summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-multi.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-02-04 16:21:18 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2014-02-04 16:28:33 +0100
commit4cffe00557b40dfe8c3236746797b24c4074c95e (patch)
treea2be509af0df42e3d4050a03c1f19fa69c6c36af /iptables/xtables-multi.h
parent43bb2819c5b7b783cbaceffd0e6d4b6e502a0fb5 (diff)
xtables: add xtables-compat-multi for the nftables compatibility layer
This patch should allow distributors to switch to the iptables over nftables compatibility layer in a transparent way by updating symbolic links from: lrwxrwxrwx 1 root root 13 feb 4 15:35 iptables -> xtables-multi to: lrwxrwxrwx 1 root root 13 feb 4 15:35 iptables -> xtables-compat-multi Same thing with iptables-save, iptables-restore, ip6tables, ip6tables-save, ip6tables-restore and arptables. Note that, after this patch, the following new symlinks are installed: * iptables-compat * iptables-compat-save * iptables-compat-restore * ip6tables-compat * ip6tables-compat-save * ip6tables-compat-restore * arptables-compat which point to the new binary xtables-compat-multi. The idea is to keep both native and compatibility tools installed in the system, which should also make it easier for testing purposes. The iptables over nftables compatibility layer is enabled by default and it requires the libmnl and libnftnl libraries. If you don't want to compile the compatibility layer, you can still disable it through --disable-nftables. This patch also includes changes to adapt the existing code to this approach. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables-multi.h')
-rw-r--r--iptables/xtables-multi.h13
1 files changed, 9 insertions, 4 deletions
diff --git a/iptables/xtables-multi.h b/iptables/xtables-multi.h
index 759e24f0..e706894b 100644
--- a/iptables/xtables-multi.h
+++ b/iptables/xtables-multi.h
@@ -2,11 +2,16 @@
#define _XTABLES_MULTI_H 1
extern int iptables_xml_main(int, char **);
-extern int xtables_main(int, char **);
-extern int xtables_save_main(int, char **);
-extern int xtables_restore_main(int, char **);
+#ifdef ENABLE_NFTABLES
+extern int xtables_ip4_main(int, char **);
+extern int xtables_ip4_save_main(int, char **);
+extern int xtables_ip4_restore_main(int, char **);
+extern int xtables_ip6_main(int, char **);
+extern int xtables_ip6_save_main(int, char **);
+extern int xtables_ip6_restore_main(int, char **);
+extern int xtables_arp_main(int, char **);
extern int xtables_config_main(int, char **);
extern int xtables_events_main(int, char **);
-extern int xtables_arp_main(int, char **);
+#endif
#endif /* _XTABLES_MULTI_H */