From ffe96c5a701396fd666228034ff694ffdcd1ad10 Mon Sep 17 00:00:00 2001
From: James Morris <jmorris@intercode.com.au>
Date: Sat, 24 Nov 2001 15:09:19 +0000
Subject: IPv6 queue handler, libipq support, documentation from Fernando
 Anton.

---
 include/libipq/libipq.h    |  2 +-
 libipq/ipq_create_handle.3 | 10 ++++++++--
 libipq/libipq.3            |  6 ++++--
 libipq/libipq.c            | 26 ++++++++++++++++++++------
 4 files changed, 33 insertions(+), 11 deletions(-)

diff --git a/include/libipq/libipq.h b/include/libipq/libipq.h
index bb7eee99..5a83a4a7 100644
--- a/include/libipq/libipq.h
+++ b/include/libipq/libipq.h
@@ -58,7 +58,7 @@ struct ipq_handle
 	struct sockaddr_nl peer;
 };
 
-struct ipq_handle *ipq_create_handle(u_int32_t flags);
+struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol);
 
 int ipq_destroy_handle(struct ipq_handle *h);
 
diff --git a/libipq/ipq_create_handle.3 b/libipq/ipq_create_handle.3
index da99e549..c833e884 100644
--- a/libipq/ipq_create_handle.3
+++ b/libipq/ipq_create_handle.3
@@ -1,6 +1,6 @@
 .TH IPQ_CREATE_HANDLE 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual" 
 .\"
-\" $Id: ipq_create_handle.3,v 1.1 2000/11/20 14:13:31 jamesm Exp $
+\" $Id: ipq_create_handle.3,v 1.2 2001/10/16 14:41:02 jamesm Exp $
 .\"
 .\"     Copyright (c) 2000-2001 Netfilter Core Team
 .\"
@@ -26,7 +26,7 @@ ipq_create_handle, ipq_destroy_handle - create and destroy libipq handles.
 .br
 .B #include <libipq.h>
 .sp
-.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags );
+.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags ", u_int32_t " protocol ");"
 .br
 .BI "int ipq_destroy_handle(struct ipq_handle *" h );
 .SH DESCRIPTION
@@ -44,6 +44,12 @@ parameter is not currently used and should be set to zero by the application
 for forward compatibility.
 .PP
 The
+.I protocol
+parameter is used to specify the protocol of the packets to be queued.
+Valid values are PF_INET for IPv4 and PF_INET6 for IPv6.  Currently, 
+only one protocol may be queued at a time for a handle.
+.PP
+The
 .B ipq_destroy_handle
 function frees up resources allocated by
 .BR ipq_create_handle ,
diff --git a/libipq/libipq.3 b/libipq/libipq.3
index 89976855..c2295c1d 100644
--- a/libipq/libipq.3
+++ b/libipq/libipq.3
@@ -1,6 +1,6 @@
 .TH LIBIPQ 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual" 
 .\"
-.\" $Id: libipq.3,v 1.3 2001/10/16 14:41:02 jamesm Exp $
+.\" $Id: libipq.3,v 1.4 2001/10/16 16:58:25 jamesm Exp $
 .\"
 .\"     Copyright (c) 2000-2001 Netfilter Core Team
 .\"
@@ -187,7 +187,7 @@ int main(int argc, char **argv)
 	unsigned char buf[BUFSIZE];
 	struct ipq_handle *h;
 	
-	h = ipq_create_handle(0);
+	h = ipq_create_handle(0, PF_INET);
 	if (!h)
 		die(h);
 		
@@ -257,6 +257,8 @@ Distributed under the GNU General Public License.
 Joost Remijn implemented the
 .B ipq_read
 timeout feature, which appeared in the 1.2.4 release of iptables.
+.PP
+Fernando Anton added support for IPv6.
 .SH SEE ALSO
 .BR iptables (8),
 .BR ipq_create_handle (3),
diff --git a/libipq/libipq.c b/libipq/libipq.c
index b4b69a26..709c8a21 100644
--- a/libipq/libipq.c
+++ b/libipq/libipq.c
@@ -8,6 +8,8 @@
  *
  * Author: James Morris <jmorris@intercode.com.au>
  *
+ * 07-11-2001 Modified by Fernando Anton to add support for IPv6.
+ *
  * Copyright (c) 2000-2001 Netfilter Core Team
  *
  * This program is free software; you can redistribute it and/or modify
@@ -53,9 +55,10 @@ enum {
 	IPQ_ERR_SEND,
 	IPQ_ERR_SUPP,
 	IPQ_ERR_RECVBUF,
-	IPQ_ERR_TIMEOUT
+	IPQ_ERR_TIMEOUT,
+        IPQ_ERR_PROTOCOL
 };
-#define IPQ_MAXERR IPQ_ERR_TIMEOUT
+#define IPQ_MAXERR IPQ_ERR_PROTOCOL
 
 struct ipq_errmap_t {
 	int errcode;
@@ -76,7 +79,8 @@ struct ipq_errmap_t {
 	{ IPQ_ERR_SEND, "Failed to send netlink message" },
 	{ IPQ_ERR_SUPP, "Operation not supported" },
 	{ IPQ_ERR_RECVBUF, "Receive buffer size invalid" },
-	{ IPQ_ERR_TIMEOUT, "Timeout"}
+	{ IPQ_ERR_TIMEOUT, "Timeout"},
+	{ IPQ_ERR_PROTOCOL, "Invalid protocol specified" }
 };
 
 static int ipq_errno = IPQ_ERR_NONE;
@@ -194,9 +198,8 @@ static char *ipq_strerror(int errcode)
 
 /*
  * Create and initialise an ipq handle.
- * FIXME: implement flags.
  */
-struct ipq_handle *ipq_create_handle(u_int32_t flags)
+struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol)
 {
 	int status;
 	struct ipq_handle *h;
@@ -206,8 +209,19 @@ struct ipq_handle *ipq_create_handle(u_int32_t flags)
 		ipq_errno = IPQ_ERR_HANDLE;
 		return NULL;
 	}
+	
 	memset(h, 0, sizeof(struct ipq_handle));
-	h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_FIREWALL);
+	
+        if (protocol == PF_INET)
+                h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_FIREWALL);
+        else if (protocol == PF_INET6)
+                h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_IP6_FW);
+        else {
+		ipq_errno = IPQ_ERR_PROTOCOL;
+		free(h);
+		return NULL;
+        }
+        
 	if (h->fd == -1) {
 		ipq_errno = IPQ_ERR_SOCKET;
 		close(h->fd);
-- 
cgit v1.2.3