diff options
Diffstat (limited to 'extensions/libxt_connmark.c')
| -rw-r--r-- | extensions/libxt_connmark.c | 120 |
1 files changed, 36 insertions, 84 deletions
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c index 38aa563..6f1d532 100644 --- a/extensions/libxt_connmark.c +++ b/extensions/libxt_connmark.c @@ -19,22 +19,19 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#include <stdbool.h> +#include <stdint.h> #include <stdio.h> -#include <netdb.h> -#include <string.h> -#include <stdlib.h> -#include <getopt.h> - #include <xtables.h> #include <linux/netfilter/xt_connmark.h> struct xt_connmark_info { unsigned long mark, mask; - u_int8_t invert; + uint8_t invert; }; enum { - F_MARK = 1 << 0, + O_MARK = 0, }; static void connmark_mt_help(void) @@ -44,83 +41,40 @@ static void connmark_mt_help(void) "[!] --mark value[/mask] Match ctmark value with optional mask\n"); } -static const struct option connmark_mt_opts[] = { - {.name = "mark", .has_arg = true, .val = '1'}, - { .name = NULL } +static const struct xt_option_entry connmark_mt_opts[] = { + {.name = "mark", .id = O_MARK, .type = XTTYPE_MARKMASK32, + .flags = XTOPT_MAND | XTOPT_INVERT}, + XTOPT_TABLEEND, }; -static int -connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) +static void connmark_mt_parse(struct xt_option_call *cb) { - struct xt_connmark_mtinfo1 *info = (void *)(*match)->data; - unsigned int mark, mask = UINT32_MAX; - char *end; - - switch (c) { - case '1': /* --mark */ - xtables_param_act(XTF_ONLY_ONCE, "connmark", "--mark", *flags & F_MARK); - if (!xtables_strtoui(optarg, &end, &mark, 0, UINT32_MAX)) - xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg); - if (*end == '/') - if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX)) - xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg); - if (*end != '\0') - xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg); - - if (invert) - info->invert = true; - info->mark = mark; - info->mask = mask; - *flags |= F_MARK; - return true; - } - return false; + struct xt_connmark_mtinfo1 *info = cb->data; + + xtables_option_parse(cb); + if (cb->invert) + info->invert = true; + info->mark = cb->val.mark; + info->mask = cb->val.mask; } -static int -connmark_parse(int c, char **argv, int invert, unsigned int *flags, - const void *entry, struct xt_entry_match **match) +static void connmark_parse(struct xt_option_call *cb) { - struct xt_connmark_info *markinfo = (struct xt_connmark_info *)(*match)->data; - - switch (c) { - char *end; - case '1': - xtables_check_inverse(optarg, &invert, &optind, 0, argv); - - markinfo->mark = strtoul(optarg, &end, 0); - markinfo->mask = 0xffffffffUL; - - if (*end == '/') - markinfo->mask = strtoul(end+1, &end, 0); - - if (*end != '\0' || end == optarg) - xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); - if (invert) - markinfo->invert = 1; - *flags = 1; - break; - - default: - return 0; - } - return 1; + struct xt_connmark_info *markinfo = cb->data; + + xtables_option_parse(cb); + markinfo->mark = cb->val.mark; + markinfo->mask = cb->val.mask; + if (cb->invert) + markinfo->invert = 1; } static void print_mark(unsigned int mark, unsigned int mask) { if (mask != 0xffffffffU) - printf("0x%x/0x%x ", mark, mask); + printf(" 0x%x/0x%x", mark, mask); else - printf("0x%x ", mark); -} - -static void connmark_mt_check(unsigned int flags) -{ - if (flags == 0) - xtables_error(PARAMETER_PROBLEM, - "connmark: The --mark option is required"); + printf(" 0x%x", mark); } static void @@ -128,7 +82,7 @@ connmark_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_connmark_info *info = (const void *)match->data; - printf("CONNMARK match "); + printf(" CONNMARK match "); if (info->invert) printf("!"); print_mark(info->mark, info->mask); @@ -139,7 +93,7 @@ connmark_mt_print(const void *ip, const struct xt_entry_match *match, int numeri { const struct xt_connmark_mtinfo1 *info = (const void *)match->data; - printf("connmark match "); + printf(" connmark match "); if (info->invert) printf("!"); print_mark(info->mark, info->mask); @@ -150,9 +104,9 @@ static void connmark_save(const void *ip, const struct xt_entry_match *match) const struct xt_connmark_info *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } @@ -162,9 +116,9 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_connmark_mtinfo1 *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } @@ -177,11 +131,10 @@ static struct xtables_match connmark_mt_reg[] = { .size = XT_ALIGN(sizeof(struct xt_connmark_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_info)), .help = connmark_mt_help, - .parse = connmark_parse, - .final_check = connmark_mt_check, .print = connmark_print, .save = connmark_save, - .extra_opts = connmark_mt_opts, + .x6_parse = connmark_parse, + .x6_options = connmark_mt_opts, }, { .version = XTABLES_VERSION, @@ -191,11 +144,10 @@ static struct xtables_match connmark_mt_reg[] = { .size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)), .help = connmark_mt_help, - .parse = connmark_mt_parse, - .final_check = connmark_mt_check, .print = connmark_mt_print, .save = connmark_mt_save, - .extra_opts = connmark_mt_opts, + .x6_parse = connmark_mt_parse, + .x6_options = connmark_mt_opts, }, }; |