]> git.proxmox.com Git - mirror_iproute2.git/blob - tc/m_xt.c
projects / mirror_iproute2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tc: m_xt: Fix indenting
[mirror_iproute2.git] / tc / m_xt.c
1 /*
2 * m_xt.c xtables based targets
3 * utilities mostly ripped from iptables <duh, its the linux way>
4 *
5 * This program is free software; you can distribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version
8 * 2 of the License, or (at your option) any later version.
9 *
10 * Authors: J Hadi Salim (hadi@cyberus.ca)
11 */
12
13 #include <syslog.h>
14 #include <sys/socket.h>
15 #include <netinet/in.h>
16 #include <arpa/inet.h>
17 #include <net/if.h>
18 #include <limits.h>
19 #include <linux/netfilter.h>
20 #include <linux/netfilter_ipv4/ip_tables.h>
21 #include <xtables.h>
22 #include "utils.h"
23 #include "tc_util.h"
24 #include <linux/tc_act/tc_ipt.h>
25 #include <stdio.h>
26 #include <dlfcn.h>
27 #include <getopt.h>
28 #include <errno.h>
29 #include <string.h>
30 #include <netdb.h>
31 #include <stdlib.h>
32 #include <ctype.h>
33 #include <stdarg.h>
34 #include <unistd.h>
35 #include <fcntl.h>
36 #include <sys/wait.h>
37 #ifndef XT_LIB_DIR
38 # define XT_LIB_DIR "/lib/xtables"
39 #endif
40
41 #ifndef __ALIGN_KERNEL
42 #define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (typeof(x))(a) - 1)
43 #define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
44 #endif
45
46 #ifndef ALIGN
47 #define ALIGN(x, a) __ALIGN_KERNEL((x), (a))
48 #endif
49
50 static const char *tname = "mangle";
51
52 char *lib_dir;
53
54 static const char *ipthooks[] = {
55 "NF_IP_PRE_ROUTING",
56 "NF_IP_LOCAL_IN",
57 "NF_IP_FORWARD",
58 "NF_IP_LOCAL_OUT",
59 "NF_IP_POST_ROUTING",
60 };
61
62 static struct option original_opts[] = {
63 {
64 .name = "jump",
65 .has_arg = 1,
66 .val = 'j'
67 },
68 {0, 0, 0, 0}
69 };
70
71 static struct xtables_globals tcipt_globals = {
72 .option_offset = 0,
73 .program_name = "tc-ipt",
74 .program_version = "0.2",
75 .orig_opts = original_opts,
76 .opts = original_opts,
77 .exit_err = NULL,
78 };
79
80 /*
81 * we may need to check for version mismatch
82 */
83 static int
84 build_st(struct xtables_target *target, struct xt_entry_target *t)
85 {
86
87 size_t size =
88 XT_ALIGN(sizeof(struct xt_entry_target)) + target->size;
89
90 if (t == NULL) {
91 target->t = xtables_calloc(1, size);
92 target->t->u.target_size = size;
93 strcpy(target->t->u.user.name, target->name);
94 target->t->u.user.revision = target->revision;
95
96 if (target->init != NULL)
97 target->init(target->t);
98 } else {
99 target->t = t;
100 }
101 return 0;
102
103 }
104
105 static void set_lib_dir(void)
106 {
107
108 lib_dir = getenv("XTABLES_LIBDIR");
109 if (!lib_dir) {
110 lib_dir = getenv("IPTABLES_LIB_DIR");
111 if (lib_dir)
112 fprintf(stderr, "using deprecated IPTABLES_LIB_DIR\n");
113 }
114 if (lib_dir == NULL)
115 lib_dir = XT_LIB_DIR;
116
117 }
118
119 static int parse_ipt(struct action_util *a, int *argc_p,
120 char ***argv_p, int tca_id, struct nlmsghdr *n)
121 {
122 struct xtables_target *m = NULL;
123 struct ipt_entry fw;
124 struct rtattr *tail;
125
126 int c;
127 int rargc = *argc_p;
128 char **argv = *argv_p;
129 int argc = 0, iargc = 0;
130 char k[16];
131 int size = 0;
