 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
#include <getopt.h>#include <string.h>#include <netdb.h>#include <errno.h>#include <stdio.h>#include <stdlib.h>#include <inttypes.h>#include <ctype.h>#include <stdarg.h>#include <limits.h>#include <unistd.h>#include <arptables.h>#include <fcntl.h>#include <sys/wait.h>
Data Structures | |
| struct | pprot |
Macros | |
| #define | TRUE 1 |
| #define | FALSE 0 |
| #define | ARPT_LIB_DIR "/usr/local/lib/arptables" |
| #define | PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe" |
| #define | FMT_NUMERIC 0x0001 |
| #define | FMT_NOCOUNTS 0x0002 |
| #define | FMT_KILOMEGAGIGA 0x0004 |
| #define | FMT_OPTIONS 0x0008 |
| #define | FMT_NOTABLE 0x0010 |
| #define | FMT_NOTARGET 0x0020 |
| #define | FMT_VIA 0x0040 |
| #define | FMT_NONEWLINE 0x0080 |
| #define | FMT_LINENUMBERS 0x0100 |
| #define | FMT_PRINT_RULE |
| #define | FMT(tab, notab) ((format) & FMT_NOTABLE ? (notab) : (notab)) |
| #define | CMD_NONE 0x0000U |
| #define | CMD_INSERT 0x0001U |
| #define | CMD_DELETE 0x0002U |
| #define | CMD_DELETE_NUM 0x0004U |
| #define | CMD_REPLACE 0x0008U |
| #define | CMD_APPEND 0x0010U |
| #define | CMD_LIST 0x0020U |
| #define | CMD_FLUSH 0x0040U |
| #define | CMD_ZERO 0x0080U |
| #define | CMD_NEW_CHAIN 0x0100U |
| #define | CMD_DELETE_CHAIN 0x0200U |
| #define | CMD_SET_POLICY 0x0400U |
| #define | CMD_CHECK 0x0800U |
| #define | CMD_RENAME_CHAIN 0x1000U |
| #define | NUMBER_OF_CMD 13 |
| #define | OPTION_OFFSET 256 |
| #define | OPT_NONE 0x00000U |
| #define | OPT_NUMERIC 0x00001U |
| #define | OPT_S_IP 0x00002U |
| #define | OPT_D_IP 0x00004U |
| #define | OPT_S_MAC 0x00008U |
| #define | OPT_D_MAC 0x00010U |
| #define | OPT_H_LENGTH 0x00020U |
| #define | OPT_P_LENGTH 0x00040U |
| #define | OPT_OPCODE 0x00080U |
| #define | OPT_H_TYPE 0x00100U |
| #define | OPT_P_TYPE 0x00200U |
| #define | OPT_JUMP 0x00400U |
| #define | OPT_VERBOSE 0x00800U |
| #define | OPT_VIANAMEIN 0x01000U |
| #define | OPT_VIANAMEOUT 0x02000U |
| #define | OPT_LINENUMBERS 0x04000U |
| #define | OPT_COUNTERS 0x08000U |
| #define | NUMBER_OF_OPT 16 |
| #define | NUMOPCODES 9 |
Functions | |
| void | dump_entries (const arptc_handle_t handle) |
| int | getmac_and_mask (char *from, char *to, char *mask) |
| int | getlength_and_mask (char *from, uint8_t *to, uint8_t *mask) |
| int | get16_and_mask (char *from, uint16_t *to, uint16_t *mask, int base) |
| void | print_mac (const unsigned char *mac, int l) |
| void | print_mac_and_mask (const unsigned char *mac, const unsigned char *mask, int l) |
| struct in_addr * | dotted_to_addr (const char *dotted) |
| void | exit_error (enum exittype status, char *msg,...) |
| void | exit_tryhelp (int status) |
| void | exit_printhelp (void) |
| int | check_inverse (const char option[], int *invert, int *optind, int argc) |
| struct in_addr * | parse_hostnetwork (const char *name, unsigned int *naddrs) |
| void | parse_hostnetworkmask (const char *name, struct in_addr **addrpp, struct in_addr *maskp, unsigned int *naddrs) |
