diff options
author | Steve Kondik <steve@cyngn.com> | 2016-09-23 10:09:51 -0700 |
---|---|---|
committer | Steve Kondik <steve@cyngn.com> | 2016-09-25 22:13:54 -0700 |
commit | 8b1e493df0ebad8ba6015a2bdae794fe04ffa982 (patch) | |
tree | 767a23e9d608ffc4df2b761540fafc8ea54a2cc7 | |
parent | d675c8a0972c9541c62c92cbfea24eabd75d1ff2 (diff) | |
download | android_external_ebtables-cm-14.0.tar.gz android_external_ebtables-cm-14.0.tar.bz2 android_external_ebtables-cm-14.0.zip |
* There is no need to create 20 shared libraries on an Android
build. Convert to a standalone build to eliminate this noise.
* Additionally, the scriptage in the Android makefile causes
Ninja to regenerate it's configuration for every build. Fix it.
* These files can be generated by the standard makefile as part
of the "static" target.
Change-Id: I1de9f93caf563c10f49c72a884b4c96aaf5335e0
-rw-r--r-- | Android.mk | 74 | ||||
-rw-r--r-- | extensions/ebt_802_3.c | 2 | ||||
-rw-r--r-- | extensions/ebt_among.c | 2 | ||||
-rw-r--r-- | extensions/ebt_arp.c | 2 | ||||
-rw-r--r-- | extensions/ebt_arpreply.c | 2 | ||||
-rw-r--r-- | extensions/ebt_ip.c | 2 | ||||
-rw-r--r-- | extensions/ebt_ip6.c | 2 | ||||
-rw-r--r-- | extensions/ebt_limit.c | 2 | ||||
-rw-r--r-- | extensions/ebt_log.c | 2 | ||||
-rw-r--r-- | extensions/ebt_mark.c | 2 | ||||
-rw-r--r-- | extensions/ebt_mark_m.c | 2 | ||||
-rw-r--r-- | extensions/ebt_nat.c | 2 | ||||
-rw-r--r-- | extensions/ebt_nflog.c | 2 | ||||
-rw-r--r-- | extensions/ebt_pkttype.c | 2 | ||||
-rw-r--r-- | extensions/ebt_redirect.c | 2 | ||||
-rw-r--r-- | extensions/ebt_standard.c | 2 | ||||
-rw-r--r-- | extensions/ebt_stp.c | 2 | ||||
-rw-r--r-- | extensions/ebt_ulog.c | 2 | ||||
-rw-r--r-- | extensions/ebt_vlan.c | 2 | ||||
-rw-r--r-- | extensions/ebtable_broute.c | 2 | ||||
-rw-r--r-- | extensions/ebtable_filter.c | 2 | ||||
-rw-r--r-- | extensions/ebtable_nat.c | 2 | ||||
-rw-r--r-- | include/ebtables_u.h | 26 | ||||
-rw-r--r-- | include/ebtables_u.h_ | 392 |
24 files changed, 503 insertions, 31 deletions
@@ -1,6 +1,68 @@ -#Avoid building ebtables for emulator -ifeq ($(call is-vendor-board-platform,QCOM),true) - include $(call all-subdir-makefiles) -else - $(info "ebtables is disabled on this build") -endif +# BUILD libebtc.so + +LOCAL_PATH:= $(call my-dir) + +cflags := -O2 -g \ + -DPROGNAME=\"ebtables\" \ + -DPROGVERSION=\"2.0.10\" \ + -DPROGDATE=\"December\ 2011\" \ + -Wno-sign-compare -Wno-missing-field-initializers \ + -Wno-ignored-qualifiers -Wno-unused-parameter \ + -Wno-#pragma-messages + +extensions_src_files := \ + extensions/ebt_802_3.c \ + extensions/ebt_among.c \ + extensions/ebt_arp.c \ + extensions/ebt_arpreply.c \ + extensions/ebt_ip.c \ + extensions/ebt_ip6.c \ + extensions/ebt_limit.c \ + extensions/ebt_log.c \ + extensions/ebt_mark.c \ + extensions/ebt_mark_m.c \ + extensions/ebt_nat.c \ + extensions/ebt_nflog.c \ + extensions/ebt_pkttype.c \ + extensions/ebt_redirect.c \ + extensions/ebt_standard.c \ + extensions/ebt_stp.c \ + extensions/ebt_ulog.c \ + extensions/ebt_vlan.c \ + extensions/ebtable_broute.c \ + extensions/ebtable_filter.c \ + extensions/ebtable_nat.c + +include $(CLEAR_VARS) + +LOCAL_SRC_FILES := \ + getethertype.c \ + communication.c \ + libebtc.c \ + useful_functions.c \ + ebtables.c \ + $(extensions_src_files) \ + ebtables-standalone.c + +LOCAL_C_INCLUDES := $(LOCAL_PATH)/include +LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include +LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr + +LOCAL_CFLAGS := $(cflags) +LOCAL_LDFLAGS := -nostartfiles +LOCAL_MODULE := ebtables + +LOCAL_MODULE_TAGS := optional + +include $(BUILD_EXECUTABLE) + + +#######dss_test_104########## +include $(CLEAR_VARS) +LOCAL_MODULE:= ethertypes +LOCAL_MODULE_CLASS := EXECUTABLES +LOCAL_SRC_FILES := ethertypes +LOCAL_MODULE_TAGS := optional +LOCAL_MODULE_PATH := $(TARGET_OUT_ETC) +include $(BUILD_PREBUILT) + diff --git a/extensions/ebt_802_3.c b/extensions/ebt_802_3.c index dd22eb2..2d84349 100644 --- a/extensions/ebt_802_3.c +++ b/extensions/ebt_802_3.c @@ -141,7 +141,7 @@ static struct ebt_u_match _802_3_match = .extra_ops = opts, }; -void _init(void) +void _802_3_init(void) { ebt_register_match(&_802_3_match); } diff --git a/extensions/ebt_among.c b/extensions/ebt_among.c index f97d07e..2f78ad1 100644 --- a/extensions/ebt_among.c +++ b/extensions/ebt_among.c @@ -491,7 +491,7 @@ static struct ebt_u_match among_match = { .extra_ops = opts, }; -void _init(void) +void _among_init(void) { ebt_register_match(&among_match); } diff --git a/extensions/ebt_arp.c b/extensions/ebt_arp.c index 64d337d..fd684ac 100644 --- a/extensions/ebt_arp.c +++ b/extensions/ebt_arp.c @@ -362,7 +362,7 @@ static struct ebt_u_match arp_match = .extra_ops = opts, }; -void _init(void) +void _arp_init(void) { ebt_register_match(&arp_match); } diff --git a/extensions/ebt_arpreply.c b/extensions/ebt_arpreply.c index c3757f3..3757097 100644 --- a/extensions/ebt_arpreply.c +++ b/extensions/ebt_arpreply.c @@ -133,7 +133,7 @@ static struct ebt_u_target arpreply_target = .extra_ops = opts, }; -void _init(void) +void _arpreply_init(void) { ebt_register_target(&arpreply_target); } diff --git a/extensions/ebt_ip.c b/extensions/ebt_ip.c index 4e0b7f0..86e9659 100644 --- a/extensions/ebt_ip.c +++ b/extensions/ebt_ip.c @@ -338,7 +338,7 @@ static struct ebt_u_match ip_match = .extra_ops = opts, }; -void _init(void) +void _ip_init(void) { ebt_register_match(&ip_match); } diff --git a/extensions/ebt_ip6.c b/extensions/ebt_ip6.c index 0465e77..7e65d76 100644 --- a/extensions/ebt_ip6.c +++ b/extensions/ebt_ip6.c @@ -556,7 +556,7 @@ static struct ebt_u_match ip6_match = .extra_ops = opts, }; -void _init(void) +void _ip6_init(void) { ebt_register_match(&ip6_match); } diff --git a/extensions/ebt_limit.c b/extensions/ebt_limit.c index ee40e5c..6a443e5 100644 --- a/extensions/ebt_limit.c +++ b/extensions/ebt_limit.c @@ -212,7 +212,7 @@ static struct ebt_u_match limit_match = .extra_ops = opts, }; -void _init(void) +void _limit_init(void) { ebt_register_match(&limit_match); } diff --git a/extensions/ebt_log.c b/extensions/ebt_log.c index 1cf831a..053d73b 100644 --- a/extensions/ebt_log.c +++ b/extensions/ebt_log.c @@ -217,7 +217,7 @@ static struct ebt_u_watcher log_watcher = .extra_ops = opts, }; -void _init(void) +void _log_init(void) { ebt_register_watcher(&log_watcher); } diff --git a/extensions/ebt_mark.c b/extensions/ebt_mark.c index 5776b1c..051e2e7 100644 --- a/extensions/ebt_mark.c +++ b/extensions/ebt_mark.c @@ -172,7 +172,7 @@ static struct ebt_u_target mark_target = .extra_ops = opts, }; -void _init(void) +void _mark_init(void) { ebt_register_target(&mark_target); } diff --git a/extensions/ebt_mark_m.c b/extensions/ebt_mark_m.c index 2a259b0..3ef6651 100644 --- a/extensions/ebt_mark_m.c +++ b/extensions/ebt_mark_m.c @@ -121,7 +121,7 @@ static struct ebt_u_match mark_match = .extra_ops = opts, }; -void _init(void) +void _mark_m_init(void) { ebt_register_match(&mark_match); } diff --git