summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorYasuyuki KOZAKAI <yasuyuki@netfilter.org>2007-08-04 08:19:38 +0000
committerYasuyuki KOZAKAI <yasuyuki@netfilter.org>2007-08-04 08:19:38 +0000
commit9bbf867821db55bd6e109934b9aa871322405767 (patch)
tree3d79589d55ae44a039b79939c256cf4a570a0451 /extensions
parent8338c88a83ac3828459b36332d340cbaa8e0607f (diff)
Revert commit 6990.
That log is not correct and .NF_LOG-testx has incorrect mode.
Diffstat (limited to 'extensions')
-rw-r--r--extensions/.NFLOG-test2
-rw-r--r--extensions/.NFLOG-test62
-rw-r--r--extensions/.NFLOG-testx2
-rw-r--r--extensions/libip6t_NFLOG.c162
-rw-r--r--extensions/libipt_NFLOG.c162
-rw-r--r--extensions/libxt_NFLOG.c179
6 files changed, 328 insertions, 181 deletions
diff --git a/extensions/.NFLOG-test b/extensions/.NFLOG-test
new file mode 100644
index 00000000..25f0dee7
--- /dev/null
+++ b/extensions/.NFLOG-test
@@ -0,0 +1,2 @@
+#! /bin/sh
+[ -f $KERNEL_DIR/include/linux/netfilter/xt_NFLOG.h ] && echo NFLOG
diff --git a/extensions/.NFLOG-test6 b/extensions/.NFLOG-test6
new file mode 100644
index 00000000..25f0dee7
--- /dev/null
+++ b/extensions/.NFLOG-test6
@@ -0,0 +1,2 @@
+#! /bin/sh
+[ -f $KERNEL_DIR/include/linux/netfilter/xt_NFLOG.h ] && echo NFLOG
diff --git a/extensions/.NFLOG-testx b/extensions/.NFLOG-testx
index 25f0dee7..e69de29b 100644
--- a/extensions/.NFLOG-testx
+++ b/extensions/.NFLOG-testx
@@ -1,2 +0,0 @@
-#! /bin/sh
-[ -f $KERNEL_DIR/include/linux/netfilter/xt_NFLOG.h ] && echo NFLOG
diff --git a/extensions/libip6t_NFLOG.c b/extensions/libip6t_NFLOG.c
new file mode 100644
index 00000000..42e20819
--- /dev/null
+++ b/extensions/libip6t_NFLOG.c
@@ -0,0 +1,162 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <getopt.h>
+#include <ip6tables.h>
+
+#include <linux/netfilter_ipv6/ip6_tables.h>
+#include <linux/netfilter/xt_NFLOG.h>
+
+enum {
+ NFLOG_GROUP = 0x1,
+ NFLOG_PREFIX = 0x2,
+ NFLOG_RANGE = 0x4,
+ NFLOG_THRESHOLD = 0x8,
+};
+
+static const struct option opts[] = {
+ { "nflog-group", 1, 0, NFLOG_GROUP },
+ { "nflog-prefix", 1, 0, NFLOG_PREFIX },
+ { "nflog-range", 1, 0, NFLOG_RANGE },
+ { "nflog-threshold", 1, 0, NFLOG_THRESHOLD },
+ {NULL},
+};
+
+static void help(void)
+{
+ printf("NFLOG v%s options:\n"
+ " --nflog-group NUM NETLINK group used for logging\n"
+ " --nflog-range NUM Number of byte to copy\n"
+ " --nflog-threshold NUM Message threshold of in-kernel queue\n"
+ " --nflog-prefix STRING Prefix string for log messages\n\n",
+ IPTABLES_VERSION);
+}
+
+static void init(struct ip6t_entry_target *t, unsigned int *nfcache)
+{
+ struct xt_nflog_info *info = (struct xt_nflog_info *)t->data;
+
+ info->group = 0;
+ info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
+}
+
+static int parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry,
+ struct xt_entry_target **target)
+{
+ struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
+ int n;
+
+ switch (c) {
+ case NFLOG_GROUP:
+ if (*flags & NFLOG_GROUP)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-group twice");
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --nflog-group");
+
+ n = atoi(optarg);
+ if (n < 0)
+ exit_error(PARAMETER_PROBLEM,
+ "--nflog-group can not be negative");
+ info->group = n;
+ break;
+ case NFLOG_PREFIX:
+ if (*flags & NFLOG_PREFIX)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-prefix twice");
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --nflog-prefix");
+
+ n = strlen(optarg);
+ if (n == 0)
+ exit_error(PARAMETER_PROBLEM,
+ "No prefix specified for --nflog-prefix");
+ if (n >= sizeof(info->prefix))