132 int iok = 0, ok = 0;
133 __u32 hook = 0, index = 0;
134 struct option *opts = NULL;
135
136 /* copy tcipt_globals because .opts will be modified by iptables */
137 struct xtables_globals tmp_tcipt_globals = tcipt_globals;
138 xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
139 set_lib_dir();
140
141 {
142 int i;
143
144 for (i = 0; i < rargc; i++) {
145 if (NULL == argv[i] || 0 == strcmp(argv[i], "action")) {
146 break;
147 }
148 }
149 iargc = argc = i;
150 }
151
152 if (argc <= 2) {
153 fprintf(stderr, "bad arguments to ipt %d vs %d\n", argc, rargc);
154 return -1;
155 }
156
157 while (1) {
158 c = getopt_long(argc, argv, "j:", tmp_tcipt_globals.opts, NULL);
159 if (c == -1)
160 break;
161 switch (c) {
162 case 'j':
163 m = xtables_find_target(optarg, XTF_TRY_LOAD);
164 if (!m) {
165 fprintf(stderr, " failed to find target %s\n\n", optarg);
166 return -1;
167 }
168
169 if (build_st(m, NULL) < 0) {
170 printf(" %s error\n", m->name);
171 return -1;
172 }
173 #if (XTABLES_VERSION_CODE >= 6)
174 opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
175 tmp_tcipt_globals.opts,
176 m->x6_options,
177 &m->option_offset);
178 #else
179 opts = xtables_merge_options(tmp_tcipt_globals.opts,
180 m->extra_opts,
181 &m->option_offset);
182 #endif
183 if (opts == NULL) {
184 fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
185 return -1;
186 } else
187 tmp_tcipt_globals.opts = opts;
188 ok++;
189 break;
190
191 default:
192 memset(&fw, 0, sizeof(fw));
193 #if (XTABLES_VERSION_CODE >= 6)
194 if (m != NULL && m->x6_parse != NULL) {
195 xtables_option_tpcall(c, argv, 0, m, NULL);
196 #else
197 if (m != NULL && m->parse != NULL) {
198 m->parse(c - m->option_offset, argv, 0,
199 &m->tflags, NULL, &m->t);
200 #endif
201 } else {
202 fprintf(stderr, "failed to find target %s\n\n", optarg);
203 return -1;
204
205 }
206 ok++;
207 break;
208 }
209 }
210
211 if (iargc > optind) {
212 if (matches(argv[optind], "index") == 0) {
213 if (get_u32(&index, argv[optind + 1], 10)) {
214 fprintf(stderr, "Illegal \"index\"\n");
215 xtables_free_opts(1);
216 return -1;
217 }
218 iok++;
219
220 optind += 2;
221 }
222 }
223
224 if (!ok && !iok) {
225 fprintf(stderr, " ipt Parser BAD!! (%s)\n", *argv);
226 return -1;
227 }
228
229 /* check that we passed the correct parameters to the target */
230 #if (XTABLES_VERSION_CODE >= 6)
231 if (m)
232 xtables_option_tfcall(m);
233 #else
234 if (m && m->final_check)
235 m->final_check(m->tflags);
236 #endif
237
238 {
239 struct tcmsg *t = NLMSG_DATA(n);
240
241 if (t->tcm_parent != TC_H_ROOT
242 && t->tcm_parent == TC_H_MAJ(TC_H_INGRESS)) {
243 hook = NF_IP_PRE_ROUTING;
244 } else {
245 hook = NF_IP_POST_ROUTING;
246 }
247 }
248
249 tail = NLMSG_TAIL(n);
250 addattr_l(n, MAX_MSG, tca_id, NULL, 0);
251 fprintf(stdout, "tablename: %s hook: %s\n ", tname, ipthooks[hook]);
252 fprintf(stdout, "\ttarget: ");
253
254 if (m) {
255 if (m->print)
256 m->print(NULL, m->t, 0);
257 else
258 printf("%s ", m->name);
259 }
260 fprintf(stdout, " index %d\n", index);
261
262 if (strlen(tname) > 16) {
263 size = 16;
264 k[15] = 0;
265 } else {
266 size = 1 + strlen(tname);
267 }
268 strncpy(k, tname, size);
269
270 addattr_l(n, MAX_MSG, TCA_IPT_TABLE, k, size);
