diff options
| author | Yasuyuki KOZAKAI <yasuyuki@netfilter.org> | 2007-07-24 07:21:17 +0000 |
|---|---|---|
| committer | Yasuyuki KOZAKAI <yasuyuki@netfilter.org> | 2007-07-24 07:21:17 +0000 |
| commit | 9ea637d5a7ebfb04e97db4cb114117474bbda9cf (patch) | |
| tree | 26d882d0bf16296b2ec60b86a37f01588d523f77 /extensions | |
| parent | 3c96c8e1947ae4621e39c1d380358da603d2e65c (diff) | |
Add IPv6 support to comment match
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/Makefile | 4 | ||||
| -rw-r--r-- | extensions/libxt_comment.c (renamed from extensions/libipt_comment.c) | 63 |
2 files changed, 42 insertions, 25 deletions
diff --git a/extensions/Makefile b/extensions/Makefile index 1a757e72..0a46256f 100644 --- a/extensions/Makefile +++ b/extensions/Makefile @@ -5,9 +5,9 @@ # header files are present in the include/linux directory of this iptables # package (HW) # -PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG +PF_EXT_SLIB:=ah addrtype connlimit connmark conntrack ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG PF6_EXT_SLIB:=connlimit connmark eui64 hl icmp6 owner policy state CONNMARK HL LOG NFQUEUE MARK TCPMSS TRACE -PFX_EXT_SLIB:=dscp esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK +PFX_EXT_SLIB:=comment dscp esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK ifeq ($(DO_SELINUX), 1) PF_EXT_SE_SLIB:=SECMARK CONNSECMARK diff --git a/extensions/libipt_comment.c b/extensions/libxt_comment.c index ba0e92f2..9a0c9605 100644 --- a/extensions/libipt_comment.c +++ b/extensions/libxt_comment.c @@ -11,8 +11,8 @@ #include <stdlib.h> #include <getopt.h> -#include <iptables.h> -#include <linux/netfilter_ipv4/ipt_comment.h> +#include <xtables.h> +#include <linux/netfilter/xt_comment.h> /* Function which prints out usage message. */ static void @@ -30,13 +30,13 @@ static struct option opts[] = { }; static void -parse_comment(const char *s, struct ipt_comment_info *info) +parse_comment(const char *s, struct xt_comment_info *info) { int slen = strlen(s); - if (slen >= IPT_MAX_COMMENT_LEN) { + if (slen >= XT_MAX_COMMENT_LEN) { exit_error(PARAMETER_PROBLEM, - "COMMENT must be shorter than %i characters", IPT_MAX_COMMENT_LEN); + "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); } strcpy((char *)info->comment, s); } @@ -49,7 +49,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, unsigned int *nfcache, struct xt_entry_match **match) { - struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)(*match)->data; + struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data; switch (c) { case '1': @@ -83,9 +83,9 @@ print(const void *ip, const struct xt_entry_match *match, int numeric) { - struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)match->data; + struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data; - commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0'; + commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; printf("/* %s */ ", commentinfo->comment); } @@ -93,27 +93,44 @@ print(const void *ip, static void save(const void *ip, const struct xt_entry_match *match) { - struct ipt_comment_info *commentinfo = (struct ipt_comment_info *)match->data; + struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data; - commentinfo->comment[IPT_MAX_COMMENT_LEN-1] = '\0'; + commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; printf("--comment \"%s\" ", commentinfo->comment); } -static struct iptables_match comment = { - .next = NULL, - .name = "comment", - .version = IPTABLES_VERSION, - .size = IPT_ALIGN(sizeof(struct ipt_comment_info)), - .userspacesize = IPT_ALIGN(sizeof(struct ipt_comment_info)), - .help = &help, - .parse = &parse, - .final_check = &final_check, - .print = &print, - .save = &save, - .extra_opts = opts +static struct xtables_match comment = { + .next = NULL, + .family = AF_INET, + .name = "comment", + .version = IPTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_comment_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), + .help = &help, + .parse = &parse, + .final_check = &final_check, + .print = &print, + .save = &save, + .extra_opts = opts +}; + +static struct xtables_match comment6 = { + .next = NULL, + .family = AF_INET6, + .name = "comment", + .version = IPTABLES_VERSION, + .size = XT_ALIGN(sizeof(struct xt_comment_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_comment_info)), + .help = &help, + .parse = &parse, + .final_check = &final_check, + .print = &print, + .save = &save, + .extra_opts = opts }; void _init(void) { - register_match(&comment); + xtables_register_match(&comment); + xtables_register_match(&comment6); } |