| struct arptables_match * | find_match (const char *name, enum arpt_tryload tryload) |
| char * | addr_to_dotted (const struct in_addr *addrp) |
| char * | addr_to_anyname (const struct in_addr *addr) |
| char * | mask_to_dotted (const struct in_addr *mask) |
| int | string_to_number (const char *s, unsigned int min, unsigned int max, unsigned int *ret) |
| struct arptables_target * | find_target (const char *name, enum arpt_tryload tryload) |
| void | register_match (struct arptables_match *me) |
| void | register_target (struct arptables_target *me) |
| int | for_each_chain (int(*fn)(const arpt_chainlabel, int, arptc_handle_t *), int verbose, int builtinstoo, arptc_handle_t *handle) |
| int | flush_entries (const arpt_chainlabel chain, int verbose, arptc_handle_t *handle) |
| int | delete_chain (const arpt_chainlabel chain, int verbose, arptc_handle_t *handle) |
| int | arptables_insmod (const char *modname, const char *modprobe) |
| int | do_command (int argc, char *argv[], char **table, arptc_handle_t *handle) |
Variables | |
| int | RUNTIME_NF_ARP_NUMHOOKS = 3 |
| const char * | program_version = ARPTABLES_VERSION |
| const char * | program_name |
| struct arptables_match * | arptables_matches = NULL |
| struct arptables_target * | arptables_targets = NULL |
| unsigned char | mac_type_unicast [ETH_ALEN] = {0,0,0,0,0,0} |
| unsigned char | msk_type_unicast [ETH_ALEN] = {1,0,0,0,0,0} |
| unsigned char | mac_type_multicast [ETH_ALEN] = {1,0,0,0,0,0} |
| unsigned char | msk_type_multicast [ETH_ALEN] = {1,0,0,0,0,0} |
| unsigned char | mac_type_broadcast [ETH_ALEN] = {255,255,255,255,255,255} |
| unsigned char | msk_type_broadcast [ETH_ALEN] = {255,255,255,255,255,255} |
| #define ARPT_LIB_DIR "/usr/local/lib/arptables" |
| #define CMD_APPEND 0x0010U |
Referenced by do_command(), and do_commandx().
| #define CMD_CHECK 0x0800U |
Referenced by do_commandx().
| #define CMD_DELETE 0x0002U |
Referenced by do_command().
| #define CMD_DELETE_CHAIN 0x0200U |
Referenced by do_command(), and do_commandx().
| #define CMD_DELETE_NUM 0x0004U |
Referenced by do_command(), and do_commandx().
| #define CMD_FLUSH 0x0040U |
Referenced by do_command().
| #define CMD_INSERT 0x0001U |
Referenced by do_command().
| #define CMD_LIST 0x0020U |
Referenced by do_command().
| #define CMD_NEW_CHAIN 0x0100U |
Referenced by do_command(), and do_commandx().
| #define CMD_NONE 0x0000U |
Referenced by do_command(), and do_commandx().
| #define CMD_RENAME_CHAIN 0x1000U |
Referenced by do_command(), and do_commandx().
| #define CMD_REPLACE 0x0008U |
Referenced by do_command(), and do_commandx().
| #define CMD_SET_POLICY 0x0400U |
Referenced by do_command(), and do_commandx().
| #define CMD_ZERO 0x0080U |
Referenced by do_command(), and do_commandx().
| #define FALSE 0 |
Referenced by check_inverse(), and do_command().
| #define FMT | ( | tab, | |
| notab | |||
| ) | ((format) & FMT_NOTABLE ? (notab) : (notab)) |
Referenced by print_firewall_details(), print_header(), print_ifaces(), and xtables_print_num().
| #define FMT_KILOMEGAGIGA 0x0004 |
Referenced by print_header(), and xtables_print_num().
