[netfilter-cvslog] r6997 - in trunk/iptables: extensions include/linux/netfilter include/linux/netfilter_ipv4

yasuyuki at netfilter.org yasuyuki at netfilter.org
Sat Aug 4 10:26:59 CEST 2007


Author: yasuyuki at netfilter.org
Date: 2007-08-04 10:26:59 +0200 (Sat, 04 Aug 2007)
New Revision: 6997

Added:
   trunk/iptables/extensions/libxt_helper.c
   trunk/iptables/include/linux/netfilter/xt_helper.h
Removed:
   trunk/iptables/extensions/libipt_helper.c
   trunk/iptables/include/linux/netfilter_ipv4/ipt_helper.h
Modified:
   trunk/iptables/extensions/Makefile
Log:
Add IPv6 support to helper match



Modified: trunk/iptables/extensions/Makefile
===================================================================
--- trunk/iptables/extensions/Makefile	2007-08-04 08:25:43 UTC (rev 6996)
+++ trunk/iptables/extensions/Makefile	2007-08-04 08:26:59 UTC (rev 6997)
@@ -5,9 +5,9 @@
 # header files are present in the include/linux directory of this iptables
 # package (HW)
 #
-PF_EXT_SLIB:=ah addrtype conntrack ecn helper icmp iprange owner policy realm tos ttl unclean DNAT ECN LOG MASQUERADE MIRROR NETMAP REDIRECT REJECT SAME SNAT TOS TTL ULOG
+PF_EXT_SLIB:=ah addrtype conntrack ecn icmp iprange owner policy realm tos ttl unclean DNAT ECN LOG MASQUERADE MIRROR NETMAP REDIRECT REJECT SAME SNAT TOS TTL ULOG
 PF6_EXT_SLIB:=eui64 hl icmp6 owner policy HL LOG
-PFX_EXT_SLIB:=connmark connlimit comment dscp esp hashlimit length limit mac mark multiport physdev pkttype sctp state standard tcp tcpmss udp CLASSIFY CONNMARK DSCP MARK NFQUEUE NOTRACK TCPMSS TRACE
+PFX_EXT_SLIB:=connmark connlimit comment dscp esp hashlimit helper length limit mac mark multiport physdev pkttype sctp state standard tcp tcpmss udp CLASSIFY CONNMARK DSCP MARK NFQUEUE NOTRACK TCPMSS TRACE
 
 ifeq ($(DO_SELINUX), 1)
 PF_EXT_SE_SLIB:=

Deleted: trunk/iptables/extensions/libipt_helper.c
===================================================================
--- trunk/iptables/extensions/libipt_helper.c	2007-08-04 08:25:43 UTC (rev 6996)
+++ trunk/iptables/extensions/libipt_helper.c	2007-08-04 08:26:59 UTC (rev 6997)
@@ -1,100 +0,0 @@
-/* Shared library add-on to iptables to add related packet matching support. */
-#include <stdio.h>
-#include <netdb.h>
-#include <string.h>
-#include <stdlib.h>
-#include <getopt.h>
-
-#include <iptables.h>
-#include <linux/netfilter_ipv4/ipt_helper.h>
-
-/* Function which prints out usage message. */
-static void
-help(void)
-{
-	printf(
-"helper match v%s options:\n"
-"[!] --helper string        Match helper identified by string\n"
-"\n",
-IPTABLES_VERSION);
-}
-
-static const struct option opts[] = {
-	{ "helper", 1, 0, '1' },
-	{0}
-};
-
-/* Function which parses command options; returns true if it
-   ate an option */
-static int
-parse(int c, char **argv, int invert, unsigned int *flags,
-      const void *entry,
-      unsigned int *nfcache,
-      struct xt_entry_match **match)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)(*match)->data;
-
-	switch (c) {
-	case '1':
-		if (*flags)
-			exit_error(PARAMETER_PROBLEM,
-					"helper match: Only use --helper ONCE!");
-		check_inverse(optarg, &invert, &invert, 0);
-		strncpy(info->name, optarg, 29);
-		info->name[29] = '\0';
-		if (invert)
-			info->invert = 1;
-		*flags = 1;
-		break;
-
-	default:
-		return 0;
-	}
-	return 1;
-}
-
-/* Final check; must have specified --helper. */
-static void
-final_check(unsigned int flags)
-{
-	if (!flags)
-		exit_error(PARAMETER_PROBLEM,
-			   "helper match: You must specify `--helper'");
-}
-
-/* Prints out the info. */
-static void
-print(const void *ip,
-      const struct xt_entry_match *match,
-      int numeric)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
-
-	printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
-}
-
-/* Saves the union ipt_info in parsable form to stdout. */
-static void
-save(const void *ip, const struct xt_entry_match *match)
-{
-	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
-
-	printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name);
-}
-
-static struct iptables_match helper = { 
-	.name		= "helper",
-	.version	= IPTABLES_VERSION,
-	.size		= IPT_ALIGN(sizeof(struct ipt_helper_info)),
-	.help		= &help,
-	.parse		= &parse,
-	.final_check	= &final_check,
-	.print		= &print,
-	.save		= &save,
-	.extra_opts	= opts
-};
-
-void _init(void)
-{
-	register_match(&helper);
-}

