diff options
Diffstat (limited to 'extensions/libipt_ttl.c')
| -rw-r--r-- | extensions/libipt_ttl.c | 138 |
1 files changed, 53 insertions, 85 deletions
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c index e2fbcd5..5fe08cc 100644 --- a/extensions/libipt_ttl.c +++ b/extensions/libipt_ttl.c @@ -1,89 +1,51 @@ /* Shared library add-on to iptables to add TTL matching support * (C) 2000 by Harald Welte <laforge@gnumonks.org> * - * $Id$ - * * This program is released under the terms of GNU GPL */ - #include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <getopt.h> #include <xtables.h> - #include <linux/netfilter_ipv4/ipt_ttl.h> +enum { + O_TTL_EQ = 0, + O_TTL_LT, + O_TTL_GT, + F_TTL_EQ = 1 << O_TTL_EQ, + F_TTL_LT = 1 << O_TTL_LT, + F_TTL_GT = 1 << O_TTL_GT, + F_ANY = F_TTL_EQ | F_TTL_LT | F_TTL_GT, +}; + static void ttl_help(void) { printf( "ttl match options:\n" -" --ttl-eq value Match time to live value\n" +"[!] --ttl-eq value Match time to live value\n" " --ttl-lt value Match TTL < value\n" " --ttl-gt value Match TTL > value\n"); } -static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) +static void ttl_parse(struct xt_option_call *cb) { - struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data; - unsigned int value; - - xtables_check_inverse(optarg, &invert, &optind, 0, argv); - - switch (c) { - case '2': - if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - xtables_error(PARAMETER_PROBLEM, - "ttl: Expected value between 0 and 255"); - - if (invert) - info->mode = IPT_TTL_NE; - else - info->mode = IPT_TTL_EQ; - - /* is 0 allowed? */ - info->ttl = value; - break; - case '3': - if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - xtables_error(PARAMETER_PROBLEM, - "ttl: Expected value between 0 and 255"); - - if (invert) - xtables_error(PARAMETER_PROBLEM, - "ttl: unexpected `!'"); - - info->mode = IPT_TTL_LT; - info->ttl = value; - break; - case '4': - if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - xtables_error(PARAMETER_PROBLEM, - "ttl: Expected value between 0 and 255"); - - if (invert) - xtables_error(PARAMETER_PROBLEM, - "ttl: unexpected `!'"); - - info->mode = IPT_TTL_GT; - info->ttl = value; - break; - default: - return 0; - + struct ipt_ttl_info *info = cb->data; + + xtables_option_parse(cb); + switch (cb->entry->id) { + case O_TTL_EQ: + info->mode = cb->invert ? IPT_TTL_NE : IPT_TTL_EQ; + break; + case O_TTL_LT: + info->mode = IPT_TTL_LT; + break; + case O_TTL_GT: + info->mode = IPT_TTL_GT; + break; } - - if (*flags) - xtables_error(PARAMETER_PROBLEM, - "Can't specify TTL option twice"); - *flags = 1; - - return 1; } -static void ttl_check(unsigned int flags) +static void ttl_check(struct xt_fcheck_call *cb) { - if (!flags) + if (!(cb->xflags & F_ANY)) xtables_error(PARAMETER_PROBLEM, "TTL match: You must specify one of " "`--ttl-eq', `--ttl-lt', `--ttl-gt"); @@ -95,22 +57,22 @@ static void ttl_print(const void *ip, const struct xt_entry_match *match, const struct ipt_ttl_info *info = (struct ipt_ttl_info *) match->data; - printf("TTL match "); + printf(" TTL match "); switch (info->mode) { case IPT_TTL_EQ: - printf("TTL == "); + printf("TTL =="); break; case IPT_TTL_NE: - printf("TTL != "); + printf("TTL !="); break; case IPT_TTL_LT: - printf("TTL < "); + printf("TTL <"); break; case IPT_TTL_GT: - printf("TTL > "); + printf("TTL >"); break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } static void ttl_save(const void *ip, const struct xt_entry_match *match) @@ -120,31 +82,37 @@ static void ttl_save(const void *ip, const struct xt_entry_match *match) switch (info->mode) { case IPT_TTL_EQ: - printf("--ttl-eq "); + printf(" --ttl-eq"); break; case IPT_TTL_NE: - printf("! --ttl-eq "); + printf(" ! --ttl-eq"); break; case IPT_TTL_LT: - printf("--ttl-lt "); + printf(" --ttl-lt"); break; case IPT_TTL_GT: - printf("--ttl-gt "); + printf(" --ttl-gt"); break; default: /* error */ break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } -static const struct option ttl_opts[] = { - { "ttl", 1, NULL, '2' }, - { "ttl-eq", 1, NULL, '2'}, - { "ttl-lt", 1, NULL, '3'}, - { "ttl-gt", 1, NULL, '4'}, - { .name = NULL } +#define s struct ipt_ttl_info +static const struct xt_option_entry ttl_opts[] = { + {.name = "ttl-lt", .id = O_TTL_LT, .excl = F_ANY, .type = XTTYPE_UINT8, + .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)}, + {.name = "ttl-gt", .id = O_TTL_GT, .excl = F_ANY, .type = XTTYPE_UINT8, + .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)}, + {.name = "ttl-eq", .id = O_TTL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8, + .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, ttl)}, + {.name = "ttl", .id = O_TTL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8, + .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)}, + XTOPT_TABLEEND, }; +#undef s static struct xtables_match ttl_mt_reg = { .name = "ttl", @@ -153,11 +121,11 @@ static struct xtables_match ttl_mt_reg = { .size = XT_ALIGN(sizeof(struct ipt_ttl_info)), .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)), .help = ttl_help, - .parse = ttl_parse, - .final_check = ttl_check, .print = ttl_print, .save = ttl_save, - .extra_opts = ttl_opts, + .x6_parse = ttl_parse, + .x6_fcheck = ttl_check, + .x6_options = ttl_opts, }; |