Startsida Utforska Hjälp
Logga in
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Gren: master
Grenar Taggar
csu3_am335x
/
EVSE
/
GPL
/
iptables-1.4.18
/
extensions
/
libxt_socket.c

libxt_socket.c 1.8 KB
Permalänk Historik

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. /*
    2. 

  2.  * Shared library add-on to iptables to add early socket matching support.
    3. 

  3.  *
    4. 

  4.  * Copyright (C) 2007 BalaBit IT Ltd.
    5. 

  5.  */
    6. 

  6. #include <stdio.h>
    7. 

  7. #include <xtables.h>
    8. 

  8. #include <linux/netfilter/xt_socket.h>
    9. 

  9. 

  10. enum {
    11. 

  11. 	O_TRANSPARENT = 0,
    12. 

  12. };
    13. 

  13. 

  14. static const struct xt_option_entry socket_mt_opts[] = {
    15. 

  15. 	{.name = "transparent", .id = O_TRANSPARENT, .type = XTTYPE_NONE},
    16. 

  16. 	XTOPT_TABLEEND,
    17. 

  17. };
    18. 

  18. 

  19. static void socket_mt_help(void)
    20. 

  20. {
    21. 

  21. 	printf(
    22. 

  22. 		"socket match options:\n"
    23. 

  23. 		"  --transparent    Ignore non-transparent sockets\n\n");
    24. 

  24. }
    25. 

  25. 

  26. static void socket_mt_parse(struct xt_option_call *cb)
    27. 

  27. {
    28. 

  28. 	struct xt_socket_mtinfo1 *info = cb->data;
    29. 

  29. 

  30. 	xtables_option_parse(cb);
    31. 

  31. 	switch (cb->entry->id) {
    32. 

  32. 	case O_TRANSPARENT:
    33. 

  33. 		info->flags |= XT_SOCKET_TRANSPARENT;
    34. 

  34. 		break;
    35. 

  35. 	}
    36. 

  36. }
    37. 

  37. 

  38. static void
    39. 

  39. socket_mt_save(const void *ip, const struct xt_entry_match *match)
    40. 

  40. {
    41. 

  41. 	const struct xt_socket_mtinfo1 *info = (const void *)match->data;
    42. 

  42. 

  43. 	if (info->flags & XT_SOCKET_TRANSPARENT)
    44. 

  44. 		printf(" --transparent");
    45. 

  45. }
    46. 

  46. 

  47. static void
    48. 

  48. socket_mt_print(const void *ip, const struct xt_entry_match *match,
    49. 

  49. 		int numeric)
    50. 

  50. {
    51. 

  51. 	printf(" socket");
    52. 

  52. 	socket_mt_save(ip, match);
    53. 

  53. }
    54. 

  54. 

  55. static struct xtables_match socket_mt_reg[] = {
    56. 

  56. 	{
    57. 

  57. 		.name          = "socket",
    58. 

  58. 		.revision      = 0,
    59. 

  59. 		.family        = NFPROTO_IPV4,
    60. 

  60. 		.version       = XTABLES_VERSION,
    61. 

  61. 		.size          = XT_ALIGN(0),
    62. 

  62. 		.userspacesize = XT_ALIGN(0),
    63. 

  63. 	},
    64. 

  64. 	{
    65. 

  65. 		.name          = "socket",
    66. 

  66. 		.revision      = 1,
    67. 

  67. 		.family        = NFPROTO_UNSPEC,
    68. 

  68. 		.version       = XTABLES_VERSION,
    69. 

  69. 		.size          = XT_ALIGN(sizeof(struct xt_socket_mtinfo1)),
    70. 

  70. 		.userspacesize = XT_ALIGN(sizeof(struct xt_socket_mtinfo1)),
    71. 

  71. 		.help          = socket_mt_help,
    72. 

  72. 		.print         = socket_mt_print,
    73. 

  73. 		.save          = socket_mt_save,
    74. 

  74. 		.x6_parse      = socket_mt_parse,
    75. 

  75. 		.x6_options    = socket_mt_opts,
    76. 

  76. 	},
    77. 

  77. };
    78. 

  78. 

  79. void _init(void)
    80. 

  80. {
    81. 

  81. 	xtables_register_matches(socket_mt_reg, ARRAY_SIZE(socket_mt_reg));
    82. 

  82. }
    83.