[mirror_iproute2.git] / tc / m_xt.c

/*
 * m_xt.c	xtables based targets
 *		utilities mostly ripped from iptables <duh, its the linux way>
 *
 *		This program is free software; you can distribute it and/or
 *		modify it under the terms of the GNU General Public License
 *		as published by the Free Software Foundation; either version
 *		2 of the License, or (at your option) any later version.
 *
 * Authors:  J Hadi Salim (hadi@cyberus.ca)
 */

#include <syslog.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <net/if.h>
#include <limits.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4/ip_tables.h>
#include <xtables.h>
#include "utils.h"
#include "tc_util.h"
#include <linux/tc_act/tc_ipt.h>
#include <stdio.h>
#include <dlfcn.h>
#include <getopt.h>
#include <errno.h>
#include <string.h>
#include <netdb.h>
#include <stdlib.h>
#include <ctype.h>
#include <stdarg.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/wait.h>
#ifndef XT_LIB_DIR
#       define XT_LIB_DIR "/lib/xtables"
#endif

#ifndef __ALIGN_KERNEL
#define __ALIGN_KERNEL(x, a)		__ALIGN_KERNEL_MASK(x, (typeof(x))(a) - 1)
#define __ALIGN_KERNEL_MASK(x, mask)	(((x) + (mask)) & ~(mask))
#endif

#ifndef ALIGN
#define ALIGN(x, a)	__ALIGN_KERNEL((x), (a))
#endif

static const char *tname = "mangle";

char *lib_dir;

static const char *ipthooks[] = {
	"NF_IP_PRE_ROUTING",
	"NF_IP_LOCAL_IN",
	"NF_IP_FORWARD",
	"NF_IP_LOCAL_OUT",
	"NF_IP_POST_ROUTING",
};

static struct option original_opts[] = {
	{
		.name = "jump",
		.has_arg = 1,
		.val = 'j'
	},
	{0, 0, 0, 0}
};

static struct xtables_globals tcipt_globals = {
	.option_offset = 0,
	.program_name = "tc-ipt",
	.program_version = "0.2",
	.orig_opts = original_opts,
	.opts = original_opts,
	.exit_err = NULL,
};

/*
 * we may need to check for version mismatch
*/
static int
build_st(struct xtables_target *target, struct xt_entry_target *t)
{

	size_t size =
		    XT_ALIGN(sizeof(struct xt_entry_target)) + target->size;

	if (t == NULL) {
		target->t = xtables_calloc(1, size);
		target->t->u.target_size = size;
		strcpy(target->t->u.user.name, target->name);
		target->t->u.user.revision = target->revision;

		if (target->init != NULL)
			target->init(target->t);
	} else {
		target->t = t;
	}
	return 0;

}

static void set_lib_dir(void)
{

	lib_dir = getenv("XTABLES_LIBDIR");
	if (!lib_dir) {
		lib_dir = getenv("IPTABLES_LIB_DIR");
		if (lib_dir)
			fprintf(stderr, "using deprecated IPTABLES_LIB_DIR\n");
	}
	if (lib_dir == NULL)
		lib_dir = XT_LIB_DIR;

}

static int parse_ipt(struct action_util *a, int *argc_p,
		     char ***argv_p, int tca_id, struct nlmsghdr *n)
{
	struct xtables_target *m = NULL;
	struct rtattr *tail;

	int c;
	char **argv = *argv_p;
	int argc = 0;
	char k[16];
	int size = 0;
	int iok = 0, ok = 0;
	__u32 hook = 0, index = 0;
	struct option *opts = NULL;

	/* copy tcipt_globals because .opts will be modified by iptables */
	struct xtables_globals tmp_tcipt_globals = tcipt_globals;
	xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
	set_lib_dir();

	{
		int i;

		for (i = 0; i < *argc_p; i++) {
			if (NULL == argv[i] || 0 == strcmp(argv[i], "action")) {
				break;
			}
		}
		argc = i;
	}

	if (argc <= 2) {
		fprintf(stderr, "bad arguments to ipt %d vs %d\n", argc, *argc_p);
		return -1;
	}

	while (1) {
		c = getopt_long(argc, argv, "j:", tmp_tcipt_globals.opts, NULL);
		if (c == -1)
			break;
		switch (c) {
		case 'j':
			m = xtables_find_target(optarg, XTF_TRY_LOAD);
			if (!m) {
				fprintf(stderr, " failed to find target %s\n\n", optarg);
				return -1;
			}