| #define FMT_LINENUMBERS 0x0100 |
Referenced by print_firewall_details(), and print_header().
| #define FMT_NOCOUNTS 0x0002 |
Referenced by nft_rule_list_save(), nft_rule_print_save(), nft_rule_save(), print_firewall_details(), and print_header().
| #define FMT_NONEWLINE 0x0080 |
| #define FMT_NOTABLE 0x0010 |
Referenced by print_header().
| #define FMT_NOTARGET 0x0020 |
Referenced by print_firewall_details(), and print_header().
| #define FMT_NUMERIC 0x0001 |
Referenced by print_firewall_details(), print_ifaces(), and print_matches_and_target().
| #define FMT_OPTIONS 0x0008 |
Referenced by print_header().
| #define FMT_PRINT_RULE |
| #define FMT_VIA 0x0040 |
Referenced by print_header(), and print_ifaces().
| #define NUMBER_OF_CMD 13 |
| #define NUMBER_OF_OPT 16 |
Referenced by main().
| #define NUMOPCODES 9 |
Referenced by do_command(), do_commandarp(), and exit_printhelp().
| #define OPT_COUNTERS 0x08000U |
Referenced by do_command().
| #define OPT_D_IP 0x00004U |
Referenced by do_command().
| #define OPT_D_MAC 0x00010U |
Referenced by do_command().
| #define OPT_H_LENGTH 0x00020U |
Referenced by do_command().
| #define OPT_H_TYPE 0x00100U |
Referenced by do_command().
| #define OPT_JUMP 0x00400U |
Referenced by do_command().
| #define OPT_LINENUMBERS 0x04000U |
Referenced by do_command().
| #define OPT_NONE 0x00000U |
| #define OPT_NUMERIC 0x00001U |
Referenced by do_command(), do_command4(), do_command6(), do_commandx(), and load_proto().
| #define OPT_OPCODE 0x00080U |
Referenced by do_command().
| #define OPT_P_LENGTH 0x00040U |
| #define OPT_P_TYPE 0x00200U |
Referenced by do_command().
| #define OPT_S_IP 0x00002U |
Referenced by do_command().
| #define OPT_S_MAC 0x00008U |
Referenced by do_command().
| #define OPT_VERBOSE 0x00800U |
Referenced by do_command().
| #define OPT_VIANAMEIN 0x01000U |
Referenced by do_command().
| #define OPT_VIANAMEOUT 0x02000U |
Referenced by do_command().
| #define OPTION_OFFSET 256 |
| #define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe" |
| #define TRUE 1 |
Referenced by check_inverse(), and do_command().
| char* addr_to_anyname | ( | const struct in_addr * | addr | ) |
| char* addr_to_dotted | ( | const struct in_addr * | addrp | ) |
References buf.
Referenced by addr_to_anyname(), and mask_to_dotted().
| int arptables_insmod | ( | const char * | modname, |
| const char * | modprobe | ||
| ) |
| int check_inverse | ( | const char | option[], |
| int * | invert, | ||
| int * | optind, | ||
| int | argc | ||
| ) |
References exit_error(), FALSE, PARAMETER_PROBLEM, and TRUE.
Referenced by do_command(), and do_commandarp().
| int delete_chain | ( | const arpt_chainlabel | chain, |
| int | verbose, | ||
| arptc_handle_t * | handle | ||
| ) |
References arptc_delete_chain(), delete_chain(), and for_each_chain().
