[netfilter-cvslog] r6958 - in trunk/iptables: extensions
include/linux/netfilter include/linux/netfilter_ipv4
yasuyuki at netfilter.org
yasuyuki at netfilter.org
Tue Jul 24 09:22:24 CEST 2007
Author: yasuyuki at netfilter.org
Date: 2007-07-24 09:22:24 +0200 (Tue, 24 Jul 2007)
New Revision: 6958
Added:
trunk/iptables/extensions/libxt_TCPMSS.c
trunk/iptables/include/linux/netfilter/xt_TCPMSS.h
Removed:
trunk/iptables/extensions/libip6t_TCPMSS.c
trunk/iptables/extensions/libipt_TCPMSS.c
trunk/iptables/include/linux/netfilter_ipv4/ipt_TCPMSS.h
Modified:
trunk/iptables/extensions/Makefile
Log:
Unifies libip[6]t_TCPMSS.c into libxt_TCPMSS.c
Modified: trunk/iptables/extensions/Makefile
===================================================================
--- trunk/iptables/extensions/Makefile 2007-07-24 07:21:17 UTC (rev 6957)
+++ trunk/iptables/extensions/Makefile 2007-07-24 07:22:24 UTC (rev 6958)
@@ -5,9 +5,9 @@
# header files are present in the include/linux directory of this iptables
# package (HW)
#
-PF_EXT_SLIB:=ah addrtype connlimit connmark conntrack ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG
-PF6_EXT_SLIB:=connlimit connmark eui64 hl icmp6 owner policy state CONNMARK HL LOG NFQUEUE MARK TCPMSS TRACE
-PFX_EXT_SLIB:=comment dscp esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK
+PF_EXT_SLIB:=ah addrtype connlimit connmark conntrack ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TOS TTL TRACE ULOG
+PF6_EXT_SLIB:=connlimit connmark eui64 hl icmp6 owner policy state CONNMARK HL LOG NFQUEUE MARK TRACE
+PFX_EXT_SLIB:=comment dscp esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK TCPMSS
ifeq ($(DO_SELINUX), 1)
PF_EXT_SE_SLIB:=SECMARK CONNSECMARK
Deleted: trunk/iptables/extensions/libip6t_TCPMSS.c
===================================================================
--- trunk/iptables/extensions/libip6t_TCPMSS.c 2007-07-24 07:21:17 UTC (rev 6957)
+++ trunk/iptables/extensions/libip6t_TCPMSS.c 2007-07-24 07:22:24 UTC (rev 6958)
@@ -1,134 +0,0 @@
-/* Shared library add-on to iptables to add TCPMSS target support.
- *
- * Copyright (c) 2000 Marc Boucher
-*/
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <getopt.h>
-
-#include <ip6tables.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <linux/netfilter_ipv6/ip6t_TCPMSS.h>
-
-struct mssinfo {
- struct xt_entry_target t;
- struct ip6t_tcpmss_info mss;
-};
-
-/* Function which prints out usage message. */
-static void
-help(void)
-{
- printf(
-"TCPMSS target v%s mutually-exclusive options:\n"
-" --set-mss value explicitly set MSS option to specified value\n"
-" --clamp-mss-to-pmtu automatically clamp MSS value to (path_MTU - 60)\n",
-IPTABLES_VERSION);
-}
-
-static struct option opts[] = {
- { "set-mss", 1, 0, '1' },
- { "clamp-mss-to-pmtu", 0, 0, '2' },
- { 0 }
-};
-
-/* Initialize the target. */
-static void
-init(struct xt_entry_target *t, unsigned int *nfcache)
-{
-}
-
-/* Function which parses command options; returns true if it
- ate an option */
-static int
-parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry,
- struct xt_entry_target **target)
-{
- struct ip6t_tcpmss_info *mssinfo
- = (struct ip6t_tcpmss_info *)(*target)->data;
-
- switch (c) {
- unsigned int mssval;
-
- case '1':
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: Only one option may be specified");