			if (build_st(m, NULL) < 0) {
				printf(" %s error\n", m->name);
				return -1;
			}
#if (XTABLES_VERSION_CODE >= 6)
			opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
						    tmp_tcipt_globals.opts,
						    m->x6_options,
						    &m->option_offset);
#else
			opts = xtables_merge_options(tmp_tcipt_globals.opts,
						     m->extra_opts,
						     &m->option_offset);
#endif
			if (opts == NULL) {
				fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
				return -1;
			} else
				tmp_tcipt_globals.opts = opts;
			ok++;
			break;

		default:
#if (XTABLES_VERSION_CODE >= 6)
			if (m != NULL && m->x6_parse != NULL) {
				xtables_option_tpcall(c, argv, 0, m, NULL);
#else
			if (m != NULL && m->parse != NULL) {
				m->parse(c - m->option_offset, argv, 0,
				         &m->tflags, NULL, &m->t);
#endif
			} else {
				fprintf(stderr, "failed to find target %s\n\n", optarg);
				return -1;

			}
			ok++;
			break;
		}
	}

	if (argc > optind) {
		if (matches(argv[optind], "index") == 0) {
			if (get_u32(&index, argv[optind + 1], 10)) {
				fprintf(stderr, "Illegal \"index\"\n");
				xtables_free_opts(1);
				return -1;
			}
			iok++;

			optind += 2;
		}
	}

	if (!ok && !iok) {
		fprintf(stderr, " ipt Parser BAD!! (%s)\n", *argv);
		return -1;
	}

	/* check that we passed the correct parameters to the target */
#if (XTABLES_VERSION_CODE >= 6)
	if (m)
		xtables_option_tfcall(m);
#else
	if (m && m->final_check)
		m->final_check(m->tflags);
#endif

	{
		struct tcmsg *t = NLMSG_DATA(n);

		if (t->tcm_parent != TC_H_ROOT
		    && t->tcm_parent == TC_H_MAJ(TC_H_INGRESS)) {
			hook = NF_IP_PRE_ROUTING;
		} else {
			hook = NF_IP_POST_ROUTING;
		}
	}

	tail = NLMSG_TAIL(n);
	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
	fprintf(stdout, "tablename: %s hook: %s\n ", tname, ipthooks[hook]);
	fprintf(stdout, "\ttarget: ");

	if (m) {
		if (m->print)
			m->print(NULL, m->t, 0);
		else
			printf("%s ", m->name);
	}
	fprintf(stdout, " index %d\n", index);

	if (strlen(tname) > 16) {
		size = 16;
		k[15] = 0;
	} else {
		size = 1 + strlen(tname);
	}
	strncpy(k, tname, size);

	addattr_l(n, MAX_MSG, TCA_IPT_TABLE, k, size);
	addattr_l(n, MAX_MSG, TCA_IPT_HOOK, &hook, 4);
	addattr_l(n, MAX_MSG, TCA_IPT_INDEX, &index, 4);
	if (m)
		addattr_l(n, MAX_MSG, TCA_IPT_TARG, m->t, m->t->u.target_size);
	tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;

	argv += optind;
	*argc_p -= argc;
	*argv_p = argv;

	optind = 0;
	xtables_free_opts(1);

	if (m) {
		/* Clear flags if target will be used again */
		m->tflags = 0;
		m->used = 0;
		/* Free allocated memory */
		if (m->t)
			free(m->t);
	}

	return 0;

}

static int
print_ipt(struct action_util *au, FILE * f, struct rtattr *arg)
{
	struct xtables_target *m;
	struct rtattr *tb[TCA_IPT_MAX + 1];
	struct xt_entry_target *t = NULL;
	struct option *opts = NULL;

	if (arg == NULL)
		return -1;

	/* copy tcipt_globals because .opts will be modified by iptables */
	struct xtables_globals tmp_tcipt_globals = tcipt_globals;

	xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
	set_lib_dir();

	parse_rtattr_nested(tb, TCA_IPT_MAX, arg);

	if (tb[TCA_IPT_TABLE] == NULL) {
		fprintf(f, "[NULL ipt table name ] assuming mangle ");
	} else {
		fprintf(f, "tablename: %s ",
			rta_getattr_str(tb[TCA_IPT_TABLE]));
	}

	if (tb[TCA_IPT_HOOK] == NULL) {
		fprintf(f, "[NULL ipt hook name ]\n ");
		return -1;
	} else {
		__u32 hook;

		hook = rta_getattr_u32(tb[TCA_IPT_HOOK]);
		fprintf(f, " hook: %s\n", ipthooks[hook]);
	}

	if (tb[TCA_IPT_TARG] == NULL) {
		fprintf(f, "\t[NULL ipt target parameters ]\n");
		return -1;
	}

	t = RTA_DATA(tb[TCA_IPT_TARG]);
	m = xtables_find_target(t->u.user.name, XTF_TRY_LOAD);
	if (!m) {
		fprintf(stderr, " failed to find target %s\n\n",
			t->u.user.name);
		return -1;
	}
	if (build_st(m, t) < 0) {
		fprintf(stderr, " %s error\n", m->name);
		return -1;
	}