+ exit_error(PARAMETER_PROBLEM,
+ "--nflog-prefix too long, max %Zu characters",
+ sizeof(info->prefix) - 1);
+ if (n != strlen(strtok(optarg, "\n")))
+ exit_error(PARAMETER_PROBLEM,
+ "Newlines are not allowed in --nflog-prefix");
+ strcpy(info->prefix, optarg);
+ break;
+ case NFLOG_RANGE:
+ if (*flags & NFLOG_RANGE)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-range twice");
+ n = atoi(optarg);
+ if (n < 0)
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid --nflog-range, must be >= 0");
+ info->len = n;
+ break;
+ case NFLOG_THRESHOLD:
+ if (*flags & NFLOG_THRESHOLD)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-threshold twice");
+ n = atoi(optarg);
+ if (n < 1)
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid --nflog-threshold, must be >= 1");
+ info->threshold = n;
+ break;
+ default:
+ return 0;
+ }
+ *flags |= c;
+ return 1;
+}
+
+static void final_check(unsigned int flags)
+{
+ return;
+}
+
+static void nflog_print(const struct xt_nflog_info *info, char *prefix)
+{
+ if (info->prefix[0] != '\0')
+ printf("%snflog-prefix \"%s\" ", prefix, info->prefix);
+ if (info->group)
+ printf("%snflog-group %u ", prefix, info->group);
+ if (info->len)
+ printf("%snflog-range %u ", prefix, info->len);
+ if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
+ printf("%snflog-threshold %u ", prefix, info->threshold);
+}
+
+static void print(const void *ip, const struct xt_entry_target *target,
+ int numeric)
+{
+ const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
+
+ nflog_print(info, "");
+}
+
+static void save(const void *ip, const struct xt_entry_target *target)
+{
+ const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
+
+ nflog_print(info, "--");
+}
+
+static struct ip6tables_target nflog = {
+ .name = "NFLOG",
+ .version = IPTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
+ .help = help,
+ .init = init,
+ .parse = parse,
+ .final_check = final_check,
+ .print = print,
+ .save = save,
+ .extra_opts = opts,
+};
+
+void _init(void)
+{
+ register_target6(&nflog);
+}
diff --git a/extensions/libipt_NFLOG.c b/extensions/libipt_NFLOG.c
new file mode 100644
index 00000000..a672e2d3
--- /dev/null
+++ b/extensions/libipt_NFLOG.c
@@ -0,0 +1,162 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <getopt.h>
+#include <iptables.h>
+
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter/xt_NFLOG.h>
+
+enum {
+ NFLOG_GROUP = 0x1,
+ NFLOG_PREFIX = 0x2,
+ NFLOG_RANGE = 0x4,
+ NFLOG_THRESHOLD = 0x8,
+};
+
+static const struct option opts[] = {
+ { "nflog-group", 1, 0, NFLOG_GROUP },
+ { "nflog-prefix", 1, 0, NFLOG_PREFIX },
+ { "nflog-range", 1, 0, NFLOG_RANGE },
+ { "nflog-threshold", 1, 0, NFLOG_THRESHOLD },
+ {NULL},
+};
+
+static void help(void)
+{
+ printf("NFLOG v%s options:\n"
+ " --nflog-group NUM NETLINK group used for logging\n"
+ " --nflog-range NUM Number of byte to copy\n"
+ " --nflog-threshold NUM Message threshold of in-kernel queue\n"
+ " --nflog-prefix STRING Prefix string for log messages\n\n",
+ IPTABLES_VERSION);
+}
+
+static void init(struct xt_entry_target *t, unsigned int *nfcache)
+{
+ struct xt_nflog_info *info = (struct xt_nflog_info *)t->data;
+
+ info->group = 0;
+ info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
+}
+
+static int parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry,
+ struct xt_entry_target **target)
+{
+ struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
+ int n;
+
+ switch (c) {
+ case NFLOG_GROUP:
+ if (*flags & NFLOG_GROUP)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-group twice");
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --nflog-group");
