1 #ifndef _IP6TABLES_USER_H 2 #define _IP6TABLES_USER_H 3 4 #include "iptables_common.h" 5 #include "libiptc/libip6tc.h" 6 7 #ifndef IP6T_LIB_DIR 8 #define IP6T_LIB_DIR "/usr/local/lib/iptables" 9 #endif 10 11 #ifndef IPPROTO_SCTP 12 #define IPPROTO_SCTP 132 13 #endif 14 #ifndef IPPROTO_DCCP 15 #define IPPROTO_DCCP 33 16 #endif 17 #ifndef IPPROTO_UDPLITE 18 #define IPPROTO_UDPLITE 136 19 #endif 20 21 #ifndef IP6T_SO_GET_REVISION_MATCH /* Old kernel source. */ 22 #define IP6T_SO_GET_REVISION_MATCH 68 23 #define IP6T_SO_GET_REVISION_TARGET 69 24 25 struct ip6t_get_revision 26 { 27 char name[IP6T_FUNCTION_MAXNAMELEN-1]; 28 29 u_int8_t revision; 30 }; 31 #endif /* IP6T_SO_GET_REVISION_MATCH Old kernel source */ 32 33 struct ip6tables_rule_match 34 { 35 struct ip6tables_rule_match *next; 36 37 struct ip6tables_match *match; 38 39 /* Multiple matches of the same type: the ones before 40 the current one are completed from parsing point of view */ 41 unsigned int completed; 42 }; 43 44 /* Include file for additions: new matches and targets. */ 45 struct ip6tables_match 46 { 47 struct ip6tables_match *next; 48 49 ip6t_chainlabel name; 50 51 /* Revision of match (0 by default). */ 52 u_int8_t revision; 53 54 const char *version; 55 56 /* Size of match data. */ 57 size_t size; 58 59 /* Size of match data relevent for userspace comparison purposes */ 60 size_t userspacesize; 61 62 /* Function which prints out usage message. */ 63 void (*help)(void); 64 65 /* Initialize the match. */ 66 void (*init)(struct ip6t_entry_match *m, unsigned int *nfcache); 67 68 /* Function which parses command options; returns true if it 69 ate an option */ 70 int (*parse)(int c, char **argv, int invert, unsigned int *flags, 71 const struct ip6t_entry *entry, 72 unsigned int *nfcache, 73 struct ip6t_entry_match **match); 74 75 /* Final check; exit if not ok. */ 76 void (*final_check)(unsigned int flags); 77 78 /* Prints out the match iff non-NULL: put space at end */ 79 void (*print)(const struct ip6t_ip6 *ip, 80 const struct ip6t_entry_match *match, int numeric); 81 82 /* Saves the union ipt_matchinfo in parsable form to stdout. */ 83 void (*save)(const struct ip6t_ip6 *ip, 84 const struct ip6t_entry_match *match); 85 86 /* Pointer to list of extra command-line options */ 87 const struct option *extra_opts; 88 89 /* Ignore these men behind the curtain: */ 90 unsigned int option_offset; 91 struct ip6t_entry_match *m; 92 unsigned int mflags; 93 #ifdef NO_SHARED_LIBS 94 unsigned int loaded; /* simulate loading so options are merged properly */ 95 #endif 96 }; 97 98 struct ip6tables_target 99 { 100 struct ip6tables_target *next; 101 102 ip6t_chainlabel name; 103 104 const char *version; 105 106 /* Size of target data. */ 107 size_t size; 108 109 /* Size of target data relevent for userspace comparison purposes */ 110 size_t userspacesize; 111 112 /* Function which prints out usage message. */ 113 void (*help)(void); 114 115 /* Initialize the target. */ 116 void (*init)(struct ip6t_entry_target *t, unsigned int *nfcache); 117 118 /* Function which parses command options; returns true if it 119 ate an option */ 120 int (*parse)(int c, char **argv, int invert, unsigned int *flags, 121 const struct ip6t_entry *entry, 122 struct ip6t_entry_target **target); 123 124 /* Final check; exit if not ok. */ 125 void (*final_check)(unsigned int flags); 126 127 /* Prints out the target iff non-NULL: put space at end */ 128 void (*print)(const struct ip6t_ip6 *ip, 129 const struct ip6t_entry_target *target, int numeric); 130 131 /* Saves the targinfo in parsable form to stdout. */ 132 void (*save)(const struct ip6t_ip6 *ip, 133 const struct ip6t_entry_target *target); 134 135 /* Pointer to list of extra command-line options */ 136 struct option *extra_opts; 137 138 /* Ignore these men behind the curtain: */ 139 unsigned int option_offset; 140 struct ip6t_entry_target *t; 141 unsigned int tflags; 142 unsigned int used; 143 #ifdef NO_SHARED_LIBS 144 unsigned int loaded; /* simulate loading so options are merged properly */ 145 #endif 146 }; 147 148 extern int line; 149 150 /* Your shared library should call one of these. */ 151 extern void register_match6(struct ip6tables_match *me); 152 extern void register_target6(struct ip6tables_target *me); 153 154 extern int service_to_port(const char *name, const char *proto); 155 extern u_int16_t parse_port(const char *port, const char *proto); 156 extern int do_command6(int argc, char *argv[], char **table, 157 ip6tc_handle_t *handle); 158 /* Keeping track of external matches and targets: linked lists. */ 159 extern struct ip6tables_match *ip6tables_matches; 160 extern struct ip6tables_target *ip6tables_targets; 161 162 enum ip6t_tryload { 163 DONT_LOAD, 164 DURING_LOAD, 165 TRY_LOAD, 166 LOAD_MUST_SUCCEED 167 }; 168 169 extern struct ip6tables_target *find_target(const char *name, enum ip6t_tryload); 170 extern struct ip6tables_match *find_match(const char *name, enum ip6t_tryload, struct ip6tables_rule_match **match); 171 172 extern void parse_interface(const char *arg, char *vianame, unsigned char *mask); 173 174 extern int for_each_chain(int (*fn)(const ip6t_chainlabel, int, ip6tc_handle_t *), int verbose, int builtinstoo, ip6tc_handle_t *handle); 175 extern int flush_entries(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 176 extern int delete_chain(const ip6t_chainlabel chain, int verbose, ip6tc_handle_t *handle); 177 extern int ip6tables_insmod(const char *modname, const char *modprobe); 178 extern int load_ip6tables_ko(const char *modprobe); 179 180 #endif /*_IP6TABLES_USER_H*/ 181