#if (XTABLES_VERSION_CODE >= 6)
	opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
				    tmp_tcipt_globals.opts,
				    m->x6_options,
				    &m->option_offset);
#else
	opts = xtables_merge_options(tmp_tcipt_globals.opts,
				     m->extra_opts,
				     &m->option_offset);
#endif
	if (opts == NULL) {
		fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
		return -1;
	} else
		tmp_tcipt_globals.opts = opts;
	fprintf(f, "\ttarget ");
	m->print(NULL, m->t, 0);
	if (tb[TCA_IPT_INDEX] == NULL) {
		fprintf(f, " [NULL ipt target index ]\n");
	} else {
		__u32 index;

		index = rta_getattr_u32(tb[TCA_IPT_INDEX]);
		fprintf(f, "\n\tindex %d", index);
	}

	if (tb[TCA_IPT_CNT]) {
		struct tc_cnt *c  = RTA_DATA(tb[TCA_IPT_CNT]);

		fprintf(f, " ref %d bind %d", c->refcnt, c->bindcnt);
	}
	if (show_stats) {
		if (tb[TCA_IPT_TM]) {
			struct tcf_t *tm = RTA_DATA(tb[TCA_IPT_TM]);

			print_tm(f, tm);
		}
	}
	fprintf(f, "\n");

	xtables_free_opts(1);

