netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
Data Structures | Macros | Functions | Variables
libebtc.c File Reference
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include "include/ebtables_u.h"
#include "include/ethernetdb.h"
#include <unistd.h>
#include <fcntl.h>
#include <sys/wait.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <errno.h>
Include dependency graph for libebtc.c:

Data Structures

struct  ebt_u_stack
 

Macros

#define LOCKDIR   "/var/lib/ebtables"
 
#define LOCKFILE   LOCKDIR"/lock"
 
#define OPT_COUNT   0x1000 /* This value is also defined in ebtables.c */
 

Functions

struct ebt_u_targetebt_find_target (const char *name)
 
struct ebt_u_matchebt_find_match (const char *name)
 
struct ebt_u_watcherebt_find_watcher (const char *name)
 
struct ebt_u_tableebt_find_table (const char *name)
 
void ebt_list_extensions ()
 
void unlock_file ()
 
void __attribute__ ((destructor))
 
int ebt_get_kernel_table (struct ebt_u_replace *replace, int init)
 
void ebt_initialize_entry (struct ebt_u_entry *e)
 
void ebt_cleanup_replace (struct ebt_u_replace *replace)
 
void ebt_reinit_extensions ()
 
void ebt_free_u_entry (struct ebt_u_entry *e)
 
int ebtables_insmod (const char *modname)
 
struct ebt_u_entriesebt_name_to_chain (const struct ebt_u_replace *replace, const char *arg)
 
int ebt_get_chainnr (const struct ebt_u_replace *replace, const char *arg)
 
void ebt_change_policy (struct ebt_u_replace *replace, int policy)
 
void ebt_delete_cc (struct ebt_cntchanges *cc)
 
void ebt_empty_chain (struct ebt_u_entries *entries)
 
void ebt_flush_chains (struct ebt_u_replace *replace)
 
int ebt_check_rule_exists (struct ebt_u_replace *replace, struct ebt_u_entry *new_entry)
 
void ebt_add_rule (struct ebt_u_replace *replace, struct ebt_u_entry *new_entry, int rule_nr)
 
void ebt_delete_rule (struct ebt_u_replace *replace, struct ebt_u_entry *new_entry, int begin, int end)
 
void ebt_change_counters (struct ebt_u_replace *replace, struct ebt_u_entry *new_entry, int begin, int end, struct ebt_counter *cnt, int mask)
 
void ebt_zero_counters (struct ebt_u_replace *replace)
 
void ebt_new_chain (struct ebt_u_replace *replace, const char *name, int policy)
 
void ebt_delete_chain (struct ebt_u_replace *replace)
 
void ebt_rename_chain (struct ebt_u_replace *replace, const char *name)
 
void ebt_double_chains (struct ebt_u_replace *replace)
 
void ebt_do_final_checks (struct ebt_u_replace *replace, struct ebt_u_entry *e, struct ebt_u_entries *entries)
 
int ebt_check_for_references (struct ebt_u_replace *replace, int print_err)
 
int ebt_check_for_references2 (struct ebt_u_replace *replace, int chain_nr, int print_err)
 
void ebt_check_for_loops (struct ebt_u_replace *replace)
 
void ebt_add_match (struct ebt_u_entry *new_entry, struct ebt_u_match *m)
 
void ebt_add_watcher (struct ebt_u_entry *new_entry, struct ebt_u_watcher *w)
 
void ebt_register_match (struct ebt_u_match *m)
 
void ebt_register_watcher (struct ebt_u_watcher *w)
 
void ebt_register_target (struct ebt_u_target *t)
 
void ebt_register_table (struct ebt_u_table *t)
 
void ebt_iterate_matches (void(*f)(struct ebt_u_match *))
 
void ebt_iterate_watchers (void(*f)(struct ebt_u_watcher *))
 
void ebt_iterate_targets (void(*f)(struct ebt_u_target *))
 
void __ebt_print_bug (char *file, int line, char *format,...)
 
void __ebt_print_error (char *format,...)
 

