From 88eb835ad207f579ae4ce21cd46f0b564ebd4748 Mon Sep 17 00:00:00 2001 From: Philip Blundell Date: Wed, 10 May 2000 00:25:04 +0000 Subject: Philip Blundell's IPv6 fixes. --- include/libiptc/libip6tc.h | 11 ++++++----- libiptc/libip6tc.c | 25 +++++++++++++------------ 2 files changed, 19 insertions(+), 17 deletions(-) diff --git a/include/libiptc/libip6tc.h b/include/libiptc/libip6tc.h index d0b87bdf..ad507c8d 100644 --- a/include/libiptc/libip6tc.h +++ b/include/libiptc/libip6tc.h @@ -14,6 +14,7 @@ typedef char ip6t_chainlabel[32]; #define IP6TC_LABEL_ACCEPT "ACCEPT" #define IP6TC_LABEL_DROP "DROP" +#define IP6TC_LABEL_QUEUE "QUEUE" #define IP6TC_LABEL_RETURN "RETURN" /* Transparent handle type. */ @@ -25,9 +26,9 @@ int ip6tc_is_chain(const char *chain, const ip6tc_handle_t handle); /* Take a snapshot of the rules. Returns NULL on error. */ ip6tc_handle_t ip6tc_init(const char *tablename); -/* Iterator functions to run through the chains; prev = NULL means - first chain. Returns NULL at end. */ -const char *ip6tc_next_chain(const char *prev, ip6tc_handle_t *handle); +/* Iterator functions to run through the chains. Returns NULL at end. */ +const char *iptc_first_chain(ip6tc_handle_t *handle); +const char *ip6tc_next_chain(ip6tc_handle_t *handle); /* How many rules in this chain? */ unsigned int ip6tc_num_rules(const char *chain, ip6tc_handle_t *handle); @@ -38,8 +39,7 @@ const struct ip6t_entry *ip6tc_get_rule(const char *chain, ip6tc_handle_t *handle); /* Returns a pointer to the target name of this position. */ -const char *ip6tc_get_target(const char *chain, - unsigned int n, +const char *ip6tc_get_target(const struct ip6t_entry *e, ip6tc_handle_t *handle); /* Is this a built-in chain? */ @@ -75,6 +75,7 @@ int ip6tc_append_entry(const ip6t_chainlabel chain, /* Delete the first rule in `chain' which matches `fw'. */ int ip6tc_delete_entry(const ip6t_chainlabel chain, const struct ip6t_entry *origfw, + unsigned char *matchmask, ip6tc_handle_t *handle); /* Delete the rule in position `rulenum' in `chain'. */ diff --git a/libiptc/libip6tc.c b/libiptc/libip6tc.c index 033693ff..10bcf5a5 100644 --- a/libiptc/libip6tc.c +++ b/libiptc/libip6tc.c @@ -97,6 +97,7 @@ typedef unsigned int socklen_t; #define LABEL_RETURN IP6TC_LABEL_RETURN #define LABEL_ACCEPT IP6TC_LABEL_ACCEPT #define LABEL_DROP IP6TC_LABEL_DROP +#define LABEL_QUEUE IP6TC_LABEL_QUEUE #define ALIGN IP6T_ALIGN #define RETURN IP6T_RETURN @@ -189,8 +190,8 @@ dump_entry(struct ip6t_entry *e, const ip6tc_handle_t handle) IP6T_MATCH_ITERATE(e, print_match); t = ip6t_get_target(e); - printf("Target name: `%s' [%u]\n", t->u.name, t->target_size); - if (strcmp(t->u.name, IP6T_STANDARD_TARGET) == 0) { + printf("Target name: `%s' [%u]\n", t->u.user.name, t->u.target_size); + if (strcmp(t->u.user.name, IP6T_STANDARD_TARGET) == 0) { int pos = *(int *)t->data; if (pos < 0) printf("verdict=%s\n", @@ -200,19 +201,19 @@ dump_entry(struct ip6t_entry *e, const ip6tc_handle_t handle) : "UNKNOWN"); else printf("verdict=%u\n", pos); - } else if (strcmp(t->u.name, IP6T_ERROR_TARGET) == 0) + } else if (strcmp(t->u.user.name, IP6T_ERROR_TARGET) == 0) printf("error=`%s'\n", t->data); printf("\n"); return 0; } -static inline int -is_same(const struct STRUCT_ENTRY *a, const struct STRUCT_ENTRY *b, +static int +is_same(const STRUCT_ENTRY *a, const STRUCT_ENTRY *b, unsigned char *matchmask) { unsigned int i; - struct STRUCT_ENTRY_TARGET *ta, *tb; + STRUCT_ENTRY_TARGET *ta, *tb; unsigned char *mptr; /* Always compare head structures: ignore mask here. */ @@ -244,15 +245,15 @@ is_same(const struct STRUCT_ENTRY *a, const struct STRUCT_ENTRY *b, || a->next_offset != b->next_offset) return 0; - mptr = matchmask + sizeof(struct STRUCT_ENTRY); - if (IP6T_MATCH_ITERATE(a, match_different, a->elems, b->elems)) + mptr = matchmask + sizeof(STRUCT_ENTRY); + if (IP6T_MATCH_ITERATE(a, match_different, a->elems, b->elems, &mptr)) return 0; - ta = GET_TARGET((struct STRUCT_ENTRY *)a); - tb = GET_TARGET((struct STRUCT_ENTRY *)b); - if (ta->target_size != tb->target_size) + ta = GET_TARGET((STRUCT_ENTRY *)a); + tb = GET_TARGET((STRUCT_ENTRY *)b); + if (ta->u.target_size != tb->u.target_size) return 0; - if (strcmp(ta->u.name, tb->u.name) != 0) + if (strcmp(ta->u.user.name, tb->u.user.name) != 0) return 0; mptr += sizeof(*ta); -- cgit v1.2.3