a/extensions/ebt_nat.c b/extensions/ebt_nat.c index e6afbf8..8405091 100644 --- a/extensions/ebt_nat.c +++ b/extensions/ebt_nat.c @@ -231,7 +231,7 @@ static struct ebt_u_target dnat_target = .extra_ops = opts_d, }; -void _init(void) +void _nat_init(void) { ebt_register_target(&snat_target); ebt_register_target(&dnat_target); diff --git a/extensions/ebt_nflog.c b/extensions/ebt_nflog.c index 0cd10e0..89c5ce1 100644 --- a/extensions/ebt_nflog.c +++ b/extensions/ebt_nflog.c @@ -166,7 +166,7 @@ static struct ebt_u_watcher nflog_watcher = { .extra_ops = nflog_opts, }; -void _init(void) +void _nflog_init(void) { ebt_register_watcher(&nflog_watcher); } diff --git a/extensions/ebt_pkttype.c b/extensions/ebt_pkttype.c index 5b5cb03..d3d925e 100644 --- a/extensions/ebt_pkttype.c +++ b/extensions/ebt_pkttype.c @@ -125,7 +125,7 @@ static struct ebt_u_match pkttype_match = .extra_ops = opts, }; -void _init(void) +void _pkttype_init(void) { ebt_register_match(&pkttype_match); } diff --git a/extensions/ebt_redirect.c b/extensions/ebt_redirect.c index e470818..2ec4736 100644 --- a/extensions/ebt_redirect.c +++ b/extensions/ebt_redirect.c @@ -108,7 +108,7 @@ static struct ebt_u_target redirect_target = .extra_ops = opts, }; -void _init(void) +void _redirect_init(void) { ebt_register_target(&redirect_target); } diff --git a/extensions/ebt_standard.c b/extensions/ebt_standard.c index 67d4d7c..a0e98d4 100644 --- a/extensions/ebt_standard.c +++ b/extensions/ebt_standard.c @@ -84,7 +84,7 @@ static struct ebt_u_target standard = .extra_ops = opts, }; -void _init(void) +void _standard_init(void) { ebt_register_target(&standard); } diff --git a/extensions/ebt_stp.c b/extensions/ebt_stp.c index 2b108a7..5e20f28 100644 --- a/extensions/ebt_stp.c +++ b/extensions/ebt_stp.c @@ -337,7 +337,7 @@ static struct ebt_u_match stp_match = .extra_ops = opts, }; -void _init(void) +void _stp_init(void) { ebt_register_match(&stp_match); } diff --git a/extensions/ebt_ulog.c b/extensions/ebt_ulog.c index 162586d..5c2896a 100644 --- a/extensions/ebt_ulog.c +++ b/extensions/ebt_ulog.c @@ -180,7 +180,7 @@ static struct ebt_u_watcher ulog_watcher = .extra_ops = opts, }; -void _init(void) +void _ulog_init(void) { ebt_register_watcher(&ulog_watcher); } diff --git a/extensions/ebt_vlan.c b/extensions/ebt_vlan.c index 6714c82..a6b5e1c 100644 --- a/extensions/ebt_vlan.c +++ b/extensions/ebt_vlan.c @@ -181,7 +181,7 @@ static struct ebt_u_match vlan_match = { .extra_ops = opts, }; -void _init(void) +void _vlan_init(void) { ebt_register_match(&vlan_match); } diff --git a/extensions/ebtable_broute.c b/extensions/ebtable_broute.c index 5259355..ea7aa89 100644 --- a/extensions/ebtable_broute.c +++ b/extensions/ebtable_broute.c @@ -23,7 +23,7 @@ ebt_u_table table = .help = print_help, }; -void _init(void) +void _t_broute_init(void) { ebt_register_table(&table); } diff --git a/extensions/ebtable_filter.c b/extensions/ebtable_filter.c index e41fb84..5887d28 100644 --- a/extensions/ebtable_filter.c +++ b/extensions/ebtable_filter.c @@ -29,7 +29,7 @@ static struct ebt_u_table table = .help = print_help, }; -void _init(void) +void _t_filter_init(void) { ebt_register_table(&table); } diff --git a/extensions/ebtable_nat.c b/extensions/ebtable_nat.c index b21c9dd..52c5542 100644 --- a/extensions/ebtable_nat.c +++ b/extensions/ebtable_nat.c @@ -30,7 +30,7 @@ ebt_u_table table = .help = print_help, }; -void _init(void) +void _t_nat_init(void) { ebt_register_table(&table); } diff --git a/include/ebtables_u.h