Added: trunk/iptables/extensions/libxt_helper.c
===================================================================
--- trunk/iptables/extensions/libxt_helper.c	                        (rev 0)
+++ trunk/iptables/extensions/libxt_helper.c	2007-08-04 08:26:59 UTC (rev 6997)
@@ -0,0 +1,115 @@
+/* Shared library add-on to iptables to add related packet matching support. */
+#include <stdio.h>
+#include <netdb.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include <xtables.h>
+#include <linux/netfilter/xt_helper.h>
+
+/* Function which prints out usage message. */
+static void
+help(void)
+{
+	printf(
+"helper match v%s options:\n"
+"[!] --helper string        Match helper identified by string\n"
+"\n",
+IPTABLES_VERSION);
+}
+
+static const struct option opts[] = {
+	{ "helper", 1, 0, '1' },
+	{0}
+};
+
+/* Function which parses command options; returns true if it
+   ate an option */
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+      const void *entry,
+      unsigned int *nfcache,
+      struct xt_entry_match **match)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)(*match)->data;
+
+	switch (c) {
+	case '1':
+		if (*flags)
+			exit_error(PARAMETER_PROBLEM,
+					"helper match: Only use --helper ONCE!");
+		check_inverse(optarg, &invert, &invert, 0);
+		strncpy(info->name, optarg, 29);
+		info->name[29] = '\0';
+		if (invert)
+			info->invert = 1;
+		*flags = 1;
+		break;
+
+	default:
+		return 0;
+	}
+	return 1;
+}
+
+/* Final check; must have specified --helper. */
+static void
+final_check(unsigned int flags)
+{
+	if (!flags)
+		exit_error(PARAMETER_PROBLEM,
+			   "helper match: You must specify `--helper'");
+}
+
+/* Prints out the info. */
+static void
+print(const void *ip,
+      const struct xt_entry_match *match,
+      int numeric)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+
+	printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
+}
+
+/* Saves the union ipt_info in parsable form to stdout. */
+static void
+save(const void *ip, const struct xt_entry_match *match)
+{
+	struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+
+	printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name);
+}
+
+static struct xtables_match helper = { 
+	.family		= AF_INET,
+	.name		= "helper",
+	.version	= IPTABLES_VERSION,
+	.size		= XT_ALIGN(sizeof(struct xt_helper_info)),
+	.help		= &help,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts,
+};
+
+static struct xtables_match helper6 = { 
+	.family		= AF_INET6,
+	.name		= "helper",
+	.version	= IPTABLES_VERSION,
+	.size		= XT_ALIGN(sizeof(struct xt_helper_info)),
+	.help		= &help,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts,
+};
+
+void _init(void)
+{
+	xtables_register_match(&helper);
+	xtables_register_match(&helper6);
+}

Added: trunk/iptables/include/linux/netfilter/xt_helper.h
===================================================================
--- trunk/iptables/include/linux/netfilter/xt_helper.h	                        (rev 0)
+++ trunk/iptables/include/linux/netfilter/xt_helper.h	2007-08-04 08:26:59 UTC (rev 6997)
@@ -0,0 +1,8 @@
+#ifndef _XT_HELPER_H
+#define _XT_HELPER_H
+
+struct xt_helper_info {
+	int invert;
+	char name[30];
+};
+#endif /* _XT_HELPER_H */

Deleted: trunk/iptables/include/linux/netfilter_ipv4/ipt_helper.h
===================================================================
--- trunk/iptables/include/linux/netfilter_ipv4/ipt_helper.h	2007-08-04 08:25:43 UTC (rev 6996)
+++ trunk/iptables/include/linux/netfilter_ipv4/ipt_helper.h	2007-08-04 08:26:59 UTC (rev 6997)
@@ -1,8 +0,0 @@
-#ifndef _IPT_HELPER_H
-#define _IPT_HELPER_H
-
-struct ipt_helper_info {
-	int invert;
-	char name[30];
-};
-#endif /* _IPT_HELPER_H */




More information about the netfilter-cvslog mailing list