+
+ n = atoi(optarg);
+ if (n < 0)
+ exit_error(PARAMETER_PROBLEM,
+ "--nflog-group can not be negative");
+ info->group = n;
+ break;
+ case NFLOG_PREFIX:
+ if (*flags & NFLOG_PREFIX)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-prefix twice");
+ if (check_inverse(optarg, &invert, NULL, 0))
+ exit_error(PARAMETER_PROBLEM,
+ "Unexpected `!' after --nflog-prefix");
+
+ n = strlen(optarg);
+ if (n == 0)
+ exit_error(PARAMETER_PROBLEM,
+ "No prefix specified for --nflog-prefix");
+ if (n >= sizeof(info->prefix))
+ exit_error(PARAMETER_PROBLEM,
+ "--nflog-prefix too long, max %Zu characters",
+ sizeof(info->prefix) - 1);
+ if (n != strlen(strtok(optarg, "\n")))
+ exit_error(PARAMETER_PROBLEM,
+ "Newlines are not allowed in --nflog-prefix");
+ strcpy(info->prefix, optarg);
+ break;
+ case NFLOG_RANGE:
+ if (*flags & NFLOG_RANGE)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-range twice");
+ n = atoi(optarg);
+ if (n < 0)
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid --nflog-range, must be >= 0");
+ info->len = n;
+ break;
+ case NFLOG_THRESHOLD:
+ if (*flags & NFLOG_THRESHOLD)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify --nflog-threshold twice");
+ n = atoi(optarg);
+ if (n < 1)
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid --nflog-threshold, must be >= 1");
+ info->threshold = n;
+ break;
+ default:
+ return 0;
+ }
+ *flags |= c;
+ return 1;
+}
+
+static void final_check(unsigned int flags)
+{
+ return;
+}
+
+static void nflog_print(const struct xt_nflog_info *info, char *prefix)
+{
+ if (info->prefix[0] != '\0')
+ printf("%snflog-prefix \"%s\" ", prefix, info->prefix);
+ if (info->group)
+ printf("%snflog-group %u ", prefix, info->group);
+ if (info->len)
+ printf("%snflog-range %u ", prefix, info->len);
+ if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
+ printf("%snflog-threshold %u ", prefix, info->threshold);
+}
+
+static void print(const void *ip, const struct xt_entry_target *target,
+ int numeric)
+{
+ const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
+
+ nflog_print(info, "");
+}
+
+static void save(const void *ip, const struct xt_entry_target *target)
+{
+ const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
+
+ nflog_print(info, "--");
+}
+
+static struct iptables_target nflog = {
+ .name = "NFLOG",
+ .version = IPTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
+ .help = help,
+ .init = init,
+ .parse = parse,
+ .final_check = final_check,
+ .print = print,
+ .save = save,
+ .extra_opts = opts,
+};
+
+void _init(void)
+{
+ register_target(&nflog);
+}
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 9c5ea099..e69de29b 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -1,179 +0,0 @@
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <getopt.h>
-#include <xtables.h>
-
-#include <linux/netfilter/x_tables.h>
-#include <linux/netfilter/xt_NFLOG.h>
-
-enum {
- NFLOG_GROUP = 0x1,
- NFLOG_PREFIX = 0x2,
- NFLOG_RANGE = 0x4,
- NFLOG_THRESHOLD = 0x8,
-};
-
-static const struct option opts[] = {
- { "nflog-group", 1, 0, NFLOG_GROUP },
- { "nflog-prefix", 1, 0, NFLOG_PREFIX },
- { "nflog-range", 1, 0, NFLOG_RANGE },
- { "nflog-threshold", 1, 0, NFLOG_THRESHOLD },
- {NULL},
-};
-
-static void help(void)
-{
- printf("NFLOG v%s options:\n"
- " --nflog-group NUM NETLINK group used for logging\n"
- " --nflog-range NUM Number of byte to copy\n"
- " --nflog-threshold NUM Message threshold of in-kernel queue\n"
- " --nflog-prefix STRING Prefix string for log messages\n\n",
- IPTABLES_VERSION);
-}
-
-static void init(struct xt_entry_target *t, unsigned int *nfcache)
