diff options
| author | Phil Sutter <phil@nwl.cc> | 2021-12-23 18:55:53 +0100 |
|---|---|---|
| committer | Phil Sutter <phil@nwl.cc> | 2022-01-12 14:08:41 +0100 |
| commit | 3039a52c3ecf96df4e3b815d242f788c189093e1 (patch) | |
| tree | 58e536a794f5a28f3db2c934d23cd1ee15c8e3af /iptables/nft-shared.h | |
| parent | ece001c258e3fd8779e177ef00394877f2327f56 (diff) | |
xtables: Do not pass nft_handle to do_parse()
Make it fit for sharing with legacy iptables, drop nft-specific
parameter. This requires to mirror proto_parse and post_parse callbacks
from family_ops somewhere reachable - use xt_cmd_parse, it holds other
"parser setup data" as well.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft-shared.h')
| -rw-r--r-- | iptables/nft-shared.h | 40 |
1 files changed, 2 insertions, 38 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index 4948aef7..195e5fed 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -100,10 +100,7 @@ struct nft_family_ops { unsigned int num, unsigned int format); void (*save_rule)(const void *data, unsigned int format); void (*save_chain)(const struct nftnl_chain *c, const char *policy); - void (*proto_parse)(struct iptables_command_state *cs, - struct xtables_args *args); - void (*post_parse)(int command, struct iptables_command_state *cs, - struct xtables_args *args); + struct xt_cmd_parse_ops cmd_parse; void (*parse_match)(struct xtables_match *m, void *data); void (*parse_target)(struct xtables_target *t, void *data); void (*init_cs)(struct iptables_command_state *cs); @@ -177,40 +174,7 @@ void nft_ipv46_parse_target(struct xtables_target *t, void *data); bool compare_matches(struct xtables_rule_match *mt1, struct xtables_rule_match *mt2); bool compare_targets(struct xtables_target *tg1, struct xtables_target *tg2); -struct addr_mask { - union { - struct in_addr *v4; - struct in6_addr *v6; - void *ptr; - } addr; - - unsigned int naddrs; - - union { - struct in_addr *v4; - struct in6_addr *v6; - void *ptr; - } mask; -}; - -struct xtables_args { - int family; - uint16_t proto; - uint8_t flags; - uint16_t invflags; - char iniface[IFNAMSIZ], outiface[IFNAMSIZ]; - unsigned char iniface_mask[IFNAMSIZ], outiface_mask[IFNAMSIZ]; - bool goto_set; - const char *shostnetworkmask, *dhostnetworkmask; - const char *pcnt, *bcnt; - struct addr_mask s, d; - const char *src_mac, *dst_mac; - const char *arp_hlen, *arp_opcode; - const char *arp_htype, *arp_ptype; - unsigned long long pcnt_cnt, bcnt_cnt; -}; - -void do_parse(struct nft_handle *h, int argc, char *argv[], +void do_parse(int argc, char *argv[], struct xt_cmd_parse *p, struct iptables_command_state *cs, struct xtables_args *args); |