diff options
| author | Daniel Wagner <daniel.wagner@bmw-carit.de> | 2013-02-12 10:19:50 +0100 |
|---|---|---|
| committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2013-02-12 12:34:42 +0200 |
| commit | 161efbae1a4d554d244c206d5cfa1342fc4220cf (patch) | |
| tree | 16daebe29d392fe41ea6d558a69ddf46c8a577cf /src/iptables.c | |
| parent | 4ef79dcb96b08830b03ffcc52120ea843a9f3685 (diff) | |
| download | connman-161efbae1a4d554d244c206d5cfa1342fc4220cf.tar.gz connman-161efbae1a4d554d244c206d5cfa1342fc4220cf.tar.bz2 connman-161efbae1a4d554d244c206d5cfa1342fc4220cf.zip | |
iptables: Remove unused __connman_iptables_command()
Diffstat (limited to 'src/iptables.c')
| -rw-r--r-- | src/iptables.c | 462 |
1 files changed, 0 insertions, 462 deletions
diff --git a/src/iptables.c b/src/iptables.c index 0e1eefb7..e395af71 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -752,33 +752,6 @@ static struct ipt_entry *prepare_rule_inclusion(struct connman_iptables *table, return new_entry; } -static int iptables_append_rule(struct connman_iptables *table, - struct ipt_ip *ip, char *chain_name, - char *target_name, struct xtables_target *xt_t, - struct xtables_rule_match *xt_rm) -{ - GList *chain_tail; - struct ipt_entry *new_entry; - int builtin = -1, ret; - - DBG(""); - - chain_tail = find_chain_tail(table, chain_name); - if (chain_tail == NULL) - return -EINVAL; - - new_entry = prepare_rule_inclusion(table, ip, chain_name, - target_name, xt_t, &builtin, xt_rm); - if (new_entry == NULL) - return -EINVAL; - - ret = iptables_add_entry(table, new_entry, chain_tail->prev, builtin); - if (ret < 0) - g_free(new_entry); - - return ret; -} - static int iptables_insert_rule(struct connman_iptables *table, struct ipt_ip *ip, const char *chain_name, const char *target_name, @@ -1009,29 +982,6 @@ static int iptables_delete_rule(struct connman_iptables *table, return 0; } -static int iptables_compare_rule(struct connman_iptables *table, - struct ipt_ip *ip, const char *chain_name, - const char *target_name, - struct xtables_target *xt_t, - struct xtables_match *xt_m, - struct xtables_rule_match *xt_rm) -{ - struct connman_iptables_entry *entry; - GList *found; - - found = find_existing_rule(table, ip, chain_name, target_name, - xt_t, xt_m, xt_rm); - if (found == NULL) - return -EINVAL; - - entry = found->data; - if (entry == NULL) - return -EINVAL; - - return 0; -} - - static int iptables_change_policy(struct connman_iptables *table, const char *chain_name, const char *policy) { @@ -1673,418 +1623,6 @@ static void clear_tables_flags(void) } } -static int iptables_command(int argc, char *argv[]) -{ - struct connman_iptables *table; - struct xtables_rule_match *xt_rm, *tmp_xt_rm; - struct xtables_match *xt_m, *xt_m_t; - struct xtables_target *xt_t; - struct ipt_ip ip; - char *table_name, *chain, *new_chain, *match_name, *target_name; - char *flush_chain, *delete_chain, *policy; - int c, ret, in_len, out_len; - gboolean dump, invert, insert, delete, compare; - - if (argc == 0) - return -EINVAL; - - dump = FALSE; - invert = FALSE; - insert = FALSE; - delete = FALSE; - compare = FALSE; - chain = new_chain = match_name = target_name = NULL; - flush_chain = delete_chain = policy = table_name = NULL; - memset(&ip, 0, sizeof(struct ipt_ip)); - table = NULL; - xt_rm = NULL; - xt_m = NULL; - xt_t = NULL; - /* Default