2
0

xtables-5.h 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
  1. /*
  2. * firewall3 - 3rd OpenWrt UCI firewall implementation
  3. *
  4. * Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
  5. *
  6. * Permission to use, copy, modify, and/or distribute this software for any
  7. * purpose with or without fee is hereby granted, provided that the above
  8. * copyright notice and this permission notice appear in all copies.
  9. *
  10. * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  11. * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  12. * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  13. * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  14. * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  15. * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  16. * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  17. */
  18. #ifndef __FW3_XTABLES_5_H
  19. #define __FW3_XTABLES_5_H
  20. static inline void
  21. fw3_xt_reset(void)
  22. {
  23. xtables_matches = NULL;
  24. xtables_targets = NULL;
  25. }
  26. static inline const char *
  27. fw3_xt_get_match_name(struct xtables_match *m)
  28. {
  29. return m->m->u.user.name;
  30. }
  31. static inline void
  32. fw3_xt_set_match_name(struct xtables_match *m)
  33. {
  34. strcpy(m->m->u.user.name, m->name);
  35. }
  36. static inline bool
  37. fw3_xt_has_match_parse(struct xtables_match *m)
  38. {
  39. return !!m->parse;
  40. }
  41. static inline void
  42. fw3_xt_free_match_udata(struct xtables_match *m)
  43. {
  44. return;
  45. }
  46. static inline void
  47. fw3_xt_merge_match_options(struct xtables_globals *g, struct xtables_match *m)
  48. {
  49. g->opts = xtables_merge_options(g->opts, m->extra_opts, &m->option_offset);
  50. }
  51. static inline const char *
  52. fw3_xt_get_target_name(struct xtables_target *t)
  53. {
  54. return t->t->u.user.name;
  55. }
  56. static inline void
  57. fw3_xt_set_target_name(struct xtables_target *t, const char *name)
  58. {
  59. strcpy(t->t->u.user.name, name);
  60. }
  61. static inline bool
  62. fw3_xt_has_target_parse(struct xtables_target *t)
  63. {
  64. return !!t->parse;
  65. }
  66. static inline void
  67. fw3_xt_free_target_udata(struct xtables_target *t)
  68. {
  69. return;
  70. }
  71. static inline void
  72. fw3_xt_merge_target_options(struct xtables_globals *g, struct xtables_target *t)
  73. {
  74. g->opts = xtables_merge_options(g->opts, t->extra_opts, &t->option_offset);
  75. }
  76. static inline void
  77. fw3_xt_print_matches(void *ip, struct xtables_rule_match *matches)
  78. {
  79. struct xtables_rule_match *rm;
  80. struct xtables_match *m;
  81. printf(" ");
  82. for (rm = matches; rm; rm = rm->next)
  83. {
  84. m = rm->match;
  85. printf("-m %s ", fw3_xt_get_match_name(m));
  86. if (m->save)
  87. m->save(ip, m->m);
  88. }
  89. }
  90. static inline void
  91. fw3_xt_print_target(void *ip, struct xtables_target *target)
  92. {
  93. if (target)
  94. {
  95. printf("-j %s ", fw3_xt_get_target_name(target));
  96. if (target->save)
  97. target->save(ip, target->t);
  98. }
  99. }
  100. /* xtables api addons */
  101. static inline void
  102. xtables_option_mpcall(unsigned int c, char **argv, bool invert,
  103. struct xtables_match *m, void *fw)
  104. {
  105. if (m->parse)
  106. m->parse(c - m->option_offset, argv, invert, &m->mflags, fw, &m->m);
  107. }
  108. static inline void
  109. xtables_option_mfcall(struct xtables_match *m)
  110. {
  111. if (m->final_check)
  112. m->final_check(m->mflags);
  113. }
  114. static inline void
  115. xtables_option_tpcall(unsigned int c, char **argv, bool invert,
  116. struct xtables_target *t, void *fw)
  117. {
  118. if (t->parse)
  119. t->parse(c - t->option_offset, argv, invert, &t->tflags, fw, &t->t);
  120. }
  121. static inline void
  122. xtables_option_tfcall(struct xtables_target *t)
  123. {
  124. if (t->final_check)
  125. t->final_check(t->tflags);
  126. }
  127. static inline void
  128. xtables_rule_matches_free(struct xtables_rule_match **matches)
  129. {
  130. struct xtables_rule_match *mp, *tmp;
  131. for (mp = *matches; mp;)
  132. {
  133. tmp = mp->next;
  134. if (mp->match->m)
  135. {
  136. free(mp->match->m);
  137. mp->match->m = NULL;
  138. }
  139. if (mp->match == mp->match->next)
  140. {
  141. free(mp->match);
  142. mp->match = NULL;
  143. }
  144. free(mp);
  145. mp = tmp;
  146. }
  147. *matches = NULL;
  148. }
  149. static inline int
  150. xtables_ipmask_to_cidr(const struct in_addr *mask)
  151. {
  152. int bits;
  153. uint32_t m;
  154. for (m = ntohl(mask->s_addr), bits = 0; m & 0x80000000; m <<= 1)
  155. bits++;
  156. return bits;
  157. }
  158. static inline int
  159. xtables_ip6mask_to_cidr(const struct in6_addr *mask)
  160. {
  161. int bits = 0;
  162. uint32_t a, b, c, d;
  163. a = ntohl(mask->s6_addr32[0]);
  164. b = ntohl(mask->s6_addr32[1]);
  165. c = ntohl(mask->s6_addr32[2]);
  166. d = ntohl(mask->s6_addr32[3]);
  167. while (a & 0x80000000U)
  168. {
  169. a <<= 1;
  170. a |= (b >> 31) & 1;
  171. b <<= 1;
  172. b |= (c >> 31) & 1;
  173. c <<= 1;
  174. c |= (d >> 31) & 1;
  175. d <<= 1;
  176. bits++;
  177. }
  178. return bits;
  179. }
  180. #endif