From: Ulrich Weber <ulrich.weber@sophos.com>
To: <netfilter-devel@vger.kernel.org>
Subject: [PATCH v2] iptables: merge libip6t SNPT and DNPT to NPT
Date: Wed, 2 Jan 2013 17:58:42 +0100 [thread overview]
Message-ID: <50E46742.1050507@sophos.com> (raw)
In-Reply-To: <20130102160349.GB3760@uweber-WS>
[-- Attachment #1: Type: text/plain, Size: 107 bytes --]
Was to quick ;) Please find proper fix attached,
merging DNPT and SNPT into new NPT file.
Cheers
Ulrich
[-- Attachment #2: 0001-iptables-merge-libip6t-SNPT-and-DNPT-to-NPT.patch --]
[-- Type: text/x-patch, Size: 8294 bytes --]
>From fcc5be86597dc9d66b13e42d756a3b2747d0fb2e Mon Sep 17 00:00:00 2001
From: Ulrich Weber <ulrich.weber@sophos.com>
Date: Wed, 2 Jan 2013 17:37:50 +0100
Subject: [PATCH] iptables: merge libip6t SNPT and DNPT to NPT
Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com>
---
extensions/GNUmakefile.in | 6 ++-
extensions/libip6t_DNPT.c | 71 ----------------------------------
extensions/libip6t_NPT.c | 94 +++++++++++++++++++++++++++++++++++++++++++++
extensions/libip6t_SNPT.c | 71 ----------------------------------
4 files changed, 99 insertions(+), 143 deletions(-)
delete mode 100644 extensions/libip6t_DNPT.c
create mode 100644 extensions/libip6t_NPT.c
delete mode 100644 extensions/libip6t_SNPT.c
diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in
index e71e3ff..afb7e3c 100644
--- a/extensions/GNUmakefile.in
+++ b/extensions/GNUmakefile.in
@@ -41,7 +41,7 @@ endif
pfx_build_mod := $(patsubst ${srcdir}/libxt_%.c,%,$(sort $(wildcard ${srcdir}/libxt_*.c)))
pfx_symlinks := NOTRACK state
@ENABLE_IPV4_TRUE@ pf4_build_mod := $(patsubst ${srcdir}/libipt_%.c,%,$(sort $(wildcard ${srcdir}/libipt_*.c)))
-@ENABLE_IPV6_TRUE@ pf6_build_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(sort $(wildcard ${srcdir}/libip6t_*.c)))
+@ENABLE_IPV6_TRUE@ pf6_build_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(sort $(wildcard ${srcdir}/libip6t_*.c))) SNPT DNPT
pfx_build_mod := $(filter-out @blacklist_modules@,${pfx_build_mod})
pf4_build_mod := $(filter-out @blacklist_modules@,${pf4_build_mod})
pf6_build_mod := $(filter-out @blacklist_modules@,${pf6_build_mod})
@@ -99,6 +99,10 @@ libxt_NOTRACK.so: libxt_CT.so
ln -fs $< $@
libxt_state.so: libxt_conntrack.so
ln -fs $< $@
+libip6t_SNPT.so: libip6t_NPT.so
+ ln -fs $< $@
+libip6t_DNPT.so: libip6t_NPT.so
+ ln -fs $< $@
# Need the LIBADDs in iptables/Makefile.am too for libxtables_la_LIBADD
ip6t_NETMAP_LIBADD = -lip6tc
diff --git a/extensions/libip6t_DNPT.c b/extensions/libip6t_DNPT.c
deleted file mode 100644
index 9e4dc5c..0000000
--- a/extensions/libip6t_DNPT.c
+++ /dev/null
@@ -1,71 +0,0 @@
-#include <stdio.h>
-#include <xtables.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <linux/netfilter_ipv6/ip6t_NPT.h>
-
-enum {
- O_SRC_PFX = 1 << 0,
- O_DST_PFX = 1 << 1,
-};
-
-static const struct xt_option_entry SNPT_options[] = {
- { .name = "src-pfx", .id = O_SRC_PFX, .type = XTTYPE_HOSTMASK,
- .flags = XTOPT_MAND },
- { .name = "dst-pfx", .id = O_DST_PFX, .type = XTTYPE_HOSTMASK,
- .flags = XTOPT_MAND },
