Lines Matching defs:*
2 * Shared library add-on to iptables to add early socket matching support.
4 * Copyright (C) 2007 BalaBit IT Ltd.
6 #include <stdio.h>
7 #include <xtables.h>
8 #include <linux/netfilter/xt_socket.h>
10 enum {
11 O_TRANSPARENT = 0,
14 static const struct xt_option_entry socket_mt_opts[] = {
15 {.name = "transparent", .id = O_TRANSPARENT, .type = XTTYPE_NONE},
16 XTOPT_TABLEEND,
19 static void socket_mt_help(void)
21 printf(
22 "socket match options:\n"
23 " --transparent Ignore non-transparent sockets\n\n");
26 static void socket_mt_parse(struct xt_option_call *cb)
28 struct xt_socket_mtinfo1 *info = cb->data;
30 xtables_option_parse(cb);
31 switch (cb->entry->id) {
32 case O_TRANSPARENT:
33 info->flags |= XT_SOCKET_TRANSPARENT;
34 break;
38 static void
39 socket_mt_save(const void *ip, const struct xt_entry_match *match)
41 const struct xt_socket_mtinfo1 *info = (const void *)match->data;
43 if (info->flags & XT_SOCKET_TRANSPARENT)
44 printf(" --transparent");
47 static void
48 socket_mt_print(const void *ip, const struct xt_entry_match *match,
49 int numeric)
51 printf(" socket");
52 socket_mt_save(ip, match);
55 static struct xtables_match socket_mt_reg[] = {
57 .name = "socket",
58 .revision = 0,
59 .family = NFPROTO_IPV4,
60 .version = XTABLES_VERSION,
61 .size = XT_ALIGN(0),
62 .userspacesize = XT_ALIGN(0),
65 .name = "socket",
66 .revision = 1,
67 .family = NFPROTO_UNSPEC,
68 .version = XTABLES_VERSION,
69 .size = XT_ALIGN(sizeof(struct xt_socket_mtinfo1)),
70 .userspacesize = XT_ALIGN(sizeof(struct xt_socket_mtinfo1)),
71 .help = socket_mt_help,
72 .print = socket_mt_print,
73 .save = socket_mt_save,
74 .x6_parse = socket_mt_parse,
75 .x6_options = socket_mt_opts,
79 void _init(void)
81 xtables_register_matches(socket_mt_reg, ARRAY_SIZE(socket_mt_reg));