- if (string_to_number(optarg, 0, 65535 - 60, &mssval) == -1)
- exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
-
- mssinfo->mss = mssval;
- *flags = 1;
- break;
-
- case '2':
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: Only one option may be specified");
- mssinfo->mss = IP6T_TCPMSS_CLAMP_PMTU;
- *flags = 1;
- break;
-
- default:
- return 0;
- }
-
- return 1;
-}
-
-static void
-final_check(unsigned int flags)
-{
- if (!flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: At least one parameter is required");
-}
-
-/* Prints out the targinfo. */
-static void
-print(const void *ip6,
- const struct xt_entry_target *target,
- int numeric)
-{
- const struct ip6t_tcpmss_info *mssinfo =
- (const struct ip6t_tcpmss_info *)target->data;
- if(mssinfo->mss == IP6T_TCPMSS_CLAMP_PMTU)
- printf("TCPMSS clamp to PMTU ");
- else
- printf("TCPMSS set %u ", mssinfo->mss);
-}
-
-/* Saves the union ip6t_targinfo in parsable form to stdout. */
-static void
-save(const void *ip, const struct xt_entry_target *target)
-{
- const struct ip6t_tcpmss_info *mssinfo =
- (const struct ip6t_tcpmss_info *)target->data;
-
- if(mssinfo->mss == IP6T_TCPMSS_CLAMP_PMTU)
- printf("--clamp-mss-to-pmtu ");
- else
- printf("--set-mss %u ", mssinfo->mss);
-}
-
-static struct ip6tables_target mss = {
- .next = NULL,
- .name = "TCPMSS",
- .version = IPTABLES_VERSION,
- .size = IP6T_ALIGN(sizeof(struct ip6t_tcpmss_info)),
- .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_tcpmss_info)),
- .help = &help,
- .init = &init,
- .parse = &parse,
- .final_check = &final_check,
- .print = &print,
- .save = &save,
- .extra_opts = opts
-};
-
-void _init(void)
-{
- register_target6(&mss);
-}
Deleted: trunk/iptables/extensions/libipt_TCPMSS.c
===================================================================
--- trunk/iptables/extensions/libipt_TCPMSS.c 2007-07-24 07:21:17 UTC (rev 6957)
+++ trunk/iptables/extensions/libipt_TCPMSS.c 2007-07-24 07:22:24 UTC (rev 6958)
@@ -1,134 +0,0 @@
-/* Shared library add-on to iptables to add TCPMSS target support.
- *
- * Copyright (c) 2000 Marc Boucher
-*/
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <getopt.h>
-
-#include <iptables.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <linux/netfilter_ipv4/ipt_TCPMSS.h>
-
-struct mssinfo {
- struct xt_entry_target t;
- struct ipt_tcpmss_info mss;
-};
-
-/* Function which prints out usage message. */
-static void
-help(void)
-{
- printf(
-"TCPMSS target v%s mutually-exclusive options:\n"
-" --set-mss value explicitly set MSS option to specified value\n"
-" --clamp-mss-to-pmtu automatically clamp MSS value to (path_MTU - 40)\n",
-IPTABLES_VERSION);
-}
-
-static struct option opts[] = {
- { "set-mss", 1, 0, '1' },
- { "clamp-mss-to-pmtu", 0, 0, '2' },
- { 0 }
-};
-
-/* Initialize the target. */
-static void
-init(struct xt_entry_target *t, unsigned int *nfcache)
-{
-}
-
-/* Function which parses command options; returns true if it
- ate an option */
-static int
-parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry,
- struct xt_entry_target **target)
-{
- struct ipt_tcpmss_info *mssinfo
- = (struct ipt_tcpmss_info *)(*target)->data;
-
- switch (c) {
- unsigned int mssval;
-
- case '1':
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: Only one option may be specified");
- if (string_to_number(optarg, 0, 65535 - 40, &mssval) == -1)
- exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
-
- mssinfo->mss = mssval;
- *flags = 1;
- break;
-
- case '2':
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: Only one option may be specified");
- mssinfo->mss = IPT_TCPMSS_CLAMP_PMTU;
- *flags = 1;
- break;
-
- default:
- return 0;
- }
-
- return 1;
-}
-
-static void
-final_check(unsigned int flags)
-{
- if (!flags)
- exit_error(PARAMETER_PROBLEM,
- "TCPMSS target: At least one parameter is required");
-}
-
-/* Prints out the targinfo. */
-static void
-print(const void *ip,
- const struct xt_entry_target *target,
- int numeric)
-{
- const struct ipt_tcpmss_info *mssinfo =
- (const struct ipt_tcpmss_info *)target->data;
- if(mssinfo->mss == IPT_TCPMSS_CLAMP_PMTU)
- printf("TCPMSS clamp to PMTU ");
- else
- printf("TCPMSS set %u ", mssinfo->mss);
-}
-
-/* Saves the union ipt_targinfo in parsable form to stdout. */
-static void
-save(const void *ip, const struct xt_entry_target *target)
-{
- const struct ipt_tcpmss_info *mssinfo =
- (const struct ipt_tcpmss_info *)target->data;
-
- if(mssinfo->mss == IPT_TCPMSS_CLAMP_PMTU)
- printf("--clamp-mss-to-pmtu ");
- else
- printf("--set-mss %u ", mssinfo->mss);
-}
-
-static struct iptables_target mss = {
- .next = NULL,
- .name = "TCPMSS",
- .version = IPTABLES_VERSION,
- .size = IPT_ALIGN(sizeof(struct ipt_tcpmss_info)),
- .userspacesize = IPT_ALIGN(sizeof(struct ipt_tcpmss_info)),
- .help = &help,
- .init = &init,
- .parse = &parse,
- .final_check = &final_check,
- .print = &print,
- .save = &save,
- .extra_opts = opts
-};
-
-void _init(void)
-{
- register_target(&mss);
-}
Added: trunk/iptables/extensions/libxt_TCPMSS.c
===================================================================
--- trunk/iptables/extensions/libxt_TCPMSS.c (rev 0)
+++ trunk/iptables/extensions/libxt_TCPMSS.c 2007-07-24 07:22:24 UTC (rev 6958)
@@ -0,0 +1,178 @@
+/* Shared library add-on to iptables to add TCPMSS target support.
+ *
+ * Copyright (c) 2000 Marc Boucher
+*/
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include <xtables.h>
+#include <linux/netfilter/x_tables.h>
+#include <linux/netfilter/xt_TCPMSS.h>
+
+struct mssinfo {
+ struct xt_entry_target t;
+ struct xt_tcpmss_info mss;
+};
+
+/* Function which prints out usage message. */
+static void __help(int hdrsize)
+{
+ printf(
+"TCPMSS target v%s mutually-exclusive options:\n"
+" --set-mss value explicitly set MSS option to specified value\n"
+" --clamp-mss-to-pmtu automatically clamp MSS value to (path_MTU - %d)\n",
+IPTABLES_VERSION, hdrsize);
+}
+
+static void help(void)
+{
+ __help(40);
+}
+
+static void help6(void)
+{
+ __help(60);
+}
+
+static struct option opts[] = {
+ { "set-mss", 1, 0, '1' },
+ { "clamp-mss-to-pmtu", 0, 0, '2' },
+ { 0 }
+};
+
+/* Initialize the target. */
+static void
+init(struct xt_entry_target *t, unsigned int *nfcache)
+{
+}
+
+/* Function which parses command options; returns true if it
+ ate an option */
+static int
+__parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry,
+ struct xt_entry_target **target,
+ int hdrsize)
+{
+ struct xt_tcpmss_info *mssinfo
+ = (struct xt_tcpmss_info *)(*target)->data;
+
+ switch (c) {
+ unsigned int mssval;
+
+ case '1':
+ if (*flags)
+ exit_error(PARAMETER_PROBLEM,
+ "TCPMSS target: Only one option may be specified");
