1/* Shared library add-on to iptables to add related packet matching support. */ 2#include <stdio.h> 3#include <netdb.h> 4#include <string.h> 5#include <stdlib.h> 6#include <getopt.h> 7 8#include <iptables.h> 9#include <linux/netfilter_ipv4/ipt_helper.h> 10 11/* Function which prints out usage message. */ 12static void 13help(void) 14{ 15 printf( 16"helper match v%s options:\n" 17"[!] --helper string Match helper identified by string\n" 18"\n", 19IPTABLES_VERSION); 20} 21 22static struct option opts[] = { 23 { "helper", 1, 0, '1' }, 24 {0} 25}; 26 27/* Function which parses command options; returns true if it 28 ate an option */ 29static int 30parse(int c, char **argv, int invert, unsigned int *flags, 31 const struct ipt_entry *entry, 32 unsigned int *nfcache, 33 struct ipt_entry_match **match) 34{ 35 struct ipt_helper_info *info = (struct ipt_helper_info *)(*match)->data; 36 37 switch (c) { 38 case '1': 39 if (*flags) 40 exit_error(PARAMETER_PROBLEM, 41 "helper match: Only use --helper ONCE!"); 42 check_inverse(optarg, &invert, &invert, 0); 43 strncpy(info->name, optarg, 29); 44 info->name[29] = '\0'; 45 if (invert) 46 info->invert = 1; 47 *flags = 1; 48 break; 49 50 default: 51 return 0; 52 } 53 return 1; 54} 55 56/* Final check; must have specified --helper. */ 57static void 58final_check(unsigned int flags) 59{ 60 if (!flags) 61 exit_error(PARAMETER_PROBLEM, 62 "helper match: You must specify `--helper'"); 63} 64 65/* Prints out the info. */ 66static void 67print(const struct ipt_ip *ip, 68 const struct ipt_entry_match *match, 69 int numeric) 70{ 71 struct ipt_helper_info *info = (struct ipt_helper_info *)match->data; 72 73 printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name); 74} 75 76/* Saves the union ipt_info in parsable form to stdout. */ 77static void 78save(const struct ipt_ip *ip, const struct ipt_entry_match *match) 79{ 80 struct ipt_helper_info *info = (struct ipt_helper_info *)match->data; 81 82 printf("%s--helper \"%s\" ",info->invert ? "! " : "", info->name); 83} 84 85static struct iptables_match helper = { 86 .next = NULL, 87 .name = "helper", 88 .version = IPTABLES_VERSION, 89 .size = IPT_ALIGN(sizeof(struct ipt_helper_info)), 90 .help = &help, 91 .parse = &parse, 92 .final_check = &final_check, 93 .print = &print, 94 .save = &save, 95 .extra_opts = opts 96}; 97 98void _init(void) 99{ 100 register_match(&helper); 101} 102