libxtables: Move struct xtables_afinfo into xtables.h

The library "owns" this structure and maintains 'afinfo' pointer to
instances of it. With libxt_set, there's even an extension making use of
the data.

To avoid impact on library users, guard it by XTABLES_INTERNAL.

To eliminate the xshared.h include by libxt_set, DEBUGP has to be
redefined. Other extensions have similar defines, fix this later.

Signed-off-by: Phil Sutter <phil@nwl.cc>

4 files changed, 28 insertions, 23 deletions

diff --git a/extensions/libxt_set.c b/extensions/libxt_set.c
index 16921023..a2137ab1 100644
--- a/extensions/libxt_set.c
+++ b/extensions/libxt_set.c
@@ -22,6 +22,12 @@
 #include <linux/netfilter/xt_set.h>
 #include "libxt_set.h"
 
+#ifdef DEBUG
+#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#else
+#define DEBUGP(x, args...)
+#endif
+
 /* Revision 0 */
 
 static void
diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
index ad895a75..597bf7eb 100644
--- a/extensions/libxt_set.h
+++ b/extensions/libxt_set.h
@@ -6,7 +6,6 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <errno.h>
-#include "../iptables/xshared.h"
 
 static int
 get_version(unsigned *version)
diff --git a/include/xtables.h b/include/xtables.h
index f1937f3e..b8d8372d 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -665,6 +665,28 @@ void xtables_announce_chain(const char *name);
 
 extern void _init(void);
 
+/**
+ * xtables_afinfo - protocol family dependent information
+ * @kmod:		kernel module basename (e.g. "ip_tables")
+ * @proc_exists:	file which exists in procfs when module already loaded
+ * @libprefix:		prefix of .so library name (e.g. "libipt_")
+ * @family:		nfproto family
+ * @ipproto:		used by setsockopt (e.g. IPPROTO_IP)
+ * @so_rev_match:	optname to check revision support of match
+ * @so_rev_target:	optname to check revision support of target
+ */
+struct xtables_afinfo {
+	const char *kmod;
+	const char *proc_exists;
+	const char *libprefix;
+	uint8_t family;
+	uint8_t ipproto;
+	int so_rev_match;
+	int so_rev_target;
+};
+
+extern const struct xtables_afinfo *afinfo;
+
 #endif /* XTABLES_INTERNAL */
 
 #ifdef __cplusplus
diff --git a/iptables/xshared.h b/iptables/xshared.h
index 1d6b9bf4..1fdc760a 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -75,26 +75,6 @@ struct xtables_target;
 #define IPT_INV_ARPOP		0x0400
 #define IPT_INV_ARPHRD		0x0800
 
-/**
- * xtables_afinfo - protocol family dependent information
- * @kmod:		kernel module basename (e.g. "ip_tables")
- * @proc_exists:	file which exists in procfs when module already loaded
- * @libprefix:		prefix of .so library name (e.g. "libipt_")
- * @family:		nfproto family
- * @ipproto:		used by setsockopt (e.g. IPPROTO_IP)
- * @so_rev_match:	optname to check revision support of match
- * @so_rev_target:	optname to check revision support of target
- */
-struct xtables_afinfo {
-	const char *kmod;
-	const char *proc_exists;
-	const char *libprefix;
-	uint8_t family;
-	uint8_t ipproto;
-	int so_rev_match;
-	int so_rev_target;
-};
-
 /* trick for ebtables-compat, since watchers are targets */
 struct ebt_match {
 	struct ebt_match			*next;
@@ -187,8 +167,6 @@ int parse_counters(const char *string, struct xt_counters *ctr);
 bool tokenize_rule_counters(char **bufferp, char **pcnt, char **bcnt, int line);
 bool xs_has_arg(int argc, char *argv[]);
 
-extern const struct xtables_afinfo *afinfo;
-
 #define MAX_ARGC	255
 struct argv_store {
 	int argc;