From d998de780729b03895cef84d1cfb6c36424e70f8 Mon Sep 17 00:00:00 2001 From: Shivani Bhardwaj Date: Thu, 14 Apr 2016 20:56:49 +0530 Subject: extensions: libxt_NFQUEUE: Unstack different versions Remove the stacking of older version into the newer one by adding the appropriate code corresponding to each version. Suggested-by: Florian Westphal Signed-off-by: Shivani Bhardwaj Signed-off-by: Pablo Neira Ayuso --- extensions/libxt_NFQUEUE.c | 104 +++++++++++++++++++++++++++++++++++++++------ 1 file changed, 92 insertions(+), 12 deletions(-) (limited to 'extensions/libxt_NFQUEUE.c') diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c index 0b5becc2..e8b81b60 100644 --- a/extensions/libxt_NFQUEUE.c +++ b/extensions/libxt_NFQUEUE.c @@ -30,23 +30,32 @@ static void NFQUEUE_help(void) static void NFQUEUE_help_v1(void) { - NFQUEUE_help(); printf( +"NFQUEUE target options\n" +" --queue-num value Send packet to QUEUE number .\n" +" Valid queue numbers are 0-65535\n" " --queue-balance first:last Balance flows between queues to .\n"); } static void NFQUEUE_help_v2(void) { - NFQUEUE_help_v1(); printf( +"NFQUEUE target options\n" +" --queue-num value Send packet to QUEUE number .\n" +" Valid queue numbers are 0-65535\n" +" --queue-balance first:last Balance flows between queues to .\n" " --queue-bypass Bypass Queueing if no queue instance exists.\n" " --queue-cpu-fanout Use current CPU (no hashing)\n"); } static void NFQUEUE_help_v3(void) { - NFQUEUE_help_v2(); printf( +"NFQUEUE target options\n" +" --queue-num value Send packet to QUEUE number .\n" +" Valid queue numbers are 0-65535\n" +" --queue-balance first:last Balance flows between queues to .\n" +" --queue-bypass Bypass Queueing if no queue instance exists.\n" " --queue-cpu-fanout Use current CPU (no hashing)\n"); } @@ -95,9 +104,21 @@ static void NFQUEUE_parse_v1(struct xt_option_call *cb) static void NFQUEUE_parse_v2(struct xt_option_call *cb) { struct xt_NFQ_info_v2 *info = cb->data; + const uint16_t *r = cb->val.u16_range; - NFQUEUE_parse_v1(cb); + xtables_option_parse(cb); switch (cb->entry->id) { + case O_QUEUE_BALANCE: + if (cb->nvals != 2) + xtables_error(PARAMETER_PROBLEM, + "Bad range \"%s\"", cb->arg); + if (r[0] >= r[1]) + xtables_error(PARAMETER_PROBLEM, + "%u should be less than %u", + r[0], r[1]); + info->queuenum = r[0]; + info->queues_total = r[1] - r[0] + 1; + break; case O_QUEUE_BYPASS: info->bypass |= NFQ_FLAG_BYPASS; break; @@ -107,9 +128,24 @@ static void NFQUEUE_parse_v2(struct xt_option_call *cb) static void NFQUEUE_parse_v3(struct xt_option_call *cb) { struct xt_NFQ_info_v3 *info = cb->data; + const uint16_t *r = cb->val.u16_range; - NFQUEUE_parse_v2(cb); + xtables_option_parse(cb); switch (cb->entry->id) { + case O_QUEUE_BALANCE: + if (cb->nvals != 2) + xtables_error(PARAMETER_PROBLEM, + "Bad range \"%s\"", cb->arg); + if (r[0] >= r[1]) + xtables_error(PARAMETER_PROBLEM, + "%u should be less than %u", + r[0], r[1]); + info->queuenum = r[0]; + info->queues_total = r[1] - r[0] + 1; + break; + case O_QUEUE_BYPASS: + info->flags |= NFQ_FLAG_BYPASS; + break; case O_QUEUE_CPU_FANOUT: info->flags |= NFQ_FLAG_CPU_FANOUT; break; @@ -142,8 +178,14 @@ static void NFQUEUE_print_v2(const void *ip, const struct xt_entry_target *target, int numeric) { const struct xt_NFQ_info_v2 *info = (void *) target->data; + unsigned int last = info->queues_total; + + if (last > 1) { + last += info->queuenum - 1; + printf(" NFQUEUE balance %u:%u", info->queuenum, last); + } else + printf(" NFQUEUE num %u", info->queuenum); - NFQUEUE_print_v1(ip, target, numeric); if (info->bypass & NFQ_FLAG_BYPASS) printf(" bypass"); } @@ -152,8 +194,17 @@ static void NFQUEUE_print_v3(const void *ip, const struct xt_entry_target *target, int numeric) { const struct xt_NFQ_info_v3 *info = (void *)target->data; + unsigned int last = info->queues_total; + + if (last > 1) { + last += info->queuenum - 1; + printf(" NFQUEUE balance %u:%u", info->queuenum, last); + } else + printf(" NFQUEUE num %u", info->queuenum); + + if (info->flags & NFQ_FLAG_BYPASS) + printf(" bypass"); - NFQUEUE_print_v2(ip, target, numeric); if (info->flags & NFQ_FLAG_CPU_FANOUT) printf(" cpu-fanout"); } @@ -182,8 +233,13 @@ static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target static void NFQUEUE_save_v2(const void *ip, const struct xt_entry_target *target) { const struct xt_NFQ_info_v2 *info = (void *) target->data; + unsigned int last = info->queues_total; - NFQUEUE_save_v1(ip, target); + if (last > 1) { + last += info->queuenum - 1; + printf(" --queue-balance %u:%u", info->queuenum, last); + } else + printf(" --queue-num %u", info->queuenum); if (info->bypass & NFQ_FLAG_BYPASS) printf(" --queue-bypass"); @@ -193,8 +249,17 @@ static void NFQUEUE_save_v3(const void *ip, const struct xt_entry_target *target) { const struct xt_NFQ_info_v3 *info = (void *)target->data; + unsigned int last = info->queues_total; + + if (last > 1) { + last += info->queuenum - 1; + printf(" --queue-balance %u:%u", info->queuenum, last); + } else + printf(" --queue-num %u", info->queuenum); + + if (info->flags & NFQ_FLAG_BYPASS) + printf(" --queue-bypass"); - NFQUEUE_save_v2(ip, target); if (info->flags & NFQ_FLAG_CPU_FANOUT) printf(" --queue-cpu-fanout"); } @@ -238,8 +303,13 @@ static int NFQUEUE_xlate_v2(const void *ip, struct xt_xlate *xl, int numeric) { const struct xt_NFQ_info_v2 *info = (void *) target->data; + unsigned int last = info->queues_total; - NFQUEUE_xlate_v1(ip, target, xl, numeric); + if (last > 1) { + last += info->queuenum - 1; + xt_xlate_add(xl, "queue num %u-%u ", info->queuenum, last); + } else + xt_xlate_add(xl, "queue num %u ", info->queuenum); if (info->bypass & NFQ_FLAG_BYPASS) xt_xlate_add(xl, "bypass"); @@ -252,10 +322,20 @@ static int NFQUEUE_xlate_v3(const void *ip, struct xt_xlate *xl, int numeric) { const struct xt_NFQ_info_v3 *info = (void *)target->data; + unsigned int last = info->queues_total; + + if (last > 1) { + last += info->queuenum - 1; + xt_xlate_add(xl, "queue num %u-%u ", info->queuenum, last); + } else + xt_xlate_add(xl, "queue num %u ", info->queuenum); + + if (info->flags & NFQ_FLAG_BYPASS) + xt_xlate_add(xl, "bypass"); - NFQUEUE_xlate_v2(ip, target, xl, numeric); if (info->flags & NFQ_FLAG_CPU_FANOUT) - xt_xlate_add(xl, "%sfanout ", info->flags & NFQ_FLAG_BYPASS ? "," : ""); + xt_xlate_add(xl, "%sfanout ", + info->flags & NFQ_FLAG_BYPASS ? "," : ""); return 1; } -- cgit v1.2.3