_anyname(const struct in_addr *);
212extern const char *xtables_ipmask_to_numeric(const struct in_addr *);
Jan Engelhardtbd943842008-01-20 13:38:08 +0000[diff] [blame]213extern struct in_addr *numeric_to_ipaddr(const char *);
214extern struct in_addr *numeric_to_ipmask(const char *);
215extern void ipparse_hostnetworkmask(const char *, struct in_addr **,
216 struct in_addr *, unsigned int *);
Jan Engelhardt08b16162008-01-20 13:36:08 +0000[diff] [blame]217
Jan Engelhardtbd943842008-01-20 13:38:08 +0000[diff] [blame]218extern struct in6_addr *numeric_to_ip6addr(const char *);
Jan Engelhardte44ea7f2009-01-30 03:55:09 +0100[diff] [blame^]219extern const char *xtables_ip6addr_to_numeric(const struct in6_addr *);
220extern const char *xtables_ip6addr_to_anyname(const struct in6_addr *);
221extern const char *xtables_ip6mask_to_numeric(const struct in6_addr *);
Jan Engelhardtbd943842008-01-20 13:38:08 +0000[diff] [blame]222extern void ip6parse_hostnetworkmask(const char *, struct in6_addr **,
223 struct in6_addr *, unsigned int *);
Jan Engelhardt08b16162008-01-20 13:36:08 +0000[diff] [blame]224
Max Kellermanna5d09942008-01-29 13:44:34 +0000[diff] [blame]225/**
226 * Print the specified value to standard output, quoting dangerous
227 * characters if required.
228 */
229extern void save_string(const char *value);
230
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]231#ifdef NO_SHARED_LIBS
Jan Engelhardtf82070f2008-01-20 13:14:00 +0000[diff] [blame]232# ifdef _INIT
233# undef _init
234# define _init _INIT
235# endif
236 extern void init_extensions(void);
237#else
238# define _init __attribute__((constructor)) _INIT
Yasuyuki KOZAKAIa3732db2007-07-24 06:39:40 +0000[diff] [blame]239#endif
240
Jan Engelhardt33690a12008-02-11 00:54:00 +0100[diff] [blame]241/* Present in both iptables.c and ip6tables.c */
242extern u_int16_t parse_protocol(const char *s);
243
244#ifdef XTABLES_INTERNAL
245# include <xtables/internal.h>
246#endif
247
Yasuyuki KOZAKAI52088062007-07-24 05:44:11 +0000[diff] [blame]248#endif /* _XTABLES_H */