[iproute2.git] / debian / patches / 0004-sync-iptables-header.patch

Description: Sync header from iptables
 The current versions in several suites have the same content:
  - 1.6.0+snapshot20161117-6 (stretch)
  - 1.6.1-2 (unstable)
Bug: https://bugs.debian.og/868059
Forwarded: not-needed
Author: Cyril Brulebois <cyril@debamax.com>
Last-Update: 2017-11-22
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -205,9 +205,24 @@ enum xtables_ext_flags {
 	XTABLES_EXT_ALIAS = 1 << 0,
 };
 
+struct xt_xlate;
+
+struct xt_xlate_mt_params {
+	const void			*ip;
+	const struct xt_entry_match	*match;
+	int				numeric;
+	bool				escape_quotes;
+};
+
+struct xt_xlate_tg_params {
+	const void			*ip;
+	const struct xt_entry_target	*target;
+	int				numeric;
+	bool				escape_quotes;
+};
+
 /* Include file for additions: new matches and targets. */
-struct xtables_match
-{
+struct xtables_match {
 	/*
 	 * ABI/API version this module requires. Must be first member,
 	 * as the rest of this struct may be subject to ABI changes.
@@ -269,6 +284,10 @@ struct xtables_match
 	void (*x6_fcheck)(struct xt_fcheck_call *);
 	const struct xt_option_entry *x6_options;
 
+	/* Translate iptables to nft */
+	int (*xlate)(struct xt_xlate *xl,
+		     const struct xt_xlate_mt_params *params);
+
 	/* Size of per-extension instance extra "global" scratch space */
 	size_t udata_size;
 
@@ -280,8 +299,7 @@ struct xtables_match
 	unsigned int loaded; /* simulate loading so options are merged properly */
 };
 
-struct xtables_target
-{
+struct xtables_target {
 	/*
 	 * ABI/API version this module requires. Must be first member,
 	 * as the rest of this struct may be subject to ABI changes.
@@ -346,6 +364,10 @@ struct xtables_target
 	void (*x6_fcheck)(struct xt_fcheck_call *);
 	const struct xt_option_entry *x6_options;
 
+	/* Translate iptables to nft */
+	int (*xlate)(struct xt_xlate *xl,
+		     const struct xt_xlate_tg_params *params);
+
 	size_t udata_size;
 
 	/* Ignore these men behind the curtain: */
@@ -406,6 +428,17 @@ struct xtables_globals
 
 #define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false}
 
+/*
+ * enum op-
+ *
+ * For writing clean nftables translations code
+ */
+enum xt_op {
+	XT_OP_EQ,
+	XT_OP_NEQ,
+	XT_OP_MAX,
+};
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -548,6 +581,14 @@ extern void xtables_lmap_free(struct xta
 extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *);
 extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int);
 
+/* xlate infrastructure */
+struct xt_xlate *xt_xlate_alloc(int size);
+void xt_xlate_free(struct xt_xlate *xl);
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
+void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment);
+const char *xt_xlate_get_comment(struct xt_xlate *xl);
+const char *xt_xlate_get(struct xt_xlate *xl);
+
 #ifdef XTABLES_INTERNAL
 
 /* Shipped modules rely on this... */
Commit	Line	Data
cd0d3ac3 WB	1	Description: Sync header from iptables
	2	The current versions in several suites have the same content:
	3	- 1.6.0+snapshot20161117-6 (stretch)
	4	- 1.6.1-2 (unstable)
	5	Bug: https://bugs.debian.og/868059
	6	Forwarded: not-needed
	7	Author: Cyril Brulebois <cyril@debamax.com>
	8	Last-Update: 2017-11-22
	9	--- a/include/xtables.h
	10	+++ b/include/xtables.h
	11	@@ -205,9 +205,24 @@ enum xtables_ext_flags {
	12	XTABLES_EXT_ALIAS = 1 << 0,
	13	};
	14
	15	+struct xt_xlate;
	16	+
	17	+struct xt_xlate_mt_params {
	18	+ const void *ip;
	19	+ const struct xt_entry_match *match;
	20	+ int numeric;
	21	+ bool escape_quotes;
	22	+};
	23	+
	24	+struct xt_xlate_tg_params {
	25	+ const void *ip;
	26	+ const struct xt_entry_target *target;
	27	+ int numeric;
	28	+ bool escape_quotes;
	29	+};
	30	+
	31	/* Include file for additions: new matches and targets. */
	32	-struct xtables_match
	33	-{
	34	+struct xtables_match {
	35	/*
	36	* ABI/API version this module requires. Must be first member,
	37	* as the rest of this struct may be subject to ABI changes.
	38	@@ -269,6 +284,10 @@ struct xtables_match
	39	void (x6_fcheck)(struct xt_fcheck_call );
	40	const struct xt_option_entry *x6_options;
	41
	42	+ /* Translate iptables to nft */
	43	+ int (xlate)(struct xt_xlate xl,
	44	+ const struct xt_xlate_mt_params *params);
	45	+
	46	/* Size of per-extension instance extra "global" scratch space */
	47	size_t udata_size;
	48
	49	@@ -280,8 +299,7 @@ struct xtables_match
	50	unsigned int loaded; /* simulate loading so options are merged properly */
	51	};
	52
	53	-struct xtables_target
	54	-{
	55	+struct xtables_target {
	56	/*
	57	* ABI/API version this module requires. Must be first member,
	58	* as the rest of this struct may be subject to ABI changes.
	59	@@ -346,6 +364,10 @@ struct xtables_target
	60	void (x6_fcheck)(struct xt_fcheck_call );
	61	const struct xt_option_entry *x6_options;
	62
	63	+ /* Translate iptables to nft */
	64	+ int (xlate)(struct xt_xlate xl,
65	+ const struct xt_xlate_tg_params *params);
66	+
67	size_t udata_size;
68
69	/* Ignore these men behind the curtain: */
70	@@ -406,6 +428,17 @@ struct xtables_globals
71
72	#define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false}
73
74	+/*
75	+ * enum op-
76	+ *
77	+ * For writing clean nftables translations code
78	+ */
79	+enum xt_op {
80	+ XT_OP_EQ,
81	+ XT_OP_NEQ,
82	+ XT_OP_MAX,
83	+};
84	+
85	#ifdef __cplusplus
86	extern "C" {
87	#endif
88	@@ -548,6 +581,14 @@ extern void xtables_lmap_free(struct xta
89	extern int xtables_lmap_name2id(const struct xtables_lmap , const char );
90	extern const char xtables_lmap_id2name(const struct xtables_lmap , int);
91
92	+/* xlate infrastructure */
93	+struct xt_xlate *xt_xlate_alloc(int size);
94	+void xt_xlate_free(struct xt_xlate *xl);
95	+void xt_xlate_add(struct xt_xlate xl, const char fmt, ...);
96	+void xt_xlate_add_comment(struct xt_xlate xl, const char comment);
97	+const char xt_xlate_get_comment(struct xt_xlate xl);
98	+const char xt_xlate_get(struct xt_xlate xl);
99	+
100	#ifdef XTABLES_INTERNAL
101
102	/* Shipped modules rely on this... */