- { }
-};
-
-static void SNPT_help(void)
-{
- printf("SNPT target options:"
- "\n"
- " --src-pfx prefix/length\n"
- " --dst-pfx prefix/length\n"
- "\n");
-}
-
-static void SNPT_parse(struct xt_option_call *cb)
-{
- struct ip6t_npt_tginfo *npt = cb->data;
-
- xtables_option_parse(cb);
- switch (cb->entry->id) {
- case O_SRC_PFX:
- npt->src_pfx = cb->val.haddr;
- npt->src_pfx_len = cb->val.hlen;
- break;
- case O_DST_PFX:
- npt->dst_pfx = cb->val.haddr;
- npt->dst_pfx_len = cb->val.hlen;
- break;
- }
-}
-
-static void SNPT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
-{
- const struct ip6t_npt_tginfo *npt = (const void *)target->data;
-
- printf("src-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->src_pfx.in6),
- npt->src_pfx_len);
- printf("dst-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->dst_pfx.in6),
- npt->dst_pfx_len);
-}
-
-static struct xtables_target snpt_tg_reg = {
- .name = "DNPT",
- .version = XTABLES_VERSION,
- .family = NFPROTO_IPV6,
- .size = XT_ALIGN(sizeof(struct ip6t_npt_tginfo)),
- .userspacesize = offsetof(struct ip6t_npt_tginfo, adjustment),
- .help = SNPT_help,
- .x6_parse = SNPT_parse,
- .print = SNPT_print,
- .x6_options = SNPT_options,
-};
-
-void _init(void)
-{
- xtables_register_target(&snpt_tg_reg);
-}
diff --git a/extensions/libip6t_NPT.c b/extensions/libip6t_NPT.c
new file mode 100644
index 0000000..56e6f43
--- /dev/null
+++ b/extensions/libip6t_NPT.c
@@ -0,0 +1,94 @@
+#include <stdio.h>
+#include <xtables.h>
+#include <linux/netfilter_ipv6/ip6_tables.h>
+#include <linux/netfilter_ipv6/ip6t_NPT.h>
+
+enum {
+ O_SRC_PFX = 1 << 0,
+ O_DST_PFX = 1 << 1,
+};
+
+static const struct xt_option_entry NPT_options[] = {
+ { .name = "src-pfx", .id = O_SRC_PFX, .type = XTTYPE_HOSTMASK,
+ .flags = XTOPT_MAND },
+ { .name = "dst-pfx", .id = O_DST_PFX, .type = XTTYPE_HOSTMASK,
+ .flags = XTOPT_MAND },
+ { }
+};
+
+static void SNPT_help(void)
+{
+ printf("SNPT target options:"
+ "\n"
+ " --src-pfx prefix/length\n"
+ " --dst-pfx prefix/length\n"
+ "\n");
+}
+
+static void DNPT_help(void)
+{
+ printf("DNPT target options:"
+ "\n"
+ " --src-pfx prefix/length\n"
+ " --dst-pfx prefix/length\n"
+ "\n");
+}
+
+static void NPT_parse(struct xt_option_call *cb)
+{
+ struct ip6t_npt_tginfo *npt = cb->data;
+
+ xtables_option_parse(cb);
+ switch (cb->entry->id) {
+ case O_SRC_PFX:
+ npt->src_pfx = cb->val.haddr;
+ npt->src_pfx_len = cb->val.hlen;
+ break;
+ case O_DST_PFX:
+ npt->dst_pfx = cb->val.haddr;
+ npt->dst_pfx_len = cb->val.hlen;
+ break;
+ }
+}
+
+static void NPT_print(const void *ip, const struct xt_entry_target *target,
+ int numeric)
+{
+ const struct ip6t_npt_tginfo *npt = (const void *)target->data;
+
+ printf("src-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->src_pfx.in6),
+ npt->src_pfx_len);
+ printf("dst-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->dst_pfx.in6),
+ npt->dst_pfx_len);
+}
+
+static struct xtables_target snpt_tg_reg = {
+ .name = "SNPT",
+ .version = XTABLES_VERSION,
+ .family = NFPROTO_IPV6,