b/include/ebtables_u.h index 07dae8e..63ce231 100644 --- a/include/ebtables_u.h +++ b/include/ebtables_u.h @@ -26,12 +26,9 @@ #include <netinet/in.h> #ifdef __ANDROID_API__ -#pragma message "Found __ANDRIOD_API__, #undef __unused" #undef __unused -#include <ebtables.h> -#else -#include <linux/netfilter_bridge/ebtables.h> #endif +#include <linux/netfilter_bridge/ebtables.h> #include <linux/netfilter/x_tables.h> #ifndef IPPROTO_SCTP @@ -390,3 +387,24 @@ extern int ebt_printstyle_mac; # define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) #endif #endif /* EBTABLES_U_H */ +extern void _802_3_init(); +extern void _nat_init(); +extern void _arp_init(); +extern void _arpreply_init(); +extern void _ip_init(); +extern void _ip6_init(); +extern void _standard_init(); +extern void _log_init(); +extern void _redirect_init(); +extern void _vlan_init(); +extern void _mark_m_init(); +extern void _mark_init(); +extern void _pkttype_init(); +extern void _stp_init(); +extern void _among_init(); +extern void _limit_init(); +extern void _ulog_init(); +extern void _nflog_init(); +extern void _t_filter_init(); +extern void _t_nat_init(); +extern void _t_broute_init(); diff --git a/include/ebtables_u.h_ b/include/ebtables_u.h_ new file mode 100644 index 0000000..07dae8e --- /dev/null +++ b/include/ebtables_u.h_ @@ -0,0 +1,392 @@ +/* + * $Id: ebtables.c,v 1.03 2002/01/19 + * + * Copyright (C) 2001-2002 Bart De Schuymer + * + * This code is stongly inspired on the iptables code which is + * Copyright (C) 1999 Paul `Rusty' Russell & Michael J. Neuling + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#ifndef EBTABLES_U_H +#define EBTABLES_U_H +#include <netinet/in.h> + +#ifdef __ANDROID_API__ +#pragma message "Found __ANDRIOD_API__, #undef __unused" +#undef __unused +#include <ebtables.h> +#else +#include <linux/netfilter_bridge/ebtables.h> +#endif +#include <linux/netfilter/x_tables.h> + +#ifndef IPPROTO_SCTP +#define IPPROTO_SCTP 132 +#endif +#ifndef IPPROTO_DCCP +#define IPPROTO_DCCP 33 +#endif + +#define EXEC_STYLE_PRG 0 +#define EXEC_STYLE_DAEMON 1 + +#ifndef EBT_MIN_ALIGN +#define EBT_MIN_ALIGN (__alignof__(struct _xt_align)) +#endif +#define EBT_ALIGN(s) (((s) + (EBT_MIN_ALIGN-1)) & ~(EBT_MIN_ALIGN-1)) +#define ERRORMSG_MAXLEN 128 + +struct ebt_u_entries +{ + int policy; + unsigned int nentries; + /* counter offset for this chain */ + unsigned int counter_offset; + /* used for udc */ + unsigned int hook_mask; + char *kernel_start; + char name[EBT_CHAIN_MAXNAMELEN]; + struct ebt_u_entry *entries; +}; + +struct ebt_cntchanges +{ + unsigned short type; + unsigned short change; /* determines incremental/decremental/change */ + struct ebt_cntchanges *prev; + struct ebt_cntchanges *next; +}; + +#define EBT_ORI_MAX_CHAINS 10 +struct ebt_u_replace +{ + char name[EBT_TABLE_MAXNAMELEN]; + unsigned int valid_hooks; + /* nr of rules in the table */ + unsigned int nentries; + unsigned int num_chains; + unsigned int max_chains; + struct ebt_u_entries **chains; + /* nr of counters userspace expects back */ + unsigned int num_counters; + /* where the kernel will put the old counters */ + struct ebt_counter *counters; + /* + * can be used e.g. to know if a standard option + * has been specified twice + */ + unsigned int flags; + /* we stick the specified command (e.g. -A) in here */ + char command; + /* + * here we stick the chain to do our thing on (can be -1 if unspecified) + */ + int selected_chain; + /* used for the atomic option */ + char *filename; + /* tells what happened to the old rules (counter changes) */ + struct ebt_cntchanges *cc; +}; + +struct ebt_u_table +{ + char name[EBT_TABLE_MAXNAMELEN]; + void (*check)(struct ebt_u_replace *repl); + void (*help)(const char **); + struct ebt_u_table *next; +}; + +struct ebt_u_match_list +{ + struct ebt_u_match_list *next; + struct ebt_entry_match *m; +}; + +struct ebt_u_watcher_list +{ + struct ebt_u_watcher_list *next; + struct ebt_entry_watcher *w; +}; + +struct ebt_u_entry +{ + unsigned int bitmask; + unsigned int invflags; + uint16_t ethproto; + char in[IFNAMSIZ]; + char logical_in[IFNAMSIZ]; + char out[IFNAMSIZ]; + char logical_out[IFNAMSIZ]; + unsigned char sourcemac[ETH_ALEN]; + unsigned char sourcemsk[ETH_ALEN]; + unsigned char destmac[ETH_ALEN]; + unsigned char destmsk[ETH_ALEN]; + struct ebt_u_match_list *m_list; + struct ebt_u_watcher_list *w_list; + struct ebt_entry_target *t; + struct ebt_u_entry *prev; + struct ebt_u_entry *next; + struct ebt_counter cnt; + struct ebt_counter cnt_surplus; /* for increasing/decreasing a counter and for option 'C' */ + struct ebt_cntchanges *cc; + /* the standard target needs this to know the name of a udc when + * printing out rules. */ + struct ebt_u_replace *replace; +}; + +struct ebt_u_match +{ + char name[EBT_FUNCTION_MAXNAMELEN]; + /* size of the real match data */ + unsigned int size; + void (*help)(void); + void (*init)(struct ebt_entry_match *m); + int (*parse)(int c, char **argv, int argc, + const struct ebt_u_entry *entry, unsigned int *flags, + struct ebt_entry_match **match); + void (*final_check)(const struct ebt_u_entry *entry, + const struct ebt_entry_match *match, + const char *name, unsigned int hookmask, unsigned int time); + void (*print)(const struct ebt_u_entry *entry, + const struct ebt_entry_match *match); + int (*compare)(const struct ebt_entry_match *m1, + const struct ebt_entry_match *m2); + const struct option *extra_ops; + /* + * can be used e.g. to check for multiple occurance of the same option + */ + unsigned int flags; + unsigned int option_offset; + struct ebt_entry_match *m; + /* + * if used == 1 we no longer have to add it to + * the match chain of the new entry + * be sure to put it back on 0 when finished + */ + unsigned int used; + struct ebt_u_match *next; +}; + +struct ebt_u_watcher +{ + char name[EBT_FUNCTION_MAXNAMELEN]; + unsigned int size; + void (*help)(void); + void (*init)(struct ebt_entry_watcher *w); + int (*parse)(int c, char **argv, int argc, + const struct ebt_u_entry *entry, unsigned int *flags, + struct ebt_entry_watcher **watcher); + void (*final_check)(const struct ebt_u_entry *entry, + const struct ebt_entry_watcher *watch, const char *name, + unsigned int hookmask, unsigned int time); + void (*print)(const struct ebt_u_entry *entry, + const struct ebt_entry_watcher *watcher); + int (*compare)(const struct ebt_entry_watcher *w1, + const struct ebt_entry_watcher *w2); + const struct option *extra_ops; + unsigned int flags; + unsigned int option_offset; + struct ebt_entry_watcher *w; + unsigned int used; + struct ebt_u_watcher *next; +}; + +struct ebt_u_target +{ + char name[EBT_FUNCTION_MAXNAMELEN]; + unsigned int size; + void (*help)(void); + void (*init)(struct ebt_entry_target *t); + int (*parse)(int c, char **argv, int argc, + const struct ebt_u_entry *entry, unsigned int *flags, + struct ebt_entry_target **target); + void (*final_check)(const struct ebt_u_entry *entry, + const struct ebt_entry_target *target, const