	return 0;
}

struct action_util xt_action_util = {
	.id = "xt",
	.parse_aopt = parse_ipt,
	.print_aopt = print_ipt,
};
Commit	Line	Data
a36ceb85 AH	1	/*
a36ceb85 AH	2	* m_xt.c xtables based targets
3d0b7439	3	* utilities mostly ripped from iptables <duh, its the linux way>
a36ceb85 AH	4	*
	5	* This program is free software; you can distribute it and/or
	6	* modify it under the terms of the GNU General Public License
	7	* as published by the Free Software Foundation; either version
	8	* 2 of the License, or (at your option) any later version.
	9	*
	10	* Authors: J Hadi Salim (hadi@cyberus.ca)
	11	*/
	12
	13	#include <syslog.h>
	14	#include <sys/socket.h>
	15	#include <netinet/in.h>
	16	#include <arpa/inet.h>
	17	#include <net/if.h>
	18	#include <limits.h>
	19	#include <linux/netfilter.h>
	20	#include <linux/netfilter_ipv4/ip_tables.h>
	21	#include <xtables.h>
	22	#include "utils.h"
	23	#include "tc_util.h"
	24	#include <linux/tc_act/tc_ipt.h>
	25	#include <stdio.h>
	26	#include <dlfcn.h>
	27	#include <getopt.h>
	28	#include <errno.h>
	29	#include <string.h>
	30	#include <netdb.h>
	31	#include <stdlib.h>
	32	#include <ctype.h>
	33	#include <stdarg.h>
a36ceb85 AH	34	#include <unistd.h>
	35	#include <fcntl.h>
	36	#include <sys/wait.h>
	37	#ifndef XT_LIB_DIR
	38	# define XT_LIB_DIR "/lib/xtables"
	39	#endif
	40
cfa292de AD	41	#ifndef __ALIGN_KERNEL
	42	#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (typeof(x))(a) - 1)
	43	#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
	44	#endif
	45
609ceb80	46	#ifndef ALIGN
32a121cb	47	#define ALIGN(x, a) __ALIGN_KERNEL((x), (a))
609ceb80 SH	48	#endif
609ceb80 SH	49
a36ceb85 AH	50	static const char *tname = "mangle";
	51
	52	char *lib_dir;
	53
	54	static const char *ipthooks[] = {
	55	"NF_IP_PRE_ROUTING",
	56	"NF_IP_LOCAL_IN",
	57	"NF_IP_FORWARD",
	58	"NF_IP_LOCAL_OUT",
	59	"NF_IP_POST_ROUTING",
	60	};
	61
	62	static struct option original_opts[] = {
	63	{
	64	.name = "jump",
	65	.has_arg = 1,
	66	.val = 'j'
	67	},
	68	{0, 0, 0, 0}
	69	};
	70
	71	static struct xtables_globals tcipt_globals = {
	72	.option_offset = 0,
	73	.program_name = "tc-ipt",
	74	.program_version = "0.2",
	75	.orig_opts = original_opts,
	76	.opts = original_opts,
	77	.exit_err = NULL,
	78	};
	79
	80	/*
	81	* we may need to check for version mismatch
	82	*/
d1f28cf1	83	static int
a36ceb85 AH	84	build_st(struct xtables_target target, struct xt_entry_target t)
	85	{
	86
	87	size_t size =
32a121cb	88	XT_ALIGN(sizeof(struct xt_entry_target)) + target->size;
a36ceb85	89
32a121cb	90	if (t == NULL) {
a36ceb85 AH	91	target->t = xtables_calloc(1, size);
	92	target->t->u.target_size = size;
	93	strcpy(target->t->u.user.name, target->name);
be3c4d4f	94	target->t->u.user.revision = target->revision;
a36ceb85 AH	95
	96	if (target->init != NULL)
	97	target->init(target->t);
	98	} else {
	99	target->t = t;
	100	}
	101	return 0;
	102
	103	}
	104
d1f28cf1	105	static void set_lib_dir(void)
a36ceb85 AH	106	{
	107
	108	lib_dir = getenv("XTABLES_LIBDIR");
	109	if (!lib_dir) {
	110	lib_dir = getenv("IPTABLES_LIB_DIR");
	111	if (lib_dir)
32a121cb	112	fprintf(stderr, "using deprecated IPTABLES_LIB_DIR\n");
a36ceb85 AH	113	}
	114	if (lib_dir == NULL)
	115	lib_dir = XT_LIB_DIR;
	116
	117	}
	118
32a121cb	119	static int parse_ipt(struct action_util a, int argc_p,
a36ceb85 AH	120	char **argv_p, int tca_id, struct nlmsghdr n)
	121	{
	122	struct xtables_target *m = NULL;
a36ceb85	123	struct rtattr *tail;
852d5122	124
a36ceb85	125	int c;
a36ceb85	126	char *argv = argv_p;
28432f37	127	int argc = 0;
a36ceb85	128	char k[16];
a36ceb85 AH	129	int size = 0;
	130	int iok = 0, ok = 0;
	131	__u32 hook = 0, index = 0;
852d5122	132	struct option *opts = NULL;
a36ceb85	133