271 addattr_l(n, MAX_MSG, TCA_IPT_HOOK, &hook, 4);
272 addattr_l(n, MAX_MSG, TCA_IPT_INDEX, &index, 4);
273 if (m)
274 addattr_l(n, MAX_MSG, TCA_IPT_TARG, m->t, m->t->u.target_size);
275 tail->rta_len = (void *) NLMSG_TAIL(n) - (void *) tail;
276
277 argc -= optind;
278 argv += optind;
279 *argc_p = rargc - iargc;
280 *argv_p = argv;
281
282 optind = 0;
283 xtables_free_opts(1);
284
285 if (m) {
286 /* Clear flags if target will be used again */
287 m->tflags = 0;
288 m->used = 0;
289 /* Free allocated memory */
290 if (m->t)
291 free(m->t);
292 }
293
294 return 0;
295
296 }
297
298 static int
299 print_ipt(struct action_util *au, FILE * f, struct rtattr *arg)
300 {
301 struct rtattr *tb[TCA_IPT_MAX + 1];
302 struct xt_entry_target *t = NULL;
303 struct option *opts = NULL;
304
305 if (arg == NULL)
306 return -1;
307
308 /* copy tcipt_globals because .opts will be modified by iptables */
309 struct xtables_globals tmp_tcipt_globals = tcipt_globals;
310
311 xtables_init_all(&tmp_tcipt_globals, NFPROTO_IPV4);
312 set_lib_dir();
313
314 parse_rtattr_nested(tb, TCA_IPT_MAX, arg);
315
316 if (tb[TCA_IPT_TABLE] == NULL) {
317 fprintf(f, "[NULL ipt table name ] assuming mangle ");
318 } else {
319 fprintf(f, "tablename: %s ",
320 rta_getattr_str(tb[TCA_IPT_TABLE]));
321 }
322
323 if (tb[TCA_IPT_HOOK] == NULL) {
324 fprintf(f, "[NULL ipt hook name ]\n ");
325 return -1;
326 } else {
327 __u32 hook;
328
329 hook = rta_getattr_u32(tb[TCA_IPT_HOOK]);
330 fprintf(f, " hook: %s\n", ipthooks[hook]);
331 }
332
333 if (tb[TCA_IPT_TARG] == NULL) {
334 fprintf(f, "\t[NULL ipt target parameters ]\n");
335 return -1;
336 } else {
337 struct xtables_target *m = NULL;
338
339 t = RTA_DATA(tb[TCA_IPT_TARG]);
340 m = xtables_find_target(t->u.user.name, XTF_TRY_LOAD);
341 if (!m) {
342 fprintf(stderr, " failed to find target %s\n\n",
343 t->u.user.name);
344 return -1;
345 }
346 if (build_st(m, t) < 0) {
347 fprintf(stderr, " %s error\n", m->name);
348 return -1;
349 }
350
351 #if (XTABLES_VERSION_CODE >= 6)
352 opts = xtables_options_xfrm(tmp_tcipt_globals.orig_opts,
353 tmp_tcipt_globals.opts,
354 m->x6_options,
355 &m->option_offset);
356 #else
357 opts = xtables_merge_options(tmp_tcipt_globals.opts,
358 m->extra_opts,
359 &m->option_offset);
360 #endif
361 if (opts == NULL) {
362 fprintf(stderr, " failed to find additional options for target %s\n\n", optarg);
363 return -1;
364 } else
365 tmp_tcipt_globals.opts = opts;
366 fprintf(f, "\ttarget ");
367 m->print(NULL, m->t, 0);
368 if (tb[TCA_IPT_INDEX] == NULL) {
369 fprintf(f, " [NULL ipt target index ]\n");
370 } else {
371 __u32 index;
372
373 index = rta_getattr_u32(tb[TCA_IPT_INDEX]);
374 fprintf(f, "\n\tindex %d", index);
375 }
376
377 if (tb[TCA_IPT_CNT]) {
378 struct tc_cnt *c = RTA_DATA(tb[TCA_IPT_CNT]);
379
380 fprintf(f, " ref %d bind %d", c->refcnt, c->bindcnt);
381 }
382 if (show_stats) {
383 if (tb[TCA_IPT_TM]) {
384 struct tcf_t *tm = RTA_DATA(tb[TCA_IPT_TM]);
385
386 print_tm(f, tm);
387 }
388 }
389 fprintf(f, "\n");
390
391 }
392 xtables_free_opts(1);
393
394 return 0;
395 }
396
397 struct action_util xt_action_util = {
398 .id = "xt",
399 .parse_aopt = parse_ipt,
400 .print_aopt = print_ipt,
401 };
Upstream mirror of iproute2