/* Shared library add-on to xtables for AUDIT
 *
 * (C) 2010-2011, Thomas Graf <tgraf@redhat.com>
 * (C) 2010-2011, Red Hat, Inc.
 *
 * This program is distributed under the terms of GNU GPL v2, 1991
 */

#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <getopt.h>

#include <xtables.h>
#include <linux/netfilter/xt_AUDIT.h>

static void audit_help(void)
{
	printf(
"AUDIT target options\n"
"  --type TYPE		Action type to be recorded.\n");
}

static const struct option audit_opts[] = {
	{.name = "type", .has_arg = true, .val = 't'},
	XT_GETOPT_TABLEEND,
};

static int audit_parse(int c, char **argv, int invert, unsigned int *flags,
                     const void *entry, struct xt_entry_target **target)
{
	struct xt_audit_info *einfo
		= (struct xt_audit_info *)(*target)->data;

	switch (c) {
	case 't':
		if (!strcasecmp(optarg, "accept"))
			einfo->type = XT_AUDIT_TYPE_ACCEPT;
		else if (!strcasecmp(optarg, "drop"))
			einfo->type = XT_AUDIT_TYPE_DROP;
		else if (!strcasecmp(optarg, "reject"))
			einfo->type = XT_AUDIT_TYPE_REJECT;
		else
			xtables_error(PARAMETER_PROBLEM,
				   "Bad action type value `%s'", optarg);

		if (*flags)
			xtables_error(PARAMETER_PROBLEM,
			           "AUDIT: Can't specify --type twice");
		*flags = 1;
		break;
	default:
		return 0;
	}

	return 1;
}

static void audit_final_check(unsigned int flags)
{
	if (!flags)
		xtables_error(PARAMETER_PROBLEM,
		           "AUDIT target: Parameter --type is required");
}

static void audit_print(const void *ip, const struct xt_entry_target *target,
                      int numeric)
{
	const struct xt_audit_info *einfo =
		(const struct xt_audit_info *)target->data;

	printf(" AUDIT ");

	switch(einfo->type) {
	case XT_AUDIT_TYPE_ACCEPT:
		printf("accept");
		break;
	case XT_AUDIT_TYPE_DROP:
		printf("drop");
		break;
	case XT_AUDIT_TYPE_REJECT:
		printf("reject");
		break;
	}
}

static void audit_save(const void *ip, const struct xt_entry_target *target)
{
	const struct xt_audit_info *einfo =
		(const struct xt_audit_info *)target->data;

	switch(einfo->type) {
	case XT_AUDIT_TYPE_ACCEPT:
		printf(" --type accept");
		break;
	case XT_AUDIT_TYPE_DROP:
		printf(" --type drop");
		break;
	case XT_AUDIT_TYPE_REJECT:
		printf(" --type reject");
		break;
	}
}

static struct xtables_target audit_tg_reg = {
	.name		= "AUDIT",
	.version	= XTABLES_VERSION,
	.family		= NFPROTO_UNSPEC,
	.size		= XT_ALIGN(sizeof(struct xt_audit_info)),
	.userspacesize	= XT_ALIGN(sizeof(struct xt_audit_info)),
	.help		= audit_help,
	.parse		= audit_parse,
	.final_check	= audit_final_check,
	.print		= audit_print,
	.save		= audit_save,
	.extra_opts	= audit_opts,
};

void _init(void)
{
	xtables_register_target(&audit_tg_reg);
}