diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2017-03-24 06:32:41 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-03-24 06:32:41 +0000 |
commit | e20d6bf62b07e455e15b3d8982fb83dc99b9e564 (patch) | |
tree | 4400fe0ba9baae676633293796954b4061726d5d /extensions/libxt_ipcomp.c | |
parent | a1ffd5ecfa5d72c6dc4cfaf11653d61e3e9083bc (diff) | |
parent | ff45753ae3c3108c6c93ec132f7cf62190f9c628 (diff) | |
download | platform_external_iptables-e20d6bf62b07e455e15b3d8982fb83dc99b9e564.tar.gz platform_external_iptables-e20d6bf62b07e455e15b3d8982fb83dc99b9e564.tar.bz2 platform_external_iptables-e20d6bf62b07e455e15b3d8982fb83dc99b9e564.zip |
Merge changes from topic 'iptables-1.6.1' am: c784fc47e6
am: ff45753ae3
Change-Id: Ic463667ae6ac346f8eae4b6ca18888dcd24b9d6d
Diffstat (limited to 'extensions/libxt_ipcomp.c')
-rw-r--r-- | extensions/libxt_ipcomp.c | 134 |
1 files changed, 134 insertions, 0 deletions
diff --git a/extensions/libxt_ipcomp.c b/extensions/libxt_ipcomp.c new file mode 100644 index 00000000..b5c43128 --- /dev/null +++ b/extensions/libxt_ipcomp.c @@ -0,0 +1,134 @@ +#include <stdio.h> +#include <xtables.h> +#include <linux/netfilter/xt_ipcomp.h> + +enum { + O_compSPI = 0, + O_compRES, +}; + +static void comp_help(void) +{ + printf( +"comp match options:\n" +"[!] --ipcompspi spi[:spi]\n" +" match spi (range)\n"); +} + +static const struct xt_option_entry comp_opts[] = { + {.name = "ipcompspi", .id = O_compSPI, .type = XTTYPE_UINT32RC, + .flags = XTOPT_INVERT | XTOPT_PUT, + XTOPT_POINTER(struct xt_ipcomp, spis)}, + {.name = "compres", .id = O_compRES, .type = XTTYPE_NONE}, + XTOPT_TABLEEND, +}; +#undef s + +static void comp_parse(struct xt_option_call *cb) +{ + struct xt_ipcomp *compinfo = cb->data; + + xtables_option_parse(cb); + switch (cb->entry->id) { + case O_compSPI: + if (cb->nvals == 1) + compinfo->spis[1] = compinfo->spis[0]; + if (cb->invert) + compinfo->invflags |= XT_IPCOMP_INV_SPI; + break; + case O_compRES: + compinfo->hdrres = 1; + break; + } +} + +static void +print_spis(const char *name, uint32_t min, uint32_t max, + int invert) +{ + const char *inv = invert ? "!" : ""; + + if (min != 0 || max != 0xFFFFFFFF || invert) { + if (min == max) + printf("%s:%s%u", name, inv, min); + else + printf("%ss:%s%u:%u", name, inv, min, max); + } +} + +static void comp_print(const void *ip, const struct xt_entry_match *match, + int numeric) +{ + const struct xt_ipcomp *comp = (struct xt_ipcomp *)match->data; + + printf(" comp "); + print_spis("spi", comp->spis[0], comp->spis[1], + comp->invflags & XT_IPCOMP_INV_SPI); + + if (comp->hdrres) + printf(" reserved"); + + if (comp->invflags & ~XT_IPCOMP_INV_MASK) + printf(" Unknown invflags: 0x%X", + comp->invflags & ~XT_IPCOMP_INV_MASK); +} + +static void comp_save(const void *ip, const struct xt_entry_match *match) +{ + const struct xt_ipcomp *compinfo = (struct xt_ipcomp *)match->data; + + if (!(compinfo->spis[0] == 0 + && compinfo->spis[1] == 0xFFFFFFFF)) { + printf("%s --ipcompspi ", + (compinfo->invflags & XT_IPCOMP_INV_SPI) ? " !" : ""); + if (compinfo->spis[0] + != compinfo->spis[1]) + printf("%u:%u", + compinfo->spis[0], + compinfo->spis[1]); + else + printf("%u", + compinfo->spis[0]); + } + + if (compinfo->hdrres != 0 ) + printf(" --compres"); +} + +static int comp_xlate(struct xt_xlate *xl, + const struct xt_xlate_mt_params *params) +{ + const struct xt_ipcomp *compinfo = + (struct xt_ipcomp *)params->match->data; + + xt_xlate_add(xl, "comp cpi %s", + compinfo->invflags & XT_IPCOMP_INV_SPI ? "!= " : ""); + if (compinfo->spis[0] != compinfo->spis[1]) + xt_xlate_add(xl, "%u-%u", compinfo->spis[0], + compinfo->spis[1]); + else + xt_xlate_add(xl, "%u", compinfo->spis[0]); + + return 1; +} + +static struct xtables_match comp_mt_reg = { + .name = "ipcomp", + .version = XTABLES_VERSION, + .family = NFPROTO_UNSPEC, + .size = XT_ALIGN(sizeof(struct xt_ipcomp)), + .userspacesize = XT_ALIGN(sizeof(struct xt_ipcomp)), + .help = comp_help, + .print = comp_print, + .save = comp_save, + .x6_parse = comp_parse, + .x6_options = comp_opts, + .xlate = comp_xlate, +}; + +void +_init(void) +{ + xtables_register_match(&comp_mt_reg); +}; + |