char *name, + unsigned int hookmask, unsigned int time); + void (*print)(const struct ebt_u_entry *entry, + const struct ebt_entry_target *target); + int (*compare)(const struct ebt_entry_target *t1, + const struct ebt_entry_target *t2); + const struct option *extra_ops; + unsigned int option_offset; + unsigned int flags; + struct ebt_entry_target *t; + unsigned int used; + struct ebt_u_target *next; +}; + +/* libebtc.c */ + +extern struct ebt_u_table *ebt_tables; +extern struct ebt_u_match *ebt_matches; +extern struct ebt_u_watcher *ebt_watchers; +extern struct ebt_u_target *ebt_targets; + +extern int use_lockfd; + +void ebt_register_table(struct ebt_u_table *); +void ebt_register_match(struct ebt_u_match *); +void ebt_register_watcher(struct ebt_u_watcher *); +void ebt_register_target(struct ebt_u_target *t); +int ebt_get_kernel_table(struct ebt_u_replace *replace, int init); +struct ebt_u_target *ebt_find_target(const char *name); +struct ebt_u_match *ebt_find_match(const char *name); +struct ebt_u_watcher *ebt_find_watcher(const char *name); +struct ebt_u_table *ebt_find_table(const char *name); +int ebtables_insmod(const char *modname); +void ebt_list_extensions(); +void ebt_initialize_entry(struct ebt_u_entry *e); +void ebt_cleanup_replace(struct ebt_u_replace *replace); +void ebt_reinit_extensions(); +void ebt_double_chains(struct ebt_u_replace *replace); +void ebt_free_u_entry(struct ebt_u_entry *e); +struct ebt_u_entries *ebt_name_to_chain(const struct ebt_u_replace *replace, + const char* arg); +struct ebt_u_entries *ebt_name_to_chain(const struct ebt_u_replace *replace, + const char* arg); +int ebt_get_chainnr(const struct ebt_u_replace *replace, const char* arg); +/**/ +void ebt_change_policy(struct ebt_u_replace *replace, int policy); +void ebt_flush_chains(struct ebt_u_replace *replace); +int ebt_check_rule_exists(struct ebt_u_replace *replace, + struct ebt_u_entry *new_entry); +void ebt_add_rule(struct ebt_u_replace *replace, struct ebt_u_entry *new_entry, + int rule_nr); +void ebt_delete_rule(struct ebt_u_replace *replace, + struct ebt_u_entry *new_entry, int begin, int end); +void ebt_zero_counters(struct ebt_u_replace *replace); +void ebt_change_counters(struct ebt_u_replace *replace, + struct ebt_u_entry *new_entry, int begin, int end, + struct ebt_counter *cnt, int mask); +void ebt_new_chain(struct ebt_u_replace *replace, const char *name, int policy); +void ebt_delete_chain(struct ebt_u_replace *replace); +void ebt_rename_chain(struct ebt_u_replace *replace, const char *name); +/**/ +void ebt_do_final_checks(struct ebt_u_replace *replace, struct ebt_u_entry *e, + struct ebt_u_entries *entries); +int ebt_check_for_references(struct ebt_u_replace *replace, int print_err); +int ebt_check_for_references2(struct ebt_u_replace *replace, int chain_nr, + int print_err); +void ebt_check_for_loops(struct ebt_u_replace *replace); +void ebt_add_match(struct ebt_u_entry *new_entry, struct ebt_u_match *m); +void ebt_add_watcher(struct ebt_u_entry *new_entry, struct ebt_u_watcher *w); +void ebt_iterate_matches(void (*f)(struct ebt_u_match *)); +void ebt_iterate_watchers(void (*f)(struct ebt_u_watcher *)); +void ebt_iterate_targets(void (*f)(struct ebt_u_target *)); +void __ebt_print_bug(char *file, int line, char *format, ...); +void __ebt_print_error(char *format, ...); + +/* communication.c */ + +int ebt_get_table(struct ebt_u_replace *repl, int init); +void ebt_deliver_counters(struct ebt_u_replace *repl); +void