-{
- struct xt_nflog_info *info = (struct xt_nflog_info *)t->data;
-
- info->group = 0;
- info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
-}
-
-static int parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry,
- struct xt_entry_target **target)
-{
- struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
- int n;
-
- switch (c) {
- case NFLOG_GROUP:
- if (*flags & NFLOG_GROUP)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --nflog-group twice");
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM,
- "Unexpected `!' after --nflog-group");
-
- n = atoi(optarg);
- if (n < 0)
- exit_error(PARAMETER_PROBLEM,
- "--nflog-group can not be negative");
- info->group = n;
- break;
- case NFLOG_PREFIX:
- if (*flags & NFLOG_PREFIX)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --nflog-prefix twice");
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM,
- "Unexpected `!' after --nflog-prefix");
-
- n = strlen(optarg);
- if (n == 0)
- exit_error(PARAMETER_PROBLEM,
- "No prefix specified for --nflog-prefix");
- if (n >= sizeof(info->prefix))
- exit_error(PARAMETER_PROBLEM,
- "--nflog-prefix too long, max %Zu characters",
- sizeof(info->prefix) - 1);
- if (n != strlen(strtok(optarg, "\n")))
- exit_error(PARAMETER_PROBLEM,
- "Newlines are not allowed in --nflog-prefix");
- strcpy(info->prefix, optarg);
- break;
- case NFLOG_RANGE:
- if (*flags & NFLOG_RANGE)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --nflog-range twice");
- n = atoi(optarg);
- if (n < 0)
- exit_error(PARAMETER_PROBLEM,
- "Invalid --nflog-range, must be >= 0");
- info->len = n;
- break;
- case NFLOG_THRESHOLD:
- if (*flags & NFLOG_THRESHOLD)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify --nflog-threshold twice");
- n = atoi(optarg);
- if (n < 1)
- exit_error(PARAMETER_PROBLEM,
- "Invalid --nflog-threshold, must be >= 1");
- info->threshold = n;
- break;
- default:
- return 0;
- }
- *flags |= c;
- return 1;
-}
-
-static void final_check(unsigned int flags)
-{
- return;
-}
-
-static void nflog_print(const struct xt_nflog_info *info, char *prefix)
-{
- if (info->prefix[0] != '\0')
- printf("%snflog-prefix \"%s\" ", prefix, info->prefix);
- if (info->group)
- printf("%snflog-group %u ", prefix, info->group);
- if (info->len)
- printf("%snflog-range %u ", prefix, info->len);
- if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
- printf("%snflog-threshold %u ", prefix, info->threshold);
-}
-
-static void print(const void *ip, const struct xt_entry_target *target,
- int numeric)
-{
- const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
-
- nflog_print(info, "");
-}
-
-static void save(const void *ip, const struct xt_entry_target *target)
-{
- const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
-
- nflog_print(info, "--");
-}
-
-static struct xtables_target nflog = {
- .family = AF_INET,
- .name = "NFLOG",
- .version = IPTABLES_VERSION,
- .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
- .help = help,
- .init = init,
- .parse = parse,
- .final_check = final_check,
- .print = print,
- .save = save,
- .extra_opts = opts,
-};
-
-static struct xtables_target nflog6 = {
- .family = AF_INET6,
- .name = "NFLOG",
- .version = IPTABLES_VERSION,
- .size = XT_ALIGN(sizeof(struct xt_nflog_info)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_nflog_info)),
- .help = help,
- .init = init,
- .parse = parse,
- .final_check = final_check,
- .print = print,
- .save = save,
- .extra_opts = opts,
-};
-
-void _init(void)
-{
- xtables_register_target(&nflog);
- xtables_register_target(&nflog6);
-}