+ .size = XT_ALIGN(sizeof(struct ip6t_npt_tginfo)),
+ .userspacesize = offsetof(struct ip6t_npt_tginfo, adjustment),
+ .help = SNPT_help,
+ .x6_parse = NPT_parse,
+ .print = NPT_print,
+ .x6_options = NPT_options,
+};
+
+static struct xtables_target dnpt_tg_reg = {
+ .name = "DNPT",
+ .version = XTABLES_VERSION,
+ .family = NFPROTO_IPV6,
+ .size = XT_ALIGN(sizeof(struct ip6t_npt_tginfo)),
+ .userspacesize = offsetof(struct ip6t_npt_tginfo, adjustment),
+ .help = DNPT_help,
+ .x6_parse = NPT_parse,
+ .print = NPT_print,
+ .x6_options = NPT_options,
+};
+
+
+void _init(void)
+{
+ xtables_register_target(&snpt_tg_reg);
+ xtables_register_target(&dnpt_tg_reg);
+}
diff --git a/extensions/libip6t_SNPT.c b/extensions/libip6t_SNPT.c
deleted file mode 100644
index 26a86c5..0000000
--- a/extensions/libip6t_SNPT.c
+++ /dev/null
@@ -1,71 +0,0 @@
-#include <stdio.h>
-#include <xtables.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <linux/netfilter_ipv6/ip6t_NPT.h>
-
-enum {
- O_SRC_PFX = 1 << 0,
- O_DST_PFX = 1 << 1,
-};
-
-static const struct xt_option_entry SNPT_options[] = {
- { .name = "src-pfx", .id = O_SRC_PFX, .type = XTTYPE_HOSTMASK,
- .flags = XTOPT_MAND },
- { .name = "dst-pfx", .id = O_DST_PFX, .type = XTTYPE_HOSTMASK,
- .flags = XTOPT_MAND },
- { }
-};
-
-static void SNPT_help(void)
-{
- printf("SNPT target options:"
- "\n"
- " --src-pfx prefix/length\n"
- " --dst-pfx prefix/length\n"
- "\n");
-}
-
-static void SNPT_parse(struct xt_option_call *cb)
-{
- struct ip6t_npt_tginfo *npt = cb->data;
-
- xtables_option_parse(cb);
- switch (cb->entry->id) {
- case O_SRC_PFX:
- npt->src_pfx = cb->val.haddr;
- npt->src_pfx_len = cb->val.hlen;
- break;
- case O_DST_PFX:
- npt->dst_pfx = cb->val.haddr;
- npt->dst_pfx_len = cb->val.hlen;
- break;
- }
-}
-
-static void SNPT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
-{
- const struct ip6t_npt_tginfo *npt = (const void *)target->data;
-
- printf("src-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->src_pfx.in6),
- npt->src_pfx_len);
- printf("dst-pfx %s/%u ", xtables_ip6addr_to_numeric(&npt->dst_pfx.in6),
- npt->dst_pfx_len);
-}
-
-static struct xtables_target snpt_tg_reg = {
- .name = "SNPT",
- .version = XTABLES_VERSION,
- .family = NFPROTO_IPV6,
- .size = XT_ALIGN(sizeof(struct ip6t_npt_tginfo)),
- .userspacesize = offsetof(struct ip6t_npt_tginfo, adjustment),
- .help = SNPT_help,
- .x6_parse = SNPT_parse,
- .print = SNPT_print,
- .x6_options = SNPT_options,
-};
-
-void _init(void)
-{
- xtables_register_target(&snpt_tg_reg);
-}
--
1.7.9.5
next prev parent reply other threads:[~2013-01-02 17:06 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-02 16:03 [PATCH] iptables: fix wording in DNPT target Ulrich Weber
2013-01-02 16:58 ` Ulrich Weber [this message]
2013-01-02 18:27 ` [PATCH v2] iptables: merge libip6t SNPT and DNPT to NPT Jan Engelhardt
2013-01-03 0:14 ` [PATCH] iptables: fix wording in DNPT target Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50E46742.1050507@sophos.com \
--to=ulrich.weber@sophos.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.