From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ozgur AKAN Subject: inner structure of iptables Date: Tue, 16 Mar 2004 17:12:34 +0200 Sender: netfilter-devel-admin@lists.netfilter.org Message-ID: <40571962.5070701@aiqa.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="------------040705000105070805070801" Return-path: To: netfilter-devel@lists.netfilter.org Errors-To: netfilter-devel-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Unsubscribe: , List-Archive: List-Id: netfilter-devel.vger.kernel.org This is a multi-part message in MIME format. --------------040705000105070805070801 Content-Type: text/plain; charset=ISO-8859-9; format=flowed Content-Transfer-Encoding: 7bit I included some simple code to express myself clearly. I have a problem with the 4th line. When we execute the code for the first time these happen (I wrote down) In the 1st line we create the pointer to the structure of the table In the 2nd and 3rd line we get the adress of first chain and print its name to screen. In the 4th line "e = iptc_first_rule(chain, &h)" we get the adress of the first rule of the first chain and by the loop it goes to next rule until there is no next rule. How does it know that it is the last rule of this chain? Why doesn`t it continue to read the first rule of next chain? (Because there is no chain information here -> e = iptc_next_rule(e, &h)) 1 h = iptc_init(tablename); 2 for ( chain = iptc_first_chain(&h); chain; chain = iptc_next_chain(&h)) { 3 printf("%s\n", chain); 4 for ( e = iptc_first_rule(chain, &h); e; e = iptc_next_rule(e, &h)) { 5 printf("n. -%u- i. -%u-\n", e->ip.invflags, e->ip.invflags & IPT_INV_SRCIP); 6 } 7 } I hope my question is clear enough. thanks, Ozgur AKAN --------------040705000105070805070801 Content-Type: text/html; charset=ISO-8859-9 Content-Transfer-Encoding: 8bit I included some simple code to express myself clearly.

I have a problem with the 4th line. When we execute the code for the first time these happen (I wrote down)

In the 1st line we create the pointer to the structure of the table
In the 2nd and 3rd line we get the adress of first chain and print its name to screen.
In the 4th line "e = iptc_first_rule(chain, &h)" we get the adress of the first  rule of the first chain and by the loop it goes to next rule until there is no next rule. How does it know that it is the last rule of this chain? Why doesn`t it continue to read the first rule of next chain? (Because there is no chain information here -> e = iptc_next_rule(e, &h))

 1    h = iptc_init(tablename);
 2    for ( chain = iptc_first_chain(&h); chain; chain = iptc_next_chain(&h)) {
 3        printf("%s\n", chain);
 4        for ( e = iptc_first_rule(chain, &h); e; e = iptc_next_rule(e, &h)) {
 5            printf("n. -%u- i. -%u-\n", e->ip.invflags, e->ip.invflags & IPT_INV_SRCIP);
 6        }
 7    }

I hope my question is clear enough.

thanks,
Ozgur AKAN
 --------------040705000105070805070801--