• source navigation  • diff markup  • identifier search  • freetext search  • 

Sources/firewall3/iptables.h

  1 /*
  2  * firewall3 - 3rd OpenWrt UCI firewall implementation
  3  *
  4  *   Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
  5  *
  6  * Permission to use, copy, modify, and/or distribute this software for any
  7  * purpose with or without fee is hereby granted, provided that the above
  8  * copyright notice and this permission notice appear in all copies.
  9  *
 10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 17  */
 18 
 19 #ifndef __FW3_IPTABLES_H
 20 #define __FW3_IPTABLES_H
 21 
 22 #ifndef DISABLE_STATIC_EXTENSIONS
 23 /* libipt*ext.so interfaces */
 24 extern void init_extensions(void);
 25 extern void init_extensions4(void);
 26 extern void init_extensions6(void);
 27 #else
 28 static inline void init_extensions(void) { }
 29 static inline void init_extensions4(void) { }
 30 static inline void init_extensions6(void) { }
 31 #endif
 32 
 33 /* Required by certain extensions like SNAT and DNAT */
 34 extern int kernel_version;
 35 void get_kernel_version(void);
 36 
 37 struct fw3_ipt_handle {
 38         enum fw3_family family;
 39         enum fw3_table table;
 40         void *handle;
 41 };
 42 
 43 struct fw3_ipt_rule;
 44 
 45 struct fw3_ipt_handle *fw3_ipt_open(enum fw3_family family,
 46                                     enum fw3_table table);
 47 
 48 void fw3_ipt_set_policy(struct fw3_ipt_handle *h, const char *chain,
 49                         enum fw3_flag policy);
 50 
 51 
 52 void fw3_ipt_flush_chain(struct fw3_ipt_handle *h, const char *chain);
 53 void fw3_ipt_delete_chain(struct fw3_ipt_handle *h, bool if_unused,
 54                           const char *chain);
 55 
 56 void fw3_ipt_delete_id_rules(struct fw3_ipt_handle *h, const char *chain);
 57 
 58 void fw3_ipt_create_chain(struct fw3_ipt_handle *h, bool ignore_existing,
 59                           const char *chain);
 60 
 61 void fw3_ipt_flush(struct fw3_ipt_handle *h);
 62 
 63 void fw3_ipt_gc(struct fw3_ipt_handle *h);
 64 
 65 void fw3_ipt_commit(struct fw3_ipt_handle *h);
 66 
 67 void fw3_ipt_close(struct fw3_ipt_handle *h);
 68 
 69 struct fw3_ipt_rule *fw3_ipt_rule_new(struct fw3_ipt_handle *h);
 70 
 71 void fw3_ipt_rule_proto(struct fw3_ipt_rule *r, struct fw3_protocol *proto);
 72 
 73 void fw3_ipt_rule_in_out(struct fw3_ipt_rule *r,
 74                          struct fw3_device *in, struct fw3_device *out);
 75 
 76 void fw3_ipt_rule_src_dest(struct fw3_ipt_rule *r,
 77                            struct fw3_address *src, struct fw3_address *dest);
 78 
 79 void fw3_ipt_rule_sport_dport(struct fw3_ipt_rule *r,
 80                               struct fw3_port *sp, struct fw3_port *dp);
 81 
 82 void fw3_ipt_rule_device(struct fw3_ipt_rule *r, const char *device, bool out);
 83 
 84 void fw3_ipt_rule_mac(struct fw3_ipt_rule *r, struct fw3_mac *mac);
 85 
 86 void fw3_ipt_rule_icmptype(struct fw3_ipt_rule *r, struct fw3_icmptype *icmp);
 87 
 88 void fw3_ipt_rule_limit(struct fw3_ipt_rule *r, struct fw3_limit *limit);
 89 
 90 void fw3_ipt_rule_ipset(struct fw3_ipt_rule *r, struct fw3_setmatch *match);
 91 
 92 void fw3_ipt_rule_helper(struct fw3_ipt_rule *r, struct fw3_cthelpermatch *match);
 93 
 94 void fw3_ipt_rule_time(struct fw3_ipt_rule *r, struct fw3_time *time);
 95 
 96 void fw3_ipt_rule_mark(struct fw3_ipt_rule *r, struct fw3_mark *mark);
 97 
 98 void fw3_ipt_rule_dscp(struct fw3_ipt_rule *r, struct fw3_dscp *dscp);
 99 
100 void fw3_ipt_rule_comment(struct fw3_ipt_rule *r, const char *fmt, ...);
101 
102 void fw3_ipt_rule_extra(struct fw3_ipt_rule *r, const char *extra);
103 
104 void fw3_ipt_rule_addarg(struct fw3_ipt_rule *r, bool inv,
105                          const char *k, const char *v);
106 
107 struct fw3_ipt_rule * fw3_ipt_rule_create(struct fw3_ipt_handle *handle,
108                                           struct fw3_protocol *proto,
109                                           struct fw3_device *in,
110                                           struct fw3_device *out,
111                                           struct fw3_address *src,
112                                           struct fw3_address *dest);
113 
114 void __fw3_ipt_rule_append(struct fw3_ipt_rule *r, bool repl,
115                            const char *fmt, ...);
116 
117 #define fw3_ipt_rule_append(rule, ...) \
118         __fw3_ipt_rule_append(rule, false, __VA_ARGS__)
119 
120 #define fw3_ipt_rule_replace(rule, ...) \
121         __fw3_ipt_rule_append(rule, true, __VA_ARGS__)
122 
123 static inline void
124 fw3_ipt_rule_target(struct fw3_ipt_rule *r, const char *fmt, ...)
125 {
126         va_list ap;
127         char buf[32];
128 
129         va_start(ap, fmt);
130         vsnprintf(buf, sizeof(buf) - 1, fmt, ap);
131         va_end(ap);
132 
133         fw3_ipt_rule_addarg(r, false, "-j", buf);
134 }
135 
136 #endif
137

This page was automatically generated by LXR 0.3.1.  •  OpenWrt