Referenced by delete_chain(), and do_command().
| int do_command | ( | int | argc, |
| char * | argv[], | ||
| char ** | table, | ||
| arptc_handle_t * | handle | ||
| ) |
References arpt_devaddr_info::addr, arpt_arp::arhln, arpt_arp::arhln_mask, arpt_arp::arhrd, arpt_arp::arhrd_mask, arpt_entry::arp, arpt_arp::arpop, arpt_arp::arpop_mask, arpt_arp::arpro, arpt_arp::arpro_mask, ARPT_ALIGN, ARPT_FUNCTION_MAXNAMELEN, ARPT_INV_SRCIP, ARPT_INV_TGTIP, ARPT_STANDARD_TARGET, arptables_insmod(), arptc_create_chain(), arptc_delete_num_entry(), arptc_init(), arptc_is_chain(), arptc_rename_chain(), arptc_set_policy(), arptc_strerror(), arpt_counters::bcnt, check_inverse(), CMD_APPEND, CMD_DELETE, CMD_DELETE_CHAIN, CMD_DELETE_NUM, CMD_FLUSH, CMD_INSERT, CMD_LIST, CMD_NEW_CHAIN, CMD_NONE, CMD_RENAME_CHAIN, CMD_REPLACE, CMD_SET_POLICY, CMD_ZERO, arpt_entry::counters, delete_chain(), dump_entries(), exit_error(), exit_printhelp(), exit_tryhelp(), arptables_target::extra_opts, FALSE, arptables_target::final_check, find_match(), find_target(), flush_entries(), get16_and_mask(), getlength_and_mask(), getmac_and_mask(), arpt_arp::iniface, arpt_arp::iniface_mask, arptables_target::init, arpt_arp::invflags, LOAD_MUST_SUCCEED, arpt_devaddr_info::mask, arptables_target::next, NULL, NUMOPCODES, OPT_COUNTERS, OPT_D_IP, OPT_D_MAC, OPT_H_LENGTH, OPT_H_TYPE, OPT_JUMP, OPT_LINENUMBERS, OPT_NUMERIC, OPT_OPCODE, OPT_P_TYPE, OPT_S_IP, OPT_S_MAC, OPT_VERBOSE, OPT_VIANAMEIN, OPT_VIANAMEOUT, arptables_target::option_offset, opts, arpt_arp::outiface, arpt_arp::outiface_mask, PARAMETER_PROBLEM, arptables_target::parse, parse_hostnetworkmask(), arpt_counters::pcnt, program_name, program_version, RUNTIME_NF_ARP_NUMHOOKS, arptables_target::size, size, arpt_arp::src_devaddr, arptables_target::t, arpt_entry_target::target_size, arptables_target::tflags, arpt_arp::tgt_devaddr, arpt_arp::tmsk, TRUE, TRY_LOAD, arpt_entry_target::u, arptables_target::used, arpt_entry_target::user, and VERSION_PROBLEM.
Referenced by main().
| struct in_addr* dotted_to_addr | ( | const char * | dotted | ) |
References buf, NULL, and string_to_number().
Referenced by parse_hostnetwork().
| void dump_entries | ( | const arptc_handle_t | handle | ) |
| void exit_error | ( | enum exittype | status, |
| char * | msg, | ||
| ... | |||
| ) |
References exit_tryhelp(), PARAMETER_PROBLEM, program_name, program_version, and VERSION_PROBLEM.
Referenced by check_inverse(), do_command(), find_match(), find_target(), generic_opt_check(), ipset_parse_file(), main(), parse_commandline(), and parse_hostnetwork().
| void exit_printhelp | ( | void | ) |
References arptables_match::help, arptables_target::help, arptables_match::m, arptables_match::next, arptables_target::next, NULL, NUMOPCODES, program_name, program_version, and arptables_target::t.
Referenced by do_command(), do_command4(), do_command6(), do_commandarp(), and do_commandx().
| void exit_tryhelp | ( | int | status | ) |
References program_name.
Referenced by do_command(), do_command4(), do_command6(), do_commandarp(), do_commandx(), exit_error(), ip6tables_exit_error(), iptables_exit_error(), and xtables_exit_error().
| struct arptables_match* find_match | ( | const char * | name, |
| enum arpt_tryload | tryload | ||
| ) |
References DONT_LOAD, exit_error(), LOAD_MUST_SUCCEED, arptables_match::loaded, arptables_match::name, arptables_match::next, NULL, PARAMETER_PROBLEM, and arptables_match::used.
