From fec77fed67feb55aba4c33ae2367178c57ce83de Mon Sep 17 00:00:00 2001 From: Yasuyuki KOZAKAI Date: Tue, 24 Jul 2007 07:06:57 +0000 Subject: Unifies libip[6]t_physdev.c into libxt_physdev.c --- extensions/libipt_physdev.c | 193 -------------------------------------------- 1 file changed, 193 deletions(-) delete mode 100644 extensions/libipt_physdev.c (limited to 'extensions/libipt_physdev.c') diff --git a/extensions/libipt_physdev.c b/extensions/libipt_physdev.c deleted file mode 100644 index d80fb0cd..00000000 --- a/extensions/libipt_physdev.c +++ /dev/null @@ -1,193 +0,0 @@ -/* Shared library add-on to iptables to add bridge port matching support. */ -#include -#include -#include -#include -#include -#include -#include -#if defined(__GLIBC__) && __GLIBC__ == 2 -#include -#else -#include -#endif - -static void -help(void) -{ - printf( -"physdev v%s options:\n" -" --physdev-in [!] input name[+] bridge port name ([+] for wildcard)\n" -" --physdev-out [!] output name[+] bridge port name ([+] for wildcard)\n" -" [!] --physdev-is-in arrived on a bridge device\n" -" [!] --physdev-is-out will leave on a bridge device\n" -" [!] --physdev-is-bridged it's a bridged packet\n" -"\n", IPTABLES_VERSION); -} - -static struct option opts[] = { - { "physdev-in", 1, 0, '1' }, - { "physdev-out", 1, 0, '2' }, - { "physdev-is-in", 0, 0, '3' }, - { "physdev-is-out", 0, 0, '4' }, - { "physdev-is-bridged", 0, 0, '5' }, - {0} -}; - -static void -init(struct xt_entry_match *m, unsigned int *nfcache) -{ -} - -static int -parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, - unsigned int *nfcache, - struct xt_entry_match **match) -{ - struct ipt_physdev_info *info = - (struct ipt_physdev_info*)(*match)->data; - - switch (c) { - case '1': - if (*flags & IPT_PHYSDEV_OP_IN) - goto multiple_use; - check_inverse(optarg, &invert, &optind, 0); - parse_interface(argv[optind-1], info->physindev, - (unsigned char *)info->in_mask); - if (invert) - info->invert |= IPT_PHYSDEV_OP_IN; - info->bitmask |= IPT_PHYSDEV_OP_IN; - *flags |= IPT_PHYSDEV_OP_IN; - break; - - case '2': - if (*flags & IPT_PHYSDEV_OP_OUT) - goto multiple_use; - check_inverse(optarg, &invert, &optind, 0); - parse_interface(argv[optind-1], info->physoutdev, - (unsigned char *)info->out_mask); - if (invert) - info->invert |= IPT_PHYSDEV_OP_OUT; - info->bitmask |= IPT_PHYSDEV_OP_OUT; - *flags |= IPT_PHYSDEV_OP_OUT; - break; - - case '3': - if (*flags & IPT_PHYSDEV_OP_ISIN) - goto multiple_use; - check_inverse(optarg, &invert, &optind, 0); - info->bitmask |= IPT_PHYSDEV_OP_ISIN; - if (invert) - info->invert |= IPT_PHYSDEV_OP_ISIN; - *flags |= IPT_PHYSDEV_OP_ISIN; - break; - - case '4': - if (*flags & IPT_PHYSDEV_OP_ISOUT) - goto multiple_use; - check_inverse(optarg, &invert, &optind, 0); - info->bitmask |= IPT_PHYSDEV_OP_ISOUT; - if (invert) - info->invert |= IPT_PHYSDEV_OP_ISOUT; - *flags |= IPT_PHYSDEV_OP_ISOUT; - break; - - case '5': - if (*flags & IPT_PHYSDEV_OP_BRIDGED) - goto multiple_use; - check_inverse(optarg, &invert, &optind, 0); - if (invert) - info->invert |= IPT_PHYSDEV_OP_BRIDGED; - *flags |= IPT_PHYSDEV_OP_BRIDGED; - info->bitmask |= IPT_PHYSDEV_OP_BRIDGED; - break; - - default: - return 0; - } - - return 1; -multiple_use: - exit_error(PARAMETER_PROBLEM, - "multiple use of the same physdev option is not allowed"); - -} - -static void final_check(unsigned int flags) -{ - if (flags == 0) - exit_error(PARAMETER_PROBLEM, "PHYSDEV: no physdev option specified"); -} - -static void -print(const void *ip, - const struct xt_entry_match *match, - int numeric) -{ - struct ipt_physdev_info *info = - (struct ipt_physdev_info*)match->data; - - printf("PHYSDEV match"); - if (info->bitmask & IPT_PHYSDEV_OP_ISIN) - printf("%s --physdev-is-in", - info->invert & IPT_PHYSDEV_OP_ISIN ? " !":""); - if (info->bitmask & IPT_PHYSDEV_OP_IN) - printf("%s --physdev-in %s", - (info->invert & IPT_PHYSDEV_OP_IN) ? " !":"", info->physindev); - - if (info->bitmask & IPT_PHYSDEV_OP_ISOUT) - printf("%s --physdev-is-out", - info->invert & IPT_PHYSDEV_OP_ISOUT ? " !":""); - if (info->bitmask & IPT_PHYSDEV_OP_OUT) - printf("%s --physdev-out %s", - (info->invert & IPT_PHYSDEV_OP_OUT) ? " !":"", info->physoutdev); - if (info->bitmask & IPT_PHYSDEV_OP_BRIDGED) - printf("%s --physdev-is-bridged", - info->invert & IPT_PHYSDEV_OP_BRIDGED ? " !":""); - printf(" "); -} - -static void save(const void *ip, const struct xt_entry_match *match) -{ - struct ipt_physdev_info *info = - (struct ipt_physdev_info*)match->data; - - if (info->bitmask & IPT_PHYSDEV_OP_ISIN) - printf("%s --physdev-is-in", - info->invert & IPT_PHYSDEV_OP_ISIN ? " !":""); - if (info->bitmask & IPT_PHYSDEV_OP_IN) - printf("%s --physdev-in %s", - (info->invert & IPT_PHYSDEV_OP_IN) ? " !":"", info->physindev); - - if (info->bitmask & IPT_PHYSDEV_OP_ISOUT) - printf("%s --physdev-is-out", - info->invert & IPT_PHYSDEV_OP_ISOUT ? " !":""); - if (info->bitmask & IPT_PHYSDEV_OP_OUT) - printf("%s --physdev-out %s", - (info->invert & IPT_PHYSDEV_OP_OUT) ? " !":"", info->physoutdev); - if (info->bitmask & IPT_PHYSDEV_OP_BRIDGED) - printf("%s --physdev-is-bridged", - info->invert & IPT_PHYSDEV_OP_BRIDGED ? " !":""); - printf(" "); -} - -static struct iptables_match physdev = { - .next = NULL, - .name = "physdev", - .version = IPTABLES_VERSION, - .size = IPT_ALIGN(sizeof(struct ipt_physdev_info)), - .userspacesize = IPT_ALIGN(sizeof(struct ipt_physdev_info)), - .help = &help, - .init = &init, - .parse = &parse, - .final_check = &final_check, - .print = &print, - .save = &save, - .extra_opts = opts -}; - -void _init(void) -{ - register_match(&physdev); -} -- cgit v1.2.3