Blame - extensions/libxt_set.h - platform/external/iptables

blob: 4ac84fa9c02261402310955e14d92fc2221d3422 [file] [log] [blame]

Jozsef Kadlecsik	d40f162	2010-06-16 12:45:33 +0200	[diff] [blame]	1	#ifndef _LIBXT_SET_H
				2	#define _LIBXT_SET_H
				3
				4	#include <unistd.h>
				5	#include <sys/types.h>
				6	#include <sys/socket.h>
				7	#include <errno.h>
				8
				9	#ifdef DEBUG
				10	#define DEBUGP(x, args...) fprintf(stderr, x , ## args)
				11	#else
				12	#define DEBUGP(x, args...)
				13	#endif
				14
				15	static int
				16	get_version(unsigned *version)
				17	{
				18	int res, sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
				19	struct ip_set_req_version req_version;
				20	socklen_t size = sizeof(req_version);
				21
				22	if (sockfd < 0)
				23	xtables_error(OTHER_PROBLEM,
				24	"Can't open socket to ipset.\n");
				25
				26	req_version.op = IP_SET_OP_VERSION;
				27	res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req_version, &size);
				28	if (res != 0)
				29	xtables_error(OTHER_PROBLEM,
				30	"Kernel module xt_set is not loaded in.\n");
				31
				32	*version = req_version.version;
				33
				34	return sockfd;
				35	}
				36
				37	static void
				38	get_set_byid(char *setname, ip_set_id_t idx)
				39	{
				40	struct ip_set_req_get_set req;
				41	socklen_t size = sizeof(struct ip_set_req_get_set);
				42	int res, sockfd;
				43
				44	sockfd = get_version(&req.version);
				45	req.op = IP_SET_OP_GET_BYINDEX;
				46	req.set.index = idx;
				47	res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req, &size);
				48	close(sockfd);
				49
				50	if (res != 0)
				51	xtables_error(OTHER_PROBLEM,
				52	"Problem when communicating with ipset, errno=%d.\n",
				53	errno);
				54	if (size != sizeof(struct ip_set_req_get_set))
				55	xtables_error(OTHER_PROBLEM,
				56	"Incorrect return size from kernel during ipset lookup, "
				57	"(want %zu, got %zu)\n",
				58	sizeof(struct ip_set_req_get_set), (size_t)size);
				59	if (req.set.name[0] == '\0')
				60	xtables_error(PARAMETER_PROBLEM,
				61	"Set with index %i in kernel doesn't exist.\n", idx);
				62
				63	strncpy(setname, req.set.name, IPSET_MAXNAMELEN);
				64	}
				65
				66	static void
				67	get_set_byname(const char setname, struct xt_set_info info)
				68	{
				69	struct ip_set_req_get_set req;
				70	socklen_t size = sizeof(struct ip_set_req_get_set);
				71	int res, sockfd;
				72
				73	sockfd = get_version(&req.version);
				74	req.op = IP_SET_OP_GET_BYNAME;
				75	strncpy(req.set.name, setname, IPSET_MAXNAMELEN);
				76	req.set.name[IPSET_MAXNAMELEN - 1] = '\0';
				77	res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req, &size);
				78	close(sockfd);
				79
				80	if (res != 0)
				81	xtables_error(OTHER_PROBLEM,
				82	"Problem when communicating with ipset, errno=%d.\n",
				83	errno);
				84	if (size != sizeof(struct ip_set_req_get_set))
				85	xtables_error(OTHER_PROBLEM,
				86	"Incorrect return size from kernel during ipset lookup, "
				87	"(want %zu, got %zu)\n",
				88	sizeof(struct ip_set_req_get_set), (size_t)size);
				89	if (req.set.index == IPSET_INVALID_ID)
				90	xtables_error(PARAMETER_PROBLEM,
				91	"Set %s doesn't exist.\n", setname);
				92
				93	info->index = req.set.index;
				94	}
				95
				96	static void
				97	parse_dirs_v0(const char opt_arg, struct xt_set_info_v0 info)
				98	{
				99	char *saved = strdup(opt_arg);
				100	char ptr, tmp = saved;
				101	int i = 0;
				102
				103	while (i < (IPSET_DIM_MAX - 1) && tmp != NULL) {
				104	ptr = strsep(&tmp, ",");
				105	if (strncmp(ptr, "src", 3) == 0)
				106	info->u.flags[i++] \|= IPSET_SRC;
				107	else if (strncmp(ptr, "dst", 3) == 0)
				108	info->u.flags[i++] \|= IPSET_DST;
				109	else
				110	xtables_error(PARAMETER_PROBLEM,
				111	"You must spefify (the comma separated list of) 'src' or 'dst'.");
				112	}
				113
				114	if (tmp)
				115	xtables_error(PARAMETER_PROBLEM,
				116	"Can't be more src/dst options than %i.",
Jozsef Kadlecsik	aeb8af9	2011-04-09 21:29:08 +0200	[diff] [blame]	117	IPSET_DIM_MAX);
Jozsef Kadlecsik	d40f162	2010-06-16 12:45:33 +0200	[diff] [blame]	118
				119	free(saved);
				120	}
				121
				122	static void
				123	parse_dirs(const char opt_arg, struct xt_set_info info)
				124	{
				125	char *saved = strdup(opt_arg);
				126	char ptr, tmp = saved;
Jozsef Kadlecsik	d40f162	2010-06-16 12:45:33 +0200	[diff] [blame]	127
Jozsef Kadlecsik	aeb8af9	2011-04-09 21:29:08 +0200	[diff] [blame]	128	while (info->dim < IPSET_DIM_MAX && tmp != NULL) {
Jozsef Kadlecsik	d40f162	2010-06-16 12:45:33 +0200	[diff] [blame]	129	info->dim++;
				130	ptr = strsep(&tmp, ",");
				131	if (strncmp(ptr, "src", 3) == 0)
				132	info->flags \|= (1 << info->dim);
				133	else if (strncmp(ptr, "dst", 3) != 0)
				134	xtables_error(PARAMETER_PROBLEM,
				135	"You must spefify (the comma separated list of) 'src' or 'dst'.");
				136	}
				137
				138	if (tmp)
				139	xtables_error(PARAMETER_PROBLEM,
				140	"Can't be more src/dst options than %i.",
Jozsef Kadlecsik	aeb8af9	2011-04-09 21:29:08 +0200	[diff] [blame]	141	IPSET_DIM_MAX);
Jozsef Kadlecsik	d40f162	2010-06-16 12:45:33 +0200	[diff] [blame]	142
				143	free(saved);
				144	}
				145
				146	#endif /_LIBXT_SET_H/