+ if (string_to_number(optarg, 0, 65535 - hdrsize, &mssval) == -1)
+ exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
+
+ mssinfo->mss = mssval;
+ *flags = 1;
+ break;
+
+ case '2':
+ if (*flags)
+ exit_error(PARAMETER_PROBLEM,
+ "TCPMSS target: Only one option may be specified");
+ mssinfo->mss = XT_TCPMSS_CLAMP_PMTU;
+ *flags = 1;
+ break;
+
+ default:
+ return 0;
+ }
+
+ return 1;
+}
+
+static int
+parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry,
+ struct xt_entry_target **target)
+{
+ return __parse(c, argv, invert, flags, entry, target, 40);
+}
+
+static int
+parse6(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry,
+ struct xt_entry_target **target)
+{
+ return __parse(c, argv, invert, flags, entry, target, 60);
+}
+
+static void
+final_check(unsigned int flags)
+{
+ if (!flags)
+ exit_error(PARAMETER_PROBLEM,
+ "TCPMSS target: At least one parameter is required");
+}
+
+/* Prints out the targinfo. */
+static void
+print(const void *ip,
+ const struct xt_entry_target *target,
+ int numeric)
+{
+ const struct xt_tcpmss_info *mssinfo =
+ (const struct xt_tcpmss_info *)target->data;
+ if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+ printf("TCPMSS clamp to PMTU ");
+ else
+ printf("TCPMSS set %u ", mssinfo->mss);
+}
+
+/* Saves the union ipt_targinfo in parsable form to stdout. */
+static void
+save(const void *ip, const struct xt_entry_target *target)
+{
+ const struct xt_tcpmss_info *mssinfo =
+ (const struct xt_tcpmss_info *)target->data;
+
+ if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
+ printf("--clamp-mss-to-pmtu ");
+ else
+ printf("--set-mss %u ", mssinfo->mss);
+}
+
+static struct xtables_target mss = {
+ .next = NULL,
+ .family = AF_INET,
+ .name = "TCPMSS",
+ .version = IPTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .help = &help,
+ .init = &init,
+ .parse = &parse,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+static struct xtables_target mss6 = {
+ .next = NULL,
+ .family = AF_INET6,
+ .name = "TCPMSS",
+ .version = IPTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .help = &help6,
+ .init = &init,
+ .parse = &parse6,
+ .final_check = &final_check,
+ .print = &print,
+ .save = &save,
+ .extra_opts = opts
+};
+
+void _init(void)
+{
+ xtables_register_target(&mss);
+ xtables_register_target(&mss6);
+}
Added: trunk/iptables/include/linux/netfilter/xt_TCPMSS.h
===================================================================
--- trunk/iptables/include/linux/netfilter/xt_TCPMSS.h (rev 0)
+++ trunk/iptables/include/linux/netfilter/xt_TCPMSS.h 2007-07-24 07:22:24 UTC (rev 6958)
@@ -0,0 +1,10 @@
+#ifndef _XT_TCPMSS_H
+#define _XT_TCPMSS_H
+
+struct xt_tcpmss_info {
+ u_int16_t mss;
+};
+
+#define XT_TCPMSS_CLAMP_PMTU 0xffff
+
+#endif /* _XT_TCPMSS_H */
Deleted: trunk/iptables/include/linux/netfilter_ipv4/ipt_TCPMSS.h
===================================================================
--- trunk/iptables/include/linux/netfilter_ipv4/ipt_TCPMSS.h 2007-07-24 07:21:17 UTC (rev 6957)
+++ trunk/iptables/include/linux/netfilter_ipv4/ipt_TCPMSS.h 2007-07-24 07:22:24 UTC (rev 6958)
@@ -1,10 +0,0 @@
-#ifndef _IPT_TCPMSS_H
-#define _IPT_TCPMSS_H
-
-struct ipt_tcpmss_info {
- u_int16_t mss;
-};
-
-#define IPT_TCPMSS_CLAMP_PMTU 0xffff
-
-#endif /*_IPT_TCPMSS_H*/
More information about the netfilter-cvslog
mailing list