1 /* 2 * Author: Paul.Russell (at) rustcorp.com.au and mneuling (at) radlogic.com.au 3 * 4 * Based on the ipchains code by Paul Russell and Michael Neuling 5 * 6 * (C) 2000-2002 by the netfilter coreteam <coreteam (at) netfilter.org>: 7 * Paul 'Rusty' Russell <rusty (at) rustcorp.com.au> 8 * Marc Boucher <marc+nf (at) mbsi.ca> 9 * James Morris <jmorris (at) intercode.com.au> 10 * Harald Welte <laforge (at) gnumonks.org> 11 * Jozsef Kadlecsik <kadlec (at) blackhole.kfki.hu> 12 * 13 * iptables -- IP firewall administration for kernels with 14 * firewall table (aimed for the 2.3 kernels) 15 * 16 * See the accompanying manual page iptables(8) for information 17 * about proper usage of this program. 18 * 19 * This program is free software; you can redistribute it and/or modify 20 * it under the terms of the GNU General Public License as published by 21 * the Free Software Foundation; either version 2 of the License, or 22 * (at your option) any later version. 23 * 24 * This program is distributed in the hope that it will be useful, 25 * but WITHOUT ANY WARRANTY; without even the implied warranty of 26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 27 * GNU General Public License for more details. 28 * 29 * You should have received a copy of the GNU General Public License 30 * along with this program; if not, write to the Free Software 31 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 32 */ 33 34 #include <stdio.h> 35 #include <stdlib.h> 36 #include <errno.h> 37 #include <string.h> 38 #include <iptables.h> 39 #include "xtables-multi.h" 40 #include "nft.h" 41 42 static int 43 xtables_main(int family, const char *progname, int argc, char *argv[]) 44 { 45 int ret; 46 char *table = "filter"; 47 struct nft_handle h = { 48 .family = family, 49 }; 50 51 xtables_globals.program_name = progname; 52 ret = xtables_init_all(&xtables_globals, family); 53 if (ret < 0) { 54 fprintf(stderr, "%s/%s Failed to initialize xtables\n", 55 xtables_globals.program_name, 56 xtables_globals.program_version); 57 exit(1); 58 } 59 #if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) 60 init_extensions(); 61 init_extensions4(); 62 #endif 63 64 if (nft_init(&h, xtables_ipv4) < 0) { 65 fprintf(stderr, "%s/%s Failed to initialize nft: %s\n", 66 xtables_globals.program_name, 67 xtables_globals.program_version, 68 strerror(errno)); 69 nft_fini(&h); 70 exit(EXIT_FAILURE); 71 } 72 73 ret = do_commandx(&h, argc, argv, &table, false); 74 if (ret) 75 ret = nft_commit(&h); 76 77 nft_fini(&h); 78 79 if (!ret) { 80 if (errno == EINVAL) { 81 fprintf(stderr, "iptables: %s. " 82 "Run `dmesg' for more information.\n", 83 nft_strerror(errno)); 84 } else { 85 fprintf(stderr, "iptables: %s.\n", 86 nft_strerror(errno)); 87 } 88 if (errno == EAGAIN) { 89 exit(RESOURCE_PROBLEM); 90 } 91 } 92 93 exit(!ret); 94 } 95 96 int xtables_ip4_main(int argc, char *argv[]) 97 { 98 return xtables_main(NFPROTO_IPV4, "iptables", argc, argv); 99 } 100 101 int xtables_ip6_main(int argc, char *argv[]) 102 { 103 return xtables_main(NFPROTO_IPV6, "ip6tables", argc, argv); 104 } 105