summaryrefslogtreecommitdiffstats
path: root/xshared.h
Commit message (Collapse)AuthorAgeFilesLines
* src: move all iptables pieces into a separate directoryJan Engelhardt2011-06-071-87/+0
| | | | | | (Unclutter top-level dir) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: combine default_command functionsJan Engelhardt2011-05-121-0/+3
|
* Don't load ip6?_tables module when already loadedMaciej Zenczykowski2011-04-191-0/+2
| | | | | Signed-off-by: Maciej Zenczykowski <maze@google.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* libxtables: guided option parserJan Engelhardt2011-04-061-0/+20
| | | | | | | | | | | This patchset seeks to drastically reduce the code in the individual extensions by centralizing their argument parsing (breakdown of strings), validation, and in part, assignment. As a secondary goal, this reduces the number of static storage duration variables in flight. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* ip(6)tables-multi: unify subcommand handlingStefan Tomanek2011-03-071-0/+11
| | | | | | | | | | I found the subcommand handling and naming done by iptables-multi and ip6tables-multi very confusing and complicated; this patch reorganizes the subcommands in a single table, allowing both variants of them to be used (iptables/main) and also prints a list of the allowed commands if an unknown command is entered by the user. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: move jump option handling from do_command6 into its own functionJan Engelhardt2011-02-071-0/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: deduplicate and simplify implicit protocol extension loadingJan Engelhardt2011-02-071-2/+1
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: put shared option flags into xsharedJan Engelhardt2011-02-071-0/+15
| | | | | | This will be needed for the find_proto function. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: deduplicate find_proto functionJan Engelhardt2011-02-071-0/+4
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: share iptables_command_state across the two programsJan Engelhardt2011-02-071-0/+18
| | | | | | | struct iptables_command_state and quite a bit of the code looks worthy of deduplication. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* ip[6]tables: only call match's parse function when option char is in rangeJan Engelhardt2011-01-081-0/+4
| | | | | | | | | | | | | | | | | Normally, extensions use a "default:" case in switch(c) to just return if they do not handle c. Apparently, libip6t_hl does that too late and checks for hl-specific parsing state before it has established that c refers to one of its own options. Also affected: libipt_ttl, libxt_ipvs, libxt_policy, libxt_statistic. One way to fix this is to move the flags checks into case '2', '3', '4'. Doing this replication feels bad, so as an alternative, let's just free extensions from having to deal with other extension's options passing thru. References: http://marc.info/?l=netfilter-devel&m=129444759532377&w=2 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: allow for help-less extensionsJan Engelhardt2009-06-261-0/+10
This is for extensions that do not take any options, and which subsequently do not offer any help text either. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>