Variables

const char * ebt_hooknames [NF_BR_NUMHOOKS]
 
const char * ebt_standard_targets [NUM_STANDARD_TARGETS]
 
struct ebt_u_tableebt_tables
 
struct ebt_u_matchebt_matches
 
struct ebt_u_watcherebt_watchers
 
struct ebt_u_targetebt_targets
 
int use_lockfd
 
char * ebt_modprobe
 
char ebt_errormsg [ERRORMSG_MAXLEN]
 
int ebt_silent
 

Macro Definition Documentation

#define LOCKDIR   "/var/lib/ebtables"
#define LOCKFILE   LOCKDIR"/lock"

Referenced by ebt_get_kernel_table(), and unlock_file().

#define OPT_COUNT   0x1000 /* This value is also defined in ebtables.c */

Referenced by ebt_check_rule_exists().

Function Documentation

void __attribute__ ( (destructor)  )

References unlock_file(), and use_lockfd.

Here is the call graph for this function:

void __ebt_print_bug ( char *  file,
int  line,
char *  format,
  ... 
)

References PROGNAME.

void __ebt_print_error ( char *  format,
  ... 
)

References ERRORMSG_MAXLEN.

void ebt_add_match ( struct ebt_u_entry new_entry,
struct ebt_u_match m 
)

References ebt_print_memory, ebt_u_entry::m_list, ebt_u_match_list::next, and NULL.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_add_rule ( struct ebt_u_replace replace,
struct ebt_u_entry new_entry,
int  rule_nr 
)

References ebt_u_replace::cc, ebt_u_entry::cc, ebt_u_replace::chains, ebt_cntchanges::change, CNT_ADD, ebt_u_entries::counter_offset, ebt_print_error, ebt_print_memory, ebt_to_chain, ebt_u_entries::entries, entries, ebt_u_match_list::m, ebt_u_entry::m_list, ebt_u_entries::nentries, ebt_u_replace::nentries, ebt_cntchanges::next, ebt_u_match_list::next, ebt_u_watcher_list::next, ebt_u_entry::next, ebt_u_replace::num_chains, ebt_cntchanges::prev, ebt_u_entry::prev, ebt_u_replace::selected_chain, ebt_u_entry::t, ebt_cntchanges::type, ebt_u_watcher_list::w, and ebt_u_entry::w_list.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_add_watcher ( struct ebt_u_entry new_entry,
struct ebt_u_watcher w 
)

References ebt_print_memory, ebt_u_watcher_list::next, NULL, and ebt_u_entry::w_list.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_change_counters ( struct ebt_u_replace replace,
struct ebt_u_entry new_entry,
int  begin,
int  end,
struct ebt_counter cnt,
int  mask 
)

References ebt_counter::bcnt, ebt_u_entry::cc, ebt_cntchanges::change, ebt_u_entry::cnt, CNT_ADD, CNT_CHANGE, CNT_NORM, ebt_u_entry::cnt_surplus, ebt_print_bug, ebt_to_chain, ebt_u_entries::entries, mask, ebt_u_entry::next, ebt_counter::pcnt, and ebt_cntchanges::type.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_change_policy ( struct ebt_u_replace replace,
int  policy 
)

References EBT_CONTINUE, ebt_print_bug, ebt_to_chain, entries, NUM_STANDARD_TARGETS, and ebt_u_entries::policy.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_check_for_loops ( struct ebt_u_replace replace)

References ebt_u_stack::chain_nr, ebt_u_replace::chains, ebt_u_stack::e, ebt_print_error, ebt_print_memory, EBT_STANDARD_TARGET, ebt_u_entries::entries, entries, ebt_u_stack::entries, ebt_u_entries::hook_mask, ebt_u_stack::n, ebt_u_entries::name, ebt_entry_target::name, ebt_u_entries::nentries, ebt_u_entry::next, NF_BR_NUMHOOKS, NULL, ebt_u_replace::num_chains, ebt_u_entry::t, ebt_entry_target::u, and verdict.

Referenced by do_command().

