From 1cc84d47766ad74be8609477d3496544848b75b1 Mon Sep 17 00:00:00 2001
From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Fri, 22 Aug 2014 11:16:29 +0200
Subject: nft: add nft_xt_ctx struct

This patch provides the context used to transfer
information between different nft_parse_* function calls.

Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft-shared.h | 32 +++++++++++++++++---------------
 1 file changed, 17 insertions(+), 15 deletions(-)

(limited to 'iptables/nft-shared.h')

diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 1c06b5f4..c4936dde 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -6,6 +6,8 @@
 #include <libnftnl/rule.h>
 #include <libnftnl/expr.h>
 
+#include <linux/netfilter_arp/arp_tables.h>
+
 #include "xshared.h"
 
 #if 0
@@ -36,6 +38,16 @@
 
 struct xtables_args;
 
+struct nft_xt_ctx {
+	union {
+		struct iptables_command_state *cs;
+		struct arpt_entry *fw;
+	} state;
+	struct nft_rule_expr_iter *iter;
+	int family;
+	uint32_t flags;
+};
+
 struct nft_family_ops {
 	int (*add)(struct nft_rule *r, void *data);
 	bool (*is_same)(const void *data_a,
@@ -88,19 +100,11 @@ void parse_meta(struct nft_rule_expr *e, uint8_t key, char *iniface,
 void print_proto(uint16_t proto, int invert);
 void get_cmp_data(struct nft_rule_expr_iter *iter,
 		  void *data, size_t dlen, bool *inv);
-void nft_parse_target(struct nft_rule_expr *e, struct nft_rule_expr_iter *iter,
-		      int family, void *data);
-void nft_parse_meta(struct nft_rule_expr *e, struct nft_rule_expr_iter *iter,
-		    int family, void *data);
-void nft_parse_payload(struct nft_rule_expr *e,
-		       struct nft_rule_expr_iter *iter,
-		       int family, void *data);
-void nft_parse_counter(struct nft_rule_expr *e,
-		       struct nft_rule_expr_iter *iter,
-		       struct xt_counters *counters);
-void nft_parse_immediate(struct nft_rule_expr *e,
-			 struct nft_rule_expr_iter *iter,
-			 int family, void *data);
+void nft_parse_target(struct nft_xt_ctx *ctx, struct nft_rule_expr *e);
+void nft_parse_meta(struct nft_xt_ctx *ctx, struct nft_rule_expr *e);
+void nft_parse_payload(struct nft_xt_ctx *ctx, struct nft_rule_expr *e);
+void nft_parse_counter(struct nft_rule_expr *e, struct xt_counters *counters);
+void nft_parse_immediate(struct nft_xt_ctx *ctx, struct nft_rule_expr *e);
 void nft_rule_to_iptables_command_state(struct nft_rule *r,
 					struct iptables_command_state *cs);
 void print_firewall_details(const struct iptables_command_state *cs,
@@ -182,8 +186,6 @@ struct xtables_args {
 extern char *opcodes[];
 #define NUMOPCODES 9
 
-#include <linux/netfilter_arp/arp_tables.h>
-
 static inline struct xt_entry_target *nft_arp_get_target(struct arpt_entry *fw)
 {
 	struct xt_entry_target **target;
-- 
cgit v1.2.3