8eee75a8 PS	134	/* copy tcipt_globals because .opts will be modified by iptables */
	135	struct xtables_globals tmp_tcipt_globals = tcipt_globals;
	136	xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
a36ceb85 AH	137	set_lib_dir();
	138
	139	{
	140	int i;
32a121cb	141
ab8f52fc	142	for (i = 0; i < *argc_p; i++) {
a36ceb85 AH	143	if (NULL == argv[i] \|\| 0 == strcmp(argv[i], "action")) {
	144	break;
	145	}
	146	}
28432f37	147	argc = i;
a36ceb85 AH	148	}
	149
	150	if (argc <= 2) {
ab8f52fc	151	fprintf(stderr, "bad arguments to ipt %d vs %d\n", argc, *argc_p);
a36ceb85 AH	152	return -1;
	153	}
	154
	155	while (1) {
8eee75a8	156	c = getopt_long(argc, argv, "j:", tmp_tcipt_globals.opts, NULL);
a36ceb85 AH	157	if (c == -1)
	158	break;
	159	switch (c) {
	160	case 'j':
	161	m = xtables_find_target(optarg, XTF_TRY_LOAD);
f1a7c7d8 PS	162	if (!m) {
	163	fprintf(stderr, " failed to find target %s\n\n", optarg);
	164	return -1;
	165	}
a36ceb85	166
f1a7c7d8 PS	167	if (build_st(m, NULL) < 0) {
	168	printf(" %s error\n", m->name);
	169	return -1;
	170	}
73de5d96	171	#if (XTABLES_VERSION_CODE >= 6)
8eee75a8 PS	172	opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
8eee75a8 PS	173	tmp_tcipt_globals.opts,
852d5122 JHS	174	m->x6_options,
	175	&m->option_offset);
	176	#else
8eee75a8	177	opts = xtables_merge_options(tmp_tcipt_globals.opts,
852d5122 JHS	178	m->extra_opts,
852d5122 JHS	179	&m->option_offset);
73de5d96	180	#endif
852d5122	181	if (opts == NULL) {
b2e116d6	182	fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
852d5122 JHS	183	return -1;
852d5122 JHS	184	} else
8eee75a8	185	tmp_tcipt_globals.opts = opts;
a36ceb85 AH	186	ok++;
	187	break;
	188
	189	default:
852d5122	190	#if (XTABLES_VERSION_CODE >= 6)
f1a7c7d8 PS	191	if (m != NULL && m->x6_parse != NULL) {
f1a7c7d8 PS	192	xtables_option_tpcall(c, argv, 0, m, NULL);
852d5122	193	#else
f1a7c7d8 PS	194	if (m != NULL && m->parse != NULL) {
	195	m->parse(c - m->option_offset, argv, 0,
	196	&m->tflags, NULL, &m->t);
852d5122	197	#endif
a36ceb85	198	} else {
32a121cb	199	fprintf(stderr, "failed to find target %s\n\n", optarg);
a36ceb85 AH	200	return -1;
	201
	202	}
	203	ok++;
	204	break;
a36ceb85 AH	205	}
	206	}
	207
28432f37	208	if (argc > optind) {
a36ceb85 AH	209	if (matches(argv[optind], "index") == 0) {
	210	if (get_u32(&index, argv[optind + 1], 10)) {
	211	fprintf(stderr, "Illegal \"index\"\n");
	212	xtables_free_opts(1);
	213	return -1;
	214	}
	215	iok++;
	216
	217	optind += 2;
	218	}
	219	}
	220
	221	if (!ok && !iok) {
32a121cb	222	fprintf(stderr, " ipt Parser BAD!! (%s)\n", *argv);
a36ceb85 AH	223	return -1;
	224	}
	225
	226	/* check that we passed the correct parameters to the target */
852d5122 JHS	227	#if (XTABLES_VERSION_CODE >= 6)
	228	if (m)
	229	xtables_option_tfcall(m);
	230	#else
a36ceb85 AH	231	if (m && m->final_check)
a36ceb85 AH	232	m->final_check(m->tflags);
852d5122	233	#endif
a36ceb85 AH	234
	235	{
	236	struct tcmsg *t = NLMSG_DATA(n);
32a121cb	237
a36ceb85 AH	238	if (t->tcm_parent != TC_H_ROOT
	239	&& t->tcm_parent == TC_H_MAJ(TC_H_INGRESS)) {
	240	hook = NF_IP_PRE_ROUTING;
	241	} else {
	242	hook = NF_IP_POST_ROUTING;
	243	}
	244	}
	245
	246	tail = NLMSG_TAIL(n);
	247	addattr_l(n, MAX_MSG, tca_id, NULL, 0);
	248	fprintf(stdout, "tablename: %s hook: %s\n ", tname, ipthooks[hook]);
	249	fprintf(stdout, "\ttarget: ");
	250
44574522 PS	251	if (m) {
	252	if (m->print)
	253	m->print(NULL, m->t, 0);
	254	else
	255	printf("%s ", m->name);
	256	}
a36ceb85 AH	257	fprintf(stdout, " index %d\n", index);
	258
	259	if (strlen(tname) > 16) {
	260	size = 16;
	261	k[15] = 0;
	262	} else {
	263	size = 1 + strlen(tname);
	264	}
	265	strncpy(k, tname, size);
	266
	267	addattr_l(n, MAX_MSG, TCA_IPT_TABLE, k, size);
