From 6838a7f51e6d95f904093e05e8bdc75ada70b93f Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sun, 12 May 2013 16:47:11 +0200 Subject: xtables: add new nft_ops->post_parse hook Move specific layer 3 protocol post argument parsing code to the respective nft-ipv[4|6].c files. Signed-off-by: Pablo Neira Ayuso --- iptables/nft-shared.h | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'iptables/nft-shared.h') diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h index 30e87bb3..59734d9d 100644 --- a/iptables/nft-shared.h +++ b/iptables/nft-shared.h @@ -34,6 +34,8 @@ | FMT_NUMERIC | FMT_NOTABLE) #define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab)) +struct xtables_args; + struct nft_family_ops { int (*add)(struct nft_rule *r, struct iptables_command_state *cs); bool (*is_same)(const struct iptables_command_state *a, @@ -49,6 +51,8 @@ struct nft_family_ops { uint8_t (*print_firewall)(const struct iptables_command_state *cs, const char *targname, unsigned int num, unsigned int format); + void (*post_parse)(int command, struct iptables_command_state *cs, + struct xtables_args *args); }; void add_meta(struct nft_rule *r, uint32_t key); @@ -116,4 +120,21 @@ struct xtables_args { unsigned long long pcnt_cnt, bcnt_cnt; }; +#define CMD_NONE 0x0000U +#define CMD_INSERT 0x0001U +#define CMD_DELETE 0x0002U +#define CMD_DELETE_NUM 0x0004U +#define CMD_REPLACE 0x0008U +#define CMD_APPEND 0x0010U +#define CMD_LIST 0x0020U +#define CMD_FLUSH 0x0040U +#define CMD_ZERO 0x0080U +#define CMD_NEW_CHAIN 0x0100U +#define CMD_DELETE_CHAIN 0x0200U +#define CMD_SET_POLICY 0x0400U +#define CMD_RENAME_CHAIN 0x0800U +#define CMD_LIST_RULES 0x1000U +#define CMD_ZERO_NUM 0x2000U +#define CMD_CHECK 0x4000U + #endif -- cgit v1.2.3