summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorBernie Harris <bernie.harris@alliedtelesis.co.nz>2018-03-21 15:42:29 +1300
committerPablo Neira Ayuso <pablo@netfilter.org>2018-04-27 00:27:31 +0200
commitb1cdae87f25021eb835872d86d6e7206bd421c3f (patch)
tree24f875d58b4f4de5722c96d1eff8baeb0c6e61f2 /include
parent2e783b2277665c467138e7685309622456c41db4 (diff)
extensions: Add string filter to ebtables
This patch is part of a proposal to add a string filter to ebtables, which would be similar to the string filter in iptables. Like iptables, the ebtables filter uses the xt_string module, however some modifications have been made for this to work correctly. Currently ebtables assumes that the revision number of all match modules is 0. The xt_string module doesn't register a match with revision 0 so the solution is to modify ebtables to allow extensions to specify a revision number, similar to iptables. This gets passed down to the kernel, which is then able to find the match module correctly. Signed-off-by: Bernie Harris <bernie.harris@alliedtelesis.co.nz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r--include/ebtables.h16
-rw-r--r--include/ebtables_u.h1
2 files changed, 14 insertions, 3 deletions
diff --git a/include/ebtables.h b/include/ebtables.h
index 8f520c6..9bbedbb 100644
--- a/include/ebtables.h
+++ b/include/ebtables.h
@@ -20,6 +20,7 @@
#define EBT_TABLE_MAXNAMELEN 32
#define EBT_CHAIN_MAXNAMELEN EBT_TABLE_MAXNAMELEN
#define EBT_FUNCTION_MAXNAMELEN EBT_TABLE_MAXNAMELEN
+#define EBT_EXTENSION_MAXNAMELEN 31
/* verdicts >0 are "branches" */
#define EBT_ACCEPT -1
@@ -113,7 +114,10 @@ struct ebt_entries {
struct ebt_entry_match
{
union {
- char name[EBT_FUNCTION_MAXNAMELEN];
+ struct {
+ char name[EBT_EXTENSION_MAXNAMELEN];
+ uint8_t revision;
+ };
struct ebt_match *match;
} u;
/* size of data */
@@ -127,7 +131,10 @@ struct ebt_entry_match
struct ebt_entry_watcher
{
union {
- char name[EBT_FUNCTION_MAXNAMELEN];
+ struct {
+ char name[EBT_EXTENSION_MAXNAMELEN];
+ uint8_t revision;
+ };
struct ebt_watcher *watcher;
} u;
/* size of data */
@@ -141,7 +148,10 @@ struct ebt_entry_watcher
struct ebt_entry_target
{
union {
- char name[EBT_FUNCTION_MAXNAMELEN];
+ struct {
+ char name[EBT_EXTENSION_MAXNAMELEN];
+ uint8_t revision;
+ };
struct ebt_target *target;
} u;
/* size of data */
diff --git a/include/ebtables_u.h b/include/ebtables_u.h
index 17afa94..c858996 100644
--- a/include/ebtables_u.h
+++ b/include/ebtables_u.h
@@ -144,6 +144,7 @@ struct ebt_u_entry
struct ebt_u_match
{
char name[EBT_FUNCTION_MAXNAMELEN];
+ uint8_t revision;
/* size of the real match data */
unsigned int size;
void (*help)(void);