summaryrefslogtreecommitdiffstats
path: root/libipq
diff options
context:
space:
mode:
Diffstat (limited to 'libipq')
-rw-r--r--libipq/ipq_create_handle.310
-rw-r--r--libipq/libipq.36
-rw-r--r--libipq/libipq.c26
3 files changed, 32 insertions, 10 deletions
diff --git a/libipq/ipq_create_handle.3 b/libipq/ipq_create_handle.3
index da99e549..c833e884 100644
--- a/libipq/ipq_create_handle.3
+++ b/libipq/ipq_create_handle.3
@@ -1,6 +1,6 @@
.TH IPQ_CREATE_HANDLE 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual"
.\"
-\" $Id: ipq_create_handle.3,v 1.1 2000/11/20 14:13:31 jamesm Exp $
+\" $Id: ipq_create_handle.3,v 1.2 2001/10/16 14:41:02 jamesm Exp $
.\"
.\" Copyright (c) 2000-2001 Netfilter Core Team
.\"
@@ -26,7 +26,7 @@ ipq_create_handle, ipq_destroy_handle - create and destroy libipq handles.
.br
.B #include <libipq.h>
.sp
-.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags );
+.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags ", u_int32_t " protocol ");"
.br
.BI "int ipq_destroy_handle(struct ipq_handle *" h );
.SH DESCRIPTION
@@ -44,6 +44,12 @@ parameter is not currently used and should be set to zero by the application
for forward compatibility.
.PP
The
+.I protocol
+parameter is used to specify the protocol of the packets to be queued.
+Valid values are PF_INET for IPv4 and PF_INET6 for IPv6. Currently,
+only one protocol may be queued at a time for a handle.
+.PP
+The
.B ipq_destroy_handle
function frees up resources allocated by
.BR ipq_create_handle ,
diff --git a/libipq/libipq.3 b/libipq/libipq.3
index 89976855..c2295c1d 100644
--- a/libipq/libipq.3
+++ b/libipq/libipq.3
@@ -1,6 +1,6 @@
.TH LIBIPQ 3 "16 October 2001" "Linux iptables 1.2" "Linux Programmer's Manual"
.\"
-.\" $Id: libipq.3,v 1.3 2001/10/16 14:41:02 jamesm Exp $
+.\" $Id: libipq.3,v 1.4 2001/10/16 16:58:25 jamesm Exp $
.\"
.\" Copyright (c) 2000-2001 Netfilter Core Team
.\"
@@ -187,7 +187,7 @@ int main(int argc, char **argv)
unsigned char buf[BUFSIZE];
struct ipq_handle *h;
- h = ipq_create_handle(0);
+ h = ipq_create_handle(0, PF_INET);
if (!h)
die(h);
@@ -257,6 +257,8 @@ Distributed under the GNU General Public License.
Joost Remijn implemented the
.B ipq_read
timeout feature, which appeared in the 1.2.4 release of iptables.
+.PP
+Fernando Anton added support for IPv6.
.SH SEE ALSO
.BR iptables (8),
.BR ipq_create_handle (3),
diff --git a/libipq/libipq.c b/libipq/libipq.c
index b4b69a26..709c8a21 100644
--- a/libipq/libipq.c
+++ b/libipq/libipq.c
@@ -8,6 +8,8 @@
*
* Author: James Morris <jmorris@intercode.com.au>
*
+ * 07-11-2001 Modified by Fernando Anton to add support for IPv6.
+ *
* Copyright (c) 2000-2001 Netfilter Core Team
*
* This program is free software; you can redistribute it and/or modify
@@ -53,9 +55,10 @@ enum {
IPQ_ERR_SEND,
IPQ_ERR_SUPP,
IPQ_ERR_RECVBUF,
- IPQ_ERR_TIMEOUT
+ IPQ_ERR_TIMEOUT,
+ IPQ_ERR_PROTOCOL
};
-#define IPQ_MAXERR IPQ_ERR_TIMEOUT
+#define IPQ_MAXERR IPQ_ERR_PROTOCOL
struct ipq_errmap_t {
int errcode;
@@ -76,7 +79,8 @@ struct ipq_errmap_t {
{ IPQ_ERR_SEND, "Failed to send netlink message" },
{ IPQ_ERR_SUPP, "Operation not supported" },
{ IPQ_ERR_RECVBUF, "Receive buffer size invalid" },
- { IPQ_ERR_TIMEOUT, "Timeout"}
+ { IPQ_ERR_TIMEOUT, "Timeout"},
+ { IPQ_ERR_PROTOCOL, "Invalid protocol specified" }
};
static int ipq_errno = IPQ_ERR_NONE;
@@ -194,9 +198,8 @@ static char *ipq_strerror(int errcode)
/*
* Create and initialise an ipq handle.
- * FIXME: implement flags.
*/
-struct ipq_handle *ipq_create_handle(u_int32_t flags)
+struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol)
{
int status;
struct ipq_handle *h;
@@ -206,8 +209,19 @@ struct ipq_handle *ipq_create_handle(u_int32_t flags)
ipq_errno = IPQ_ERR_HANDLE;
return NULL;
}
+
memset(h, 0, sizeof(struct ipq_handle));
- h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_FIREWALL);
+
+ if (protocol == PF_INET)
+ h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_FIREWALL);
+ else if (protocol == PF_INET6)
+ h->fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_IP6_FW);
+ else {
+ ipq_errno = IPQ_ERR_PROTOCOL;
+ free(h);
+ return NULL;
+ }
+
if (h->fd == -1) {
ipq_errno = IPQ_ERR_SOCKET;
close(h->fd);