From f8137b1b4cc18d4ff528ac40b83345260bb644ae Mon Sep 17 00:00:00 2001
From: Yasuyuki KOZAKAI <yasuyuki@netfilter.org>
Date: Sat, 4 Aug 2007 08:26:59 +0000
Subject: Add IPv6 support to helper match

---
 extensions/Makefile        |   4 +-
 extensions/libipt_helper.c | 100 ---------------------------------------
 extensions/libxt_helper.c  | 115 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 117 insertions(+), 102 deletions(-)
 delete mode 100644 extensions/libipt_helper.c
 create mode 100644 extensions/libxt_helper.c

(limited to 'extensions')

diff --git a/extensions/Makefile b/extensions/Makefile
index 5830faa8..63efc2af 100644
--- a/extensions/Makefile
+++ b/extensions/Makefile
@@ -5,9 +5,9 @@
 # header files are present in the include/linux directory of this iptables
 # package (HW)
 #
-PF_EXT_SLIB:=ah addrtype conntrack ecn helper icmp iprange owner policy realm tos ttl unclean DNAT ECN LOG MASQUERADE MIRROR NETMAP REDIRECT REJECT SAME SNAT TOS TTL ULOG
+PF_EXT_SLIB:=ah addrtype conntrack ecn icmp iprange owner policy realm tos ttl unclean DNAT ECN LOG MASQUERADE MIRROR NETMAP REDIRECT REJECT SAME SNAT TOS TTL ULOG
 PF6_EXT_SLIB:=eui64 hl icmp6 owner policy HL LOG
-PFX_EXT_SLIB:=connmark connlimit comment dscp esp hashlimit length limit mac mark multiport physdev pkttype sctp state standard tcp tcpmss udp CLASSIFY CONNMARK DSCP MARK NFQUEUE NOTRACK TCPMSS TRACE
+PFX_EXT_SLIB:=connmark connlimit comment dscp esp hashlimit helper length limit mac mark multiport physdev pkttype sctp state standard tcp tcpmss udp CLASSIFY CONNMARK DSCP MARK NFQUEUE NOTRACK TCPMSS TRACE
 
 ifeq ($(DO_SELINUX), 1)
 PF_EXT_SE_SLIB:=
diff --git a/extensions/libipt_helper.c b/extensions/libipt_helper.c
deleted file mode 100644
index c862541d..00000000
--- a/extensions/libipt_helper.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* Shared library add-on to iptables to add related packet matching support. */
-#include <stdio.h>
-#include <netdb.h>
-#include <string.h>
-#include <stdlib.h>
-#include <getopt.h>
-
-#include <iptables.h>
-#include <linux/netfilter_ipv4/ipt_helper.h>
-
-/* Function which prints out usage message. */
-static void
-help(void)
-{
-	printf(
-"helper match v%s options:\n"
-"[!] --helper string        Match helper identified by string\n"
-"\n",
-IPTABLES_VERSION);
-}
-
-static const struct option opts[] = {
-	{ "helper", 1, 0, '1' },
-	{0}
-};
-
-/* Function which parses command options; returns true if it
-   ate an option */
-static int
-parse(int c, char **argv, int invert, unsigned int *flags,
-      const void *entry,
-      unsigned int *nfcache,
-      struct xt_entry_match **match)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)(*match)->data;
-
-	switch (c) {
-	case '1':
-		if (*flags)
-			exit_error(PARAMETER_PROBLEM,
-					"helper match: Only use --helper ONCE!");
-		check_inverse(optarg, &invert, &invert, 0);
-		strncpy(info->name, optarg, 29);
-		info->name[29] = '\0';
-		if (invert)
-			info->invert = 1;
-		*flags = 1;
-		break;
-
-	default:
-		return 0;
-	}
-	return 1;
-}
-
-/* Final check; must have specified --helper. */
-static void
-final_check(unsigned int flags)
-{
-	if (!flags)
-		exit_error(PARAMETER_PROBLEM,
-			   "helper match: You must specify `--helper'");
-}
-
-/* Prints out the info. */
-static void
-print(const void *ip,
-      const struct xt_entry_match *match,
-      int numeric)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
-
-	printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
-}
-
-/* Saves the union ipt_info in parsable form to stdout. */
-static void
-save(const void *ip, const struct xt_entry_match *match)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
-
-	printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name);
-}
-
-static struct iptables_match helper = { 
-	.name		= "helper",
-	.version	= IPTABLES_VERSION,
-	.size		= IPT_ALIGN(sizeof(struct ipt_helper_info)),
-	.help		= &help,
-	.parse		= &parse,
-	.final_check	= &final_check,
-	.print		= &print,
-	.save		= &save,
-	.extra_opts	= opts
-};
-
-void _init(void)
-{
-	register_match(&helper);
-}
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
new file mode 100644
index 00000000..ca3cb21f
--- /dev/null
+++ b/extensions/libxt_helper.c
@@ -0,0 +1,115 @@
+/* Shared library add-on to iptables to add related packet matching support. */
+#include <stdio.h>
+#include <netdb.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include <xtables.h>
+#include <linux/netfilter/xt_helper.h>
+
+/* Function which prints out usage message. */
+static void
+help(void)
+{
+	printf(
+"helper match v%s options:\n"
+"[!] --helper string        Match helper identified by string\n"
+"\n",
+IPTABLES_VERSION);
+}
+
+static const struct option opts[] = {
+	{ "helper", 1, 0, '1' },
+	{0}
+};
+
+/* Function which parses command options; returns true if it
+   ate an option */
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+      const void *entry,
+      unsigned int *nfcache,
+      struct xt_entry_match **match)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)(*match)->data;
+
+	switch (c) {
+	case '1':
+		if (*flags)
+			exit_error(PARAMETER_PROBLEM,
+					"helper match: Only use --helper ONCE!");
+		check_inverse(optarg, &invert, &invert, 0);
+		strncpy(info->name, optarg, 29);
+		info->name[29] = '\0';
+		if (invert)
+			info->invert = 1;
+		*flags = 1;
+		break;
+
+	default:
+		return 0;
+	}
+	return 1;
+}
+
+/* Final check; must have specified --helper. */
+static void
+final_check(unsigned int flags)
+{
+	if (!flags)
+		exit_error(PARAMETER_PROBLEM,
+			   "helper match: You must specify `--helper'");
+}
+
+/* Prints out the info. */
+static void
+print(const void *ip,
+      const struct xt_entry_match *match,
+      int numeric)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+
+	printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
+}
+
+/* Saves the union ipt_info in parsable form to stdout. */
+static void
+save(const void *ip, const struct xt_entry_match *match)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+
+	printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name);
+}
+
+static struct xtables_match helper = { 
+	.family		= AF_INET,
+	.name		= "helper",
+	.version	= IPTABLES_VERSION,
+	.size		= XT_ALIGN(sizeof(struct xt_helper_info)),
+	.help		= &help,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts,
+};
+
+static struct xtables_match helper6 = { 
+	.family		= AF_INET6,
+	.name		= "helper",
+	.version	= IPTABLES_VERSION,
+	.size		= XT_ALIGN(sizeof(struct xt_helper_info)),
+	.help		= &help,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts,
+};
+
+void _init(void)
+{
+	xtables_register_match(&helper);
+	xtables_register_match(&helper6);
+}
-- 
cgit v1.2.3