#include <stdlib.h>
#include <syslog.h>
#include <getopt.h>
+#include <stddef.h>
#include <iptables.h>
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter_ipv4/ipt_ACCOUNT.h>
{ .name = 0 }
};
+/* Compat glue for iptables 1.4.0 */
+#ifndef XTABLES_VERSION
+#define XTABLES_VERSION IPTABLES_VERSION
+#endif
+
/* Function which prints out usage message. */
static void help(void)
{
"ACCOUNT v%s options:\n"
" --%s ip/netmask\t\tBase network IP and netmask used for this table\n"
" --%s name\t\t\tTable name for the userspace library\n",
-IPTABLES_VERSION, opts[0].name, opts[1].name);
+XTABLES_VERSION, opts[0].name, opts[1].name);
}
/* Initialize the target. */
static void
-init(struct ipt_entry_target *t, unsigned int *nfcache)
+init(struct xt_entry_target *t)
{
struct ipt_acc_info *accountinfo = (struct ipt_acc_info *)t->data;
accountinfo->table_nr = -1;
-
- /* Can't cache this */
- *nfcache |= NFC_UNKNOWN;
}
#define IPT_ACCOUNT_OPT_ADDR 0x01
/* Function which parses command options; returns true if it
ate an option */
-static int
-parse(int c, char **argv, int invert, unsigned int *flags,
- const struct ipt_entry *entry,
- struct ipt_entry_target **target)
+
+static int parse(int c, char **argv, int invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target)
{
struct ipt_acc_info *accountinfo = (struct ipt_acc_info *)(*target)->data;
struct in_addr *addrs = NULL, mask;
switch (c) {
case 'a':
if (*flags & IPT_ACCOUNT_OPT_ADDR)
- exit_error(PARAMETER_PROBLEM, "Can't specify --%s twice",
+ xtables_error(PARAMETER_PROBLEM, "Can't specify --%s twice",
opts[0].name);
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s",
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
+ xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s",
opts[0].name);
- //loginfo->level = parse_level(optarg);
+#ifdef XTABLES_VERSION_CODE
+ xtables_ipparse_any(optarg, &addrs, &mask, &naddrs);
+#else
parse_hostnetworkmask(optarg, &addrs, &mask, &naddrs);
-
+#endif
+
if (naddrs > 1)
- exit_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed");
-
+ xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed");
+
accountinfo->net_ip = addrs[0].s_addr;
accountinfo->net_mask = mask.s_addr;
-
+
*flags |= IPT_ACCOUNT_OPT_ADDR;
break;
case 't':
if (*flags & IPT_ACCOUNT_OPT_TABLE)
- exit_error(PARAMETER_PROBLEM,
+ xtables_error(PARAMETER_PROBLEM,
"Can't specify --%s twice", opts[1].name);
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM,
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
+ xtables_error(PARAMETER_PROBLEM,
"Unexpected `!' after --%s", opts[1].name);
if (strlen(optarg) > ACCOUNT_TABLE_NAME_LEN - 1)
- exit_error(PARAMETER_PROBLEM,
+ xtables_error(PARAMETER_PROBLEM,
"Maximum table name length %u for --%s",
ACCOUNT_TABLE_NAME_LEN - 1, opts[1].name);
strcpy(accountinfo->table_name, optarg);
*flags |= IPT_ACCOUNT_OPT_TABLE;
break;
-
+
default:
return 0;
}
static void final_check(unsigned int flags)
{
if (!(flags&IPT_ACCOUNT_OPT_ADDR) || !(flags&IPT_ACCOUNT_OPT_TABLE))
- exit_error(PARAMETER_PROBLEM, "ACCOUNT: needs --%s and --%s",
+ xtables_error(PARAMETER_PROBLEM, "ACCOUNT: needs --%s and --%s",
opts[0].name, opts[1].name);
}
-static void print_it(const struct ipt_ip *ip,
- const struct ipt_entry_target *target, char do_prefix)
+static const char *print_helper_ip(struct in_addr a)
+{
+#ifdef XTABLES_VERSION_CODE
+ return xtables_ipaddr_to_numeric(&a);
+#else
+ return addr_to_dotted(&a);
+#endif
+}
+
+static const char *print_helper_mask(struct in_addr a)
+{
+#ifdef XTABLES_VERSION_CODE
+ return xtables_ipmask_to_numeric(&a);
+#else
+ return mask_to_dotted(&a);
+#endif
+}
+
+static void print_it(const void *ip,
+ const struct xt_entry_target *target, char do_prefix)
{
const struct ipt_acc_info *accountinfo
= (const struct ipt_acc_info *)target->data;
if (!do_prefix)
printf("ACCOUNT ");
-
+
// Network information
if (do_prefix)
- printf("--");
+ printf("--");
printf("%s ", opts[0].name);
-
+
a.s_addr = accountinfo->net_ip;
- printf("%s", addr_to_dotted(&a));
+ printf("%s", print_helper_ip(a));
a.s_addr = accountinfo->net_mask;
- printf("%s", mask_to_dotted(&a));
+ printf("%s", print_helper_mask(a));
printf(" ");
if (do_prefix)
- printf("--");
+ printf("--");
printf("%s %s", opts[1].name, accountinfo->table_name);
}
-/* Prints out the targinfo. */
+
static void
-print(const struct ipt_ip *ip,
- const struct ipt_entry_target *target,
+print(const void *ip,
+ const struct xt_entry_target *target,
int numeric)
{
print_it (ip, target, 0);
/* Saves the union ipt_targinfo in parsable form to stdout. */
static void
-save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
+save(const void *ip, const struct xt_entry_target *target)
{
print_it(ip, target, 1);
}
static
-struct iptables_target account
+struct xtables_target account
= {
.next = NULL,
.name = "ACCOUNT",
- .version = IPTABLES_VERSION,
+ .family = AF_INET,
+ .version = XTABLES_VERSION,
.size = IPT_ALIGN(sizeof(struct ipt_acc_info)),
- .userspacesize = IPT_ALIGN(sizeof(struct ipt_acc_info)),
+ .userspacesize = offsetof(struct ipt_acc_info, table_nr),
.help = &help,
.init = &init,
.parse = &parse,
void _init(void)
{
- register_target(&account);
+ xtables_register_target(&account);
}
git://developer.intra2net.com / ipt_ACCOUNT / blobdiff