Home | History | Annotate | Download | only in extensions 
      1 /* Shared library add-on to iptables to add related packet matching support. */
      2 #include <stdio.h>
      3 #include <netdb.h>
      4 #include <string.h>
      5 #include <stdlib.h>
      6 #include <getopt.h>
      7 
      8 #include <iptables.h>
      9 #include <linux/netfilter_ipv4/ipt_helper.h>
     10 
     11 /* Function which prints out usage message. */
     12 static void
     13 help(void)
     14 {
     15 	printf(
     16 "helper match v%s options:\n"
     17 "[!] --helper string        Match helper identified by string\n"
     18 "\n",
     19 IPTABLES_VERSION);
     20 }
     21 
     22 static struct option opts[] = {
     23 	{ "helper", 1, 0, '1' },
     24 	{0}
     25 };
     26 
     27 /* Function which parses command options; returns true if it
     28    ate an option */
     29 static int
     30 parse(int c, char **argv, int invert, unsigned int *flags,
     31       const struct ipt_entry *entry,
     32       unsigned int *nfcache,
     33       struct ipt_entry_match **match)
     34 {
     35 	struct ipt_helper_info *info = (struct ipt_helper_info *)(*match)->data;
     36 
     37 	switch (c) {
     38 	case '1':
     39 		if (*flags)
     40 			exit_error(PARAMETER_PROBLEM,
     41 					"helper match: Only use --helper ONCE!");
     42 		check_inverse(optarg, &invert, &invert, 0);
     43 		strncpy(info->name, optarg, 29);
     44 		info->name[29] = '\0';
     45 		if (invert)
     46 			info->invert = 1;
     47 		*flags = 1;
     48 		break;
     49 
     50 	default:
     51 		return 0;
     52 	}
     53 	return 1;
     54 }
     55 
     56 /* Final check; must have specified --helper. */
     57 static void
     58 final_check(unsigned int flags)
     59 {
     60 	if (!flags)
     61 		exit_error(PARAMETER_PROBLEM,
     62 			   "helper match: You must specify `--helper'");
     63 }
     64 
     65 /* Prints out the info. */
     66 static void
     67 print(const struct ipt_ip *ip,
     68       const struct ipt_entry_match *match,
     69       int numeric)
     70 {
     71 	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
     72 
     73 	printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
     74 }
     75 
     76 /* Saves the union ipt_info in parsable form to stdout. */
     77 static void
     78 save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
     79 {
     80 	struct ipt_helper_info *info = (struct ipt_helper_info *)match->data;
     81 
     82 	printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name);
     83 }
     84 
     85 static struct iptables_match helper = {
     86 	.next		= NULL,
     87 	.name		= "helper",
     88 	.version	= IPTABLES_VERSION,
     89 	.size		= IPT_ALIGN(sizeof(struct ipt_helper_info)),
     90 	.help		= &help,
     91 	.parse		= &parse,
     92 	.final_check	= &final_check,
     93 	.print		= &print,
     94 	.save		= &save,
     95 	.extra_opts	= opts
     96 };
     97 
     98 void ipt_helper_init(void)
     99 {
    100 	register_match(&helper);
    101 }
    102