Referenced by do_command(), and register_match().
| struct arptables_target* find_target | ( | const char * | name, |
| enum arpt_tryload | tryload | ||
| ) |
References ARPTC_LABEL_ACCEPT, ARPTC_LABEL_DROP, ARPTC_LABEL_QUEUE, ARPTC_LABEL_RETURN, DONT_LOAD, exit_error(), LOAD_MUST_SUCCEED, arptables_target::loaded, arptables_target::name, arptables_target::next, NULL, PARAMETER_PROBLEM, and arptables_target::used.
Referenced by do_command(), and register_target().
| int flush_entries | ( | const arpt_chainlabel | chain, |
| int | verbose, | ||
| arptc_handle_t * | handle | ||
| ) |
References arptc_flush_entries(), flush_entries(), and for_each_chain().
Referenced by do_command(), and flush_entries().
| int for_each_chain | ( | int(*)(const arpt_chainlabel, int, arptc_handle_t *) | fn, |
| int | verbose, | ||
| int | builtinstoo, | ||
| arptc_handle_t * | handle | ||
| ) |
References arptc_builtin(), arptc_first_chain(), and arptc_next_chain().
Referenced by delete_chain(), and flush_entries().
| int get16_and_mask | ( | char * | from, |
| uint16_t * | to, | ||
| uint16_t * | mask, | ||
| int | base | ||
| ) |
| int getlength_and_mask | ( | char * | from, |
| uint8_t * | to, | ||
| uint8_t * | mask | ||
| ) |
| int getmac_and_mask | ( | char * | from, |
| char * | to, | ||
| char * | mask | ||
| ) |
References ETH_ALEN, mac_type_broadcast, mac_type_multicast, mac_type_unicast, msk_type_broadcast, msk_type_multicast, msk_type_unicast, and NULL.
Referenced by do_command(), and do_commandarp().
| char* mask_to_dotted | ( | const struct in_addr * | mask | ) |
References dotted_to_addr(), exit_error(), NULL, and PARAMETER_PROBLEM.
Referenced by parse_hostnetworkmask().
| void parse_hostnetworkmask | ( | const char * | name, |
| struct in_addr ** | addrpp, | ||
| struct in_addr * | maskp, | ||
| unsigned int * | naddrs | ||
| ) |
References buf, NULL, and parse_hostnetwork().
Referenced by do_command(), and do_commandarp().
| void print_mac | ( | const unsigned char * | mac, |
| int | l | ||
| ) |
| void register_match | ( | struct arptables_match * | me | ) |
References ARPT_ALIGN, DONT_LOAD, find_match(), arptables_match::m, arptables_match::mflags, arptables_match::name, arptables_match::next, NULL, program_name, program_version, arptables_match::size, and arptables_match::version.
| void register_target | ( | struct arptables_target * | me | ) |
References ARPT_ALIGN, arptables_targets, DONT_LOAD, find_target(), arptables_target::name, arptables_target::next, NULL, program_name, program_version, arptables_target::size, arptables_target::t, arptables_target::tflags, and arptables_target::version.
| struct arptables_match* arptables_matches = NULL |
| struct arptables_target* arptables_targets = NULL |
Referenced by register_target().
Referenced by getmac_and_mask().
Referenced by getmac_and_mask().
Referenced by getmac_and_mask().
Referenced by getmac_and_mask().
Referenced by getmac_and_mask().
Referenced by getmac_and_mask().
| const char* program_name |
Referenced by do_command(), exit_error(), exit_printhelp(), exit_tryhelp(), main(), parse_commandline(), register_match(), and register_target().
| const char* program_version = ARPTABLES_VERSION |
Referenced by do_command(), exit_error(), exit_printhelp(), parse_commandline(), register_match(), and register_target().
| int RUNTIME_NF_ARP_NUMHOOKS = 3 |
Referenced by do_command(), TC_BUILTIN(), and TC_INIT().
1.8.8 