	268	addattr_l(n, MAX_MSG, TCA_IPT_HOOK, &hook, 4);
	269	addattr_l(n, MAX_MSG, TCA_IPT_INDEX, &index, 4);
	270	if (m)
	271	addattr_l(n, MAX_MSG, TCA_IPT_TARG, m->t, m->t->u.target_size);
	272	tail->rta_len = (void ) NLMSG_TAIL(n) - (void ) tail;
	273
a36ceb85	274	argv += optind;
28432f37	275	*argc_p -= argc;
a36ceb85 AH	276	*argv_p = argv;
	277
	278	optind = 0;
	279	xtables_free_opts(1);
a36ceb85	280
4f3626f9 DM	281	if (m) {
	282	/* Clear flags if target will be used again */
	283	m->tflags = 0;
	284	m->used = 0;
	285	/* Free allocated memory */
	286	if (m->t)
	287	free(m->t);
	288	}
a36ceb85 AH	289
	290	return 0;
	291
	292	}
	293
	294	static int
32a121cb	295	print_ipt(struct action_util au, FILE f, struct rtattr *arg)
a36ceb85	296	{
b45f9141	297	struct xtables_target *m;
a36ceb85 AH	298	struct rtattr *tb[TCA_IPT_MAX + 1];
a36ceb85 AH	299	struct xt_entry_target *t = NULL;
852d5122	300	struct option *opts = NULL;
a36ceb85 AH	301
	302	if (arg == NULL)
	303	return -1;
	304
6e2e5ec2 AG	305	/* copy tcipt_globals because .opts will be modified by iptables */
	306	struct xtables_globals tmp_tcipt_globals = tcipt_globals;
	307
	308	xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
a36ceb85 AH	309	set_lib_dir();
	310
	311	parse_rtattr_nested(tb, TCA_IPT_MAX, arg);
	312
	313	if (tb[TCA_IPT_TABLE] == NULL) {
	314	fprintf(f, "[NULL ipt table name ] assuming mangle ");
	315	} else {
	316	fprintf(f, "tablename: %s ",
ff24746c	317	rta_getattr_str(tb[TCA_IPT_TABLE]));
a36ceb85 AH	318	}
	319
	320	if (tb[TCA_IPT_HOOK] == NULL) {
	321	fprintf(f, "[NULL ipt hook name ]\n ");
	322	return -1;
	323	} else {
	324	__u32 hook;
32a121cb	325
ff24746c	326	hook = rta_getattr_u32(tb[TCA_IPT_HOOK]);
32a121cb	327	fprintf(f, " hook: %s\n", ipthooks[hook]);
a36ceb85 AH	328	}
	329
	330	if (tb[TCA_IPT_TARG] == NULL) {
32a121cb	331	fprintf(f, "\t[NULL ipt target parameters ]\n");
a36ceb85	332	return -1;
b45f9141 PS	333	}
	334
	335	t = RTA_DATA(tb[TCA_IPT_TARG]);
	336	m = xtables_find_target(t->u.user.name, XTF_TRY_LOAD);
	337	if (!m) {
	338	fprintf(stderr, " failed to find target %s\n\n",
	339	t->u.user.name);
	340	return -1;
	341	}
	342	if (build_st(m, t) < 0) {
	343	fprintf(stderr, " %s error\n", m->name);
	344	return -1;
	345	}
a36ceb85	346
73de5d96	347	#if (XTABLES_VERSION_CODE >= 6)
b45f9141 PS	348	opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
	349	tmp_tcipt_globals.opts,
	350	m->x6_options,
	351	&m->option_offset);
852d5122	352	#else
b45f9141 PS	353	opts = xtables_merge_options(tmp_tcipt_globals.opts,
	354	m->extra_opts,
	355	&m->option_offset);
73de5d96	356	#endif
b45f9141 PS	357	if (opts == NULL) {
	358	fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
	359	return -1;
	360	} else
	361	tmp_tcipt_globals.opts = opts;
	362	fprintf(f, "\ttarget ");
	363	m->print(NULL, m->t, 0);
	364	if (tb[TCA_IPT_INDEX] == NULL) {
	365	fprintf(f, " [NULL ipt target index ]\n");
	366	} else {
	367	__u32 index;
32a121cb	368
b45f9141 PS	369	index = rta_getattr_u32(tb[TCA_IPT_INDEX]);
	370	fprintf(f, "\n\tindex %d", index);
	371	}
a36ceb85	372
b45f9141 PS	373	if (tb[TCA_IPT_CNT]) {
b45f9141 PS	374	struct tc_cnt *c = RTA_DATA(tb[TCA_IPT_CNT]);
32a121cb	375
b45f9141 PS	376	fprintf(f, " ref %d bind %d", c->refcnt, c->bindcnt);
	377	}
	378	if (show_stats) {
	379	if (tb[TCA_IPT_TM]) {
	380	struct tcf_t *tm = RTA_DATA(tb[TCA_IPT_TM]);
32a121cb	381
b45f9141	382	print_tm(f, tm);
a36ceb85	383	}
a36ceb85	384	}
b45f9141 PS	385	fprintf(f, "\n");
b45f9141 PS	386
a36ceb85 AH	387	xtables_free_opts(1);
	388
	389	return 0;
	390	}
	391
8e91a80d	392	struct action_util xt_action_util = {
32a121cb SH	393	.id = "xt",
	394	.parse_aopt = parse_ipt,
	395	.print_aopt = print_ipt,
a36ceb85	396	};