From e8b42fee7eaa1ba6df203fe0bc4496cae226cbd2 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Mon, 2 May 2011 02:13:16 +0200 Subject: libxtables: support for XTTYPE_PLENMASK Signed-off-by: Jan Engelhardt --- include/xtables.h.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index 47f797bd..a760755c 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -59,6 +59,7 @@ struct in_addr; * %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian * %XTTYPE_PORTRC: colon-separated port range (names acceptable) * %XTTYPE_PORTRC_NE: same as %XTTYPE_PORTRC, stored in network-endian + * %XTTYPE_PLENMASK: prefix len stored as union nf_inet_addr */ enum xt_option_type { XTTYPE_NONE, @@ -80,6 +81,7 @@ enum xt_option_type { XTTYPE_PORT_NE, XTTYPE_PORTRC, XTTYPE_PORTRC_NE, + XTTYPE_PLENMASK, }; /** @@ -139,7 +141,7 @@ struct xt_option_call { uint32_t u32, u32_range[2]; uint64_t u64, u64_range[2]; double dbl; - union nf_inet_addr inetaddr; + union nf_inet_addr inetaddr, inetmask; struct { uint8_t tos_value, tos_mask; }; -- cgit v1.2.3 From d7282413763b0ba85d512c1cd49174b762ff449c Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 4 May 2011 16:41:13 +0200 Subject: libxtables: do not overlay addr and mask parts, and cleanup XTTYPE_HOSTMASK will require that what has now become haddr, hmask/hlen are not overlays of another. Thus relax the structure and always set all members of the {haddr, hmask, hlen} triplet now for all types that touch any of the members. Add some more comments and clean out ONEHOST. --- include/xtables.h.in | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index a760755c..c9ad5238 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -46,6 +46,12 @@ struct in_addr; #define XTOPT_TABLEEND {.name = NULL} /** + * Select the format the input has to conform to, as well as the target type + * (area pointed to with XTOPT_POINTER). Note that the storing is not always + * uniform. @cb->val will be populated with as much as there is space, i.e. + * exactly 2 items for ranges, but the target area can receive more values + * (e.g. in case of ranges), or less values (e.g. %XTTYPE_HOSTMASK). + * * %XTTYPE_NONE: option takes no argument * %XTTYPE_UINT*: standard integer * %XTTYPE_UINT*RC: colon-separated range of standard integers @@ -54,12 +60,12 @@ struct in_addr; * %XTTYPE_TOSMASK: 8-bit TOS value with optional mask * %XTTYPE_MARKMASK32: 32-bit mark with optional mask * %XTTYPE_SYSLOGLEVEL: syslog level by name or number - * %XTTYPE_ONEHOST: one host or address (union nf_inet_addr) + * %XTTYPE_HOST: one host or address (ptr: union nf_inet_addr) * %XTTYPE_PORT: 16-bit port name or number * %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian * %XTTYPE_PORTRC: colon-separated port range (names acceptable) * %XTTYPE_PORTRC_NE: same as %XTTYPE_PORTRC, stored in network-endian - * %XTTYPE_PLENMASK: prefix len stored as union nf_inet_addr + * %XTTYPE_PLENMASK: prefix length (ptr: union nf_inet_addr) */ enum xt_option_type { XTTYPE_NONE, @@ -76,7 +82,7 @@ enum xt_option_type { XTTYPE_TOSMASK, XTTYPE_MARKMASK32, XTTYPE_SYSLOGLEVEL, - XTTYPE_ONEHOST, + XTTYPE_HOST, XTTYPE_PORT, XTTYPE_PORT_NE, XTTYPE_PORTRC, @@ -141,7 +147,10 @@ struct xt_option_call { uint32_t u32, u32_range[2]; uint64_t u64, u64_range[2]; double dbl; - union nf_inet_addr inetaddr, inetmask; + struct { + union nf_inet_addr haddr, hmask; + uint8_t hlen; + }; struct { uint8_t tos_value, tos_mask; }; -- cgit v1.2.3 From fa9b759bacc0ad6a093892ef508811e7feb981b0 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 4 May 2011 17:25:54 +0200 Subject: libxtables: XTTYPE_PLEN support Signed-off-by: Jan Engelhardt --- include/xtables.h.in | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index c9ad5238..9bb42351 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -65,6 +65,7 @@ struct in_addr; * %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian * %XTTYPE_PORTRC: colon-separated port range (names acceptable) * %XTTYPE_PORTRC_NE: same as %XTTYPE_PORTRC, stored in network-endian + * %XTTYPE_PLEN: prefix length * %XTTYPE_PLENMASK: prefix length (ptr: union nf_inet_addr) */ enum xt_option_type { @@ -87,6 +88,7 @@ enum xt_option_type { XTTYPE_PORT_NE, XTTYPE_PORTRC, XTTYPE_PORTRC_NE, + XTTYPE_PLEN, XTTYPE_PLENMASK, }; -- cgit v1.2.3 From 66266abd17adc9631f3769ef0b82968c0bac6f38 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 5 May 2011 14:19:25 +0200 Subject: libxtables: XTTYPE_HOSTMASK support Signed-off-by: Jan Engelhardt --- include/xtables.h.in | 3 +++ 1 file changed, 3 insertions(+) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index 9bb42351..caaec2fa 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -61,6 +61,8 @@ struct in_addr; * %XTTYPE_MARKMASK32: 32-bit mark with optional mask * %XTTYPE_SYSLOGLEVEL: syslog level by name or number * %XTTYPE_HOST: one host or address (ptr: union nf_inet_addr) + * %XTTYPE_HOSTMASK: one host or address, with an optional prefix length + * (ptr: union nf_inet_addr; only host portion is stored) * %XTTYPE_PORT: 16-bit port name or number * %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian * %XTTYPE_PORTRC: colon-separated port range (names acceptable) @@ -84,6 +86,7 @@ enum xt_option_type { XTTYPE_MARKMASK32, XTTYPE_SYSLOGLEVEL, XTTYPE_HOST, + XTTYPE_HOSTMASK, XTTYPE_PORT, XTTYPE_PORT_NE, XTTYPE_PORTRC, -- cgit v1.2.3 From 87a34d7aef2cba833f4f36536575dee304bbece5 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 7 May 2011 00:15:49 +0200 Subject: libxt_multiport: use guided option parser Signed-off-by: Jan Engelhardt --- include/xtables.h.in | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index caaec2fa..50aa414c 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -163,10 +163,12 @@ struct xt_option_call { uint32_t mark, mask; }; } val; + /* Wished for a world where the ones below were gone: */ union { struct xt_entry_match **match; struct xt_entry_target **target; }; + void *xt_entry; }; /** -- cgit v1.2.3 From 170cf49a630fd0d237818b537c01794dde00b07a Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 7 May 2011 12:56:39 +0200 Subject: libxtables: XTTYPE_PROTOCOL support Signed-off-by: Jan Engelhardt --- include/xtables.h.in | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'include/xtables.h.in') diff --git a/include/xtables.h.in b/include/xtables.h.in index 50aa414c..c3996a09 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -63,6 +63,7 @@ struct in_addr; * %XTTYPE_HOST: one host or address (ptr: union nf_inet_addr) * %XTTYPE_HOSTMASK: one host or address, with an optional prefix length * (ptr: union nf_inet_addr; only host portion is stored) + * %XTTYPE_PROTOCOL: protocol number/name from /etc/protocols (ptr: uint8_t) * %XTTYPE_PORT: 16-bit port name or number * %XTTYPE_PORT_NE: 16-bit port name or number, stored as network-endian * %XTTYPE_PORTRC: colon-separated port range (names acceptable) @@ -87,6 +88,7 @@ enum xt_option_type { XTTYPE_SYSLOGLEVEL, XTTYPE_HOST, XTTYPE_HOSTMASK, + XTTYPE_PROTOCOL, XTTYPE_PORT, XTTYPE_PORT_NE, XTTYPE_PORTRC, @@ -147,7 +149,7 @@ struct xt_option_call { bool invert; uint8_t nvals; union { - uint8_t u8, u8_range[2], syslog_level; + uint8_t u8, u8_range[2], syslog_level, protocol; uint16_t u16, u16_range[2], port, port_range[2]; uint32_t u32, u32_range[2]; uint64_t u64, u64_range[2]; -- cgit v1.2.3