From eaf831efecf936cab9a30f67284de7def4325545 Mon Sep 17 00:00:00 2001
From: Thomas Jacob <jacob@internet24.de>
Date: Mon, 23 Jun 2008 11:35:29 +0200
Subject: ip6tables: add --goto support

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 ip6tables.c | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

(limited to 'ip6tables.c')

diff --git a/ip6tables.c b/ip6tables.c
index e1461146..2b053924 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -132,6 +132,7 @@ static struct option original_opts[] = {
 	{.name = "line-numbers",  .has_arg = 0, .val = '0'},
 	{.name = "modprobe",      .has_arg = 1, .val = 'M'},
 	{.name = "set-counters",  .has_arg = 1, .val = 'c'},
+	{.name = "goto",          .has_arg = 1, .val = 'g'},
 	{NULL},
 };
 
@@ -328,6 +329,10 @@ exit_printhelp(struct ip6tables_rule_match *matches)
 "				network interface name ([+] for wildcard)\n"
 "  --jump	-j target\n"
 "				target for rule (may load target extension)\n"
+#ifdef IP6T_F_GOTO
+"  --goto	-g chain\n"
+"				jump to chain with no return\n"
+#endif
 "  --match	-m match\n"
 "				extended match (may load extension)\n"
 "  --numeric	-n		numeric output of addresses and ports\n"
@@ -823,6 +828,11 @@ print_firewall(const struct ip6t_entry *fw,
 	if (format & FMT_NOTABLE)
 		fputs("  ", stdout);
 
+#ifdef IP6T_F_GOTO
+	if(fw->ipv6.flags & IP6T_F_GOTO)
+		printf("[goto] ");
+#endif
+
 	IP6T_MATCH_ITERATE(fw, print_match, &fw->ipv6, format & FMT_NUMERIC);
 
 	if (target) {
@@ -1259,7 +1269,11 @@ void print_rule(const struct ip6t_entry *e,
 	/* Print target name */
 	target_name = ip6tc_get_target(e, h);
 	if (target_name && (*target_name != '\0'))
+#ifdef IP6T_F_GOTO
+		printf("-%c %s ", e->ipv6.flags & IP6T_F_GOTO ? 'g' : 'j', target_name);
+#else
 		printf("-j %s ", target_name);
+#endif
 
 	/* Print targinfo part */
 	t = ip6t_get_target((struct ip6t_entry *)e);
@@ -1447,7 +1461,7 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle)
 	opterr = 0;
 
 	while ((c = getopt_long(argc, argv,
-	   "-A:D:R:I:L::S::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:i:bvnt:m:xc:",
+	   "-A:D:R:I:L::S::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:i:bvnt:m:xc:g:",
 					   opts, NULL)) != -1) {
 		switch (c) {
 			/*
@@ -1638,6 +1652,15 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle)
 			dhostnetworkmask = argv[optind-1];
 			break;
 
+#ifdef IP6T_F_GOTO
+		case 'g':
+			set_option(&options, OPT_JUMP, &fw.ipv6.invflags,
+					invert);
+			fw.ipv6.flags |= IP6T_F_GOTO;
+			jumpto = parse_target(optarg);
+			break;
+#endif
+
 		case 'j':
 			set_option(&options, OPT_JUMP, &fw.ipv6.invflags,
 				   invert);
@@ -1995,6 +2018,11 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle)
 			 * We cannot know if the plugin is corrupt, non
 			 * existant OR if the user just misspelled a
 			 * chain. */
+#ifdef IP6T_F_GOTO
+			if (fw.ipv6.flags & IP6T_F_GOTO)
+				exit_error(PARAMETER_PROBLEM,
+						"goto '%s' is not a chain\n", jumpto);
+#endif
 			find_target(jumpto, LOAD_MUST_SUCCEED);
 		} else {
 			e = generate_entry(&fw, matches, target->t);
-- 
cgit v1.2.3