code for options parsing */ - ret = -EINVAL; - - clear_tables_flags(); - - /* extension's options will generate false-positives errors */ - opterr = 0; - - optind = 0; - - while ((c = getopt_long(argc, argv, - "-A:C:D:F:I:L::N:P:X:d:j:i:m:o:s:t:", - iptables_globals.opts, NULL)) != -1) { - switch (c) { - case 'A': - /* It is either -A, -C, -D or -I at once */ - if (chain) - goto out; - - chain = optarg; - break; - - case 'C': - /* It is either -A, -C, -D or -I at once */ - if (chain) - goto out; - - chain = optarg; - compare = TRUE; - break; - - case 'D': - /* It is either -A, -C, -D or -I at once */ - if (chain) - goto out; - - chain = optarg; - delete = TRUE; - break; - - case 'F': - flush_chain = optarg; - break; - - case 'I': - /* It is either -A, -C, -D or -I at once */ - if (chain) - goto out; - - chain = optarg; - insert = TRUE; - break; - - case 'L': - dump = TRUE; - break; - - case 'N': - new_chain = optarg; - break; - - case 'P': - chain = optarg; - if (optind < argc) - policy = argv[optind++]; - else - goto out; - - break; - - case 'X': - delete_chain = optarg; - break; - - case 'd': - if (!parse_ip_and_mask(optarg, &ip.dst, &ip.dmsk)) - break; - - if (invert) - ip.invflags |= IPT_INV_DSTIP; - - break; - - case 'i': - in_len = strlen(optarg); - - if (in_len + 1 > IFNAMSIZ) - break; - - strcpy(ip.iniface, optarg); - memset(ip.iniface_mask, 0xff, in_len + 1); - - if (invert) - ip.invflags |= IPT_INV_VIA_IN; - - break; - - case 'j': - target_name = optarg; - - table = pre_load_table(table_name, table); - if (table == NULL) - goto out; - - xt_t = prepare_target(table, target_name); - if (xt_t == NULL) - goto out; - - break; - - case 'm': - match_name = optarg; - - table = pre_load_table(table_name, table); - if (table == NULL) - goto out; - - xt_m = prepare_matches(table, &xt_rm, match_name); - if (xt_m == NULL) - goto out; - - break; - - case 'o': - out_len = strlen(optarg); - - if (out_len + 1 > IFNAMSIZ) - break; - - strcpy(ip.outiface, optarg); - memset(ip.outiface_mask, 0xff, out_len + 1); - - if (invert) - ip.invflags |= IPT_INV_VIA_OUT; - - break; - - case 's': - if (!parse_ip_and_mask(optarg, &ip.src, &ip.smsk)) - break; - - if (invert) - ip.invflags |= IPT_INV_SRCIP; - - break; - - case 't': - table_name = optarg; - - table = pre_load_table(table_name, table); - if (table == NULL) - goto out; - - break; - - case 1: - if (optarg[0] == '!' && optarg[1] == '\0') { - invert = TRUE; - optarg[0] = '\0'; - continue; - } - - connman_error("Invalid option"); - - goto out; - - default: -#if XTABLES_VERSION_CODE > 5 - if (xt_t != NULL && (xt_t->x6_parse != NULL || - xt_t->parse != NULL) && - (c >= (int) xt_t->option_offset && - c < (int) xt_t->option_offset + - XT_OPTION_OFFSET_SCALE)) { - xtables_option_tpcall(c, argv, - invert, xt_t, NULL); - - break; - } - - for (tmp_xt_rm = xt_rm; tmp_xt_rm != NULL; - tmp_xt_rm = tmp_xt_rm->next) { - xt_m_t = tmp_xt_rm->match; - - if (tmp_xt_rm->completed || - (xt_m_t->x6_parse == NULL && - xt_m_t->parse == NULL)) - continue; - - if (c < (int) xt_m_t->option_offset || - c >= (int) xt_m_t->option_offset - + XT_OPTION_OFFSET_SCALE) - continue; - - xtables_option_mpcall(c, argv, - invert, xt_m_t, NULL); - - break; - } -#else - if (xt_t == NULL || xt_t->parse == NULL || - !xt_t->parse(c - xt_t->option_offset, - argv, invert, &xt_t->tflags, NULL, &xt_t->t)) { - - for (tmp_xt_rm = xt_rm; tmp_xt_rm != NULL; - tmp_xt_rm = tmp_xt_rm->next) { - xt_m_t = tmp_xt_rm->match; - - if (tmp_xt_rm->completed || - xt_m_t->parse == NULL) - continue; - - if (xt_m->parse(c - xt_m->option_offset, - argv, invert, &xt_m->mflags, - NULL, &xt_m->m)) - break; - } - } -#endif - break; - } - - invert = FALSE; - } - -#if XTABLES_VERSION_CODE > 5 - for (tmp_xt_rm = xt_rm; tmp_xt_rm != NULL; - tmp_xt_rm = tmp_xt_rm->next) - xtables_option_mfcall(tmp_xt_rm->match); - - if (xt_t != NULL) - xtables_option_tfcall(xt_t); -#else - for (tmp_xt_rm = xt_rm; tmp_xt_rm != NULL; - tmp_xt_rm = tmp_xt_rm->next) - if (tmp_xt_rm->match->final_check != NULL) - tmp_xt_rm->match->final_check( - tmp_xt_rm->match->mflags); - - if (xt_t != NULL && xt_t->final_check != NULL) - xt_t->final_check(xt_t->tflags); -#endif - - table = pre_load_table(table_name, table); - if (table == NULL) - goto out; - - /* Option parsing went fine, falling back to succes code */ - ret = 0; - - if (delete_chain != NULL) { - printf("Delete chain %s\n", delete_chain); - - iptables_delete_chain(table, delete_chain); - - goto out; - } - - if (dump) { - dump_table(table); - - goto out; - } - - if (flush_chain) { - DBG("Flush chain %s", flush_chain); - - iptables_flush_chain(table, flush_chain); - - goto out; - } - - if (chain && new_chain) { - ret = -EINVAL; - goto out; - } - - if (new_chain) { - DBG("New chain %s", new_chain); - - ret = iptables_add_chain(table, new_chain); - goto out; - } - - if (chain) { - if (policy != NULL) { - printf("Changing policy of %s to %s\n", chain, policy); - - iptables_change_policy(table, chain, policy); - - goto out; - } - - if (xt_t == NULL) - goto out; - - if (compare == TRUE) { - ret = iptables_compare_rule(table, &ip, chain, - target_name, xt_t, xt_m, xt_rm); - goto out; - } - - if (delete == TRUE) { - DBG("Deleting %s to %s (match %s)\n", - target_name, chain, match_name); - - ret = iptables_delete_rule(table, &ip, chain, - target_name, xt_t, xt_m, xt_rm); - - goto out; - } - - if (insert == TRUE) { - DBG("Inserting %s to %s (match %s)", - target_name, chain, match_name); - - ret = iptables_insert_rule(table, &ip, chain, - target_name, xt_t, xt_rm); - - goto out; - } else { - DBG("Adding %s to %s (match %s)", - target_name, chain, match_name); - - ret = iptables_append_rule(table, &ip, chain, - target_name, xt_t, xt_rm); - - goto out; - } - } - -out: - if (xt_t) - g_free(xt_t->t); - - if (xt_m) - g_free(xt_m->m); - - return ret; -} - -int __connman_iptables_command(const char *format, ...) -{ - char **argv, **arguments, *command; - int argc, i, ret; - va_list args; - - if (format == NULL) - return -EINVAL; - - va_start(args, format); - - command = g_strdup_vprintf(format, args); - - va_end(args); - - if (command == NULL) - return -ENOMEM; - - arguments = g_strsplit_set(command, " ", -1); - - for (argc = 0; arguments[argc]; argc++); - ++argc; - - DBG("command %s argc %d", command, argc); - - argv = g_try_malloc0(argc * sizeof(char *)); - if (argv == NULL) { - g_free(command); - g_strfreev(arguments); - return -ENOMEM; - } - - argv[0] = "iptables"; - for (i = 1; i < argc; i++) - argv[i] = arguments[i - 1]; - - ret = iptables_command(argc, argv); - - g_free(command); - g_strfreev(arguments); - g_free(argv); - - return ret; -} - struct parse_context { int argc; char **argv; |