ebt_deliver_table(struct ebt_u_replace *repl); + +/* useful_functions.c */ + +extern int ebt_invert; +void ebt_check_option(unsigned int *flags, unsigned int mask); +#define ebt_check_inverse(arg) _ebt_check_inverse(arg, argc, argv) +int _ebt_check_inverse(const char option[], int argc, char **argv); +void ebt_print_mac(const unsigned char *mac); +void ebt_print_mac_and_mask(const unsigned char *mac, const unsigned char *mask); +int ebt_get_mac_and_mask(const char *from, unsigned char *to, unsigned char *mask); +void ebt_parse_ip_address(char *address, uint32_t *addr, uint32_t *msk); +char *ebt_mask_to_dotted(uint32_t mask); +void ebt_parse_ip6_address(char *address, struct in6_addr *addr, + struct in6_addr *msk); +char *ebt_ip6_to_numeric(const struct in6_addr *addrp); + + +int do_command(int argc, char *argv[], int exec_style, + struct ebt_u_replace *replace_); + +struct ethertypeent *parseethertypebynumber(int type); + +#define ebt_to_chain(repl) \ +({struct ebt_u_entries *_ch = NULL; \ +if (repl->selected_chain != -1) \ + _ch = repl->chains[repl->selected_chain]; \ +_ch;}) +#define ebt_print_bug(format, args...) \ + __ebt_print_bug(__FILE__, __LINE__, format, ##args) +#define ebt_print_error(format,args...) __ebt_print_error(format, ##args); +#define ebt_print_error2(format, args...) do {__ebt_print_error(format, ##args); \ + return -1;} while (0) +#define ebt_check_option2(flags,mask) \ +({ebt_check_option(flags,mask); \ + if (ebt_errormsg[0] != '\0') \ + return -1;}) +#define ebt_check_inverse2(option) \ +({int __ret = ebt_check_inverse(option); \ +if (ebt_errormsg[0] != '\0') \ + return -1; \ +if (!optarg) { \ + __ebt_print_error("Option without (mandatory) argument"); \ + return -1; \ +} \ +__ret;}) +#define ebt_print_memory() do {printf("Ebtables: " __FILE__ \ + " %s %d :Out of memory.\n", __FUNCTION__, __LINE__); exit(-1);} while (0) + +/* used for keeping the rule counters right during rule adds or deletes */ +#define CNT_NORM 0 +#define CNT_DEL 1 +#define CNT_ADD 2 +#define CNT_CHANGE 3 + +extern const char *ebt_hooknames[NF_BR_NUMHOOKS]; +extern const char *ebt_standard_targets[NUM_STANDARD_TARGETS]; +extern char ebt_errormsg[ERRORMSG_MAXLEN]; +extern char *ebt_modprobe; +extern int ebt_silent; +extern int ebt_printstyle_mac; + +/* + * Transforms a target string into the right integer, + * returns 0 on success. + */ +#define FILL_TARGET(_str, _pos) ({ \ + int _i, _ret = 0; \ + for (_i = 0; _i < NUM_STANDARD_TARGETS; _i++) \ + if (!strcmp(_str, ebt_standard_targets[_i])) {\ + _pos = -_i - 1; \ + break; \ + } \ + if (_i == NUM_STANDARD_TARGETS) \ + _ret = 1; \ + _ret; \ +}) + +/* Transforms the target value to an index into standard_targets[] */ +#define TARGET_INDEX(_value) (-_value - 1) +/* Returns a target string corresponding to the value */ +#define TARGET_NAME(_value) (ebt_standard_targets[TARGET_INDEX(_value)]) +/* True if the hook mask denotes that the rule is in a base chain */ +#define BASE_CHAIN (hookmask & (1 << NF_BR_NUMHOOKS)) +/* Clear the bit in the hook_mask that tells if the rule is on a base chain */ +#define CLEAR_BASE_CHAIN_BIT (hookmask &= ~(1 << NF_BR_NUMHOOKS)) +#define PRINT_VERSION printf(PROGNAME" v"PROGVERSION" ("PROGDATE")\n") +#ifndef PROC_SYS_MODPROBE +#define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe" +#endif +#define ATOMIC_ENV_VARIABLE "EBTABLES_ATOMIC_FILE" + +#ifndef ARRAY_SIZE +# define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) +#endif +#endif /* EBTABLES_U_H */ |