Here is the caller graph for this function:

int ebt_check_for_references ( struct ebt_u_replace replace,
int  print_err 
)
int ebt_check_for_references2 ( struct ebt_u_replace replace,
int  chain_nr,
int  print_err 
)

References ebt_u_replace::selected_chain.

int ebt_check_rule_exists ( struct ebt_u_replace replace,
struct ebt_u_entry new_entry 
)

References ebt_counter::bcnt, ebt_u_entry::bitmask, ebt_u_entry::cnt, ebt_u_match::compare, ebt_u_watcher::compare, ebt_u_target::compare, ebt_u_entry::destmac, EBT_DESTMAC, EBT_SOURCEMAC, ebt_to_chain, entries, ETH_ALEN, ebt_u_entry::ethproto, ebt_u_replace::flags, ebt_u_entry::in, ebt_u_entry::invflags, ebt_u_entry::logical_in, ebt_u_entry::logical_out, ebt_u_match_list::m, ebt_u_match::m, ebt_u_entry::m_list, ebt_entry_match::name, ebt_entry_watcher::name, ebt_entry_target::name, ebt_u_match_list::next, ebt_u_watcher_list::next, ebt_u_entry::next, OPT_COUNT, ebt_u_entry::out, ebt_counter::pcnt, ebt_u_entry::sourcemac, ebt_u_entry::t, ebt_u_target::t, ebt_entry_match::u, ebt_entry_watcher::u, ebt_entry_target::u, ebt_u_watcher_list::w, ebt_u_watcher::w, and ebt_u_entry::w_list.

void ebt_cleanup_replace ( struct ebt_u_replace replace)

References ebt_u_replace::cc, ebt_u_replace::chains, ebt_u_replace::command, ebt_u_replace::counters, ebt_free_u_entry(), ebt_u_entries::entries, entries, ebt_u_replace::filename, ebt_u_replace::flags, ebt_u_replace::name, ebt_u_replace::nentries, ebt_cntchanges::next, ebt_u_entry::next, NULL, ebt_u_replace::num_chains, ebt_u_replace::num_counters, ebt_cntchanges::prev, ebt_u_replace::selected_chain, and ebt_u_replace::valid_hooks.

Referenced by main().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_delete_cc ( struct ebt_cntchanges cc)

References CNT_ADD, CNT_DEL, ebt_cntchanges::next, ebt_cntchanges::prev, and ebt_cntchanges::type.

Referenced by ebt_delete_rule(), and ebt_empty_chain().

Here is the caller graph for this function:

void ebt_delete_chain ( struct ebt_u_replace replace)

References ebt_print_bug, NF_BR_NUMHOOKS, and ebt_u_replace::selected_chain.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_delete_rule ( struct ebt_u_replace replace,
struct ebt_u_entry new_entry,
int  begin,
int  end 
)

References ebt_u_entry::cc, ebt_u_replace::chains, ebt_u_entries::counter_offset, ebt_delete_cc(), ebt_free_u_entry(), ebt_to_chain, ebt_u_entries::entries, ebt_u_entries::nentries, ebt_u_replace::nentries, ebt_u_entry::next, ebt_u_entry::prev, and ebt_u_replace::selected_chain.

Referenced by do_command().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_do_final_checks ( struct ebt_u_replace replace,
struct ebt_u_entry e,
struct ebt_u_entries entries 
)

References ebt_errormsg, ebt_find_match(), ebt_find_target(), ebt_find_watcher(), ebt_u_match::final_check, ebt_u_watcher::final_check, ebt_u_target::final_check, ebt_u_entries::hook_mask, ebt_u_match_list::m, ebt_u_match::m, ebt_u_entry::m_list, ebt_u_replace::name, ebt_entry_match::name, ebt_entry_watcher::name, ebt_entry_target::name, ebt_u_match_list::next, ebt_u_watcher_list::next, ebt_u_entry::t, ebt_u_target::t, ebt_entry_match::u, ebt_entry_watcher::u, ebt_entry_target::u, ebt_u_watcher_list::w, ebt_u_watcher::w, and ebt_u_entry::w_list.

Referenced by do_command().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_double_chains ( struct ebt_u_replace replace)

References ebt_u_replace::chains, ebt_print_memory, and ebt_u_replace::max_chains.

Referenced by ebt_new_chain().

Here is the caller graph for this function:

void ebt_empty_chain ( struct ebt_u_entries entries)

References ebt_u_entry::cc, ebt_delete_cc(), ebt_free_u_entry(), ebt_u_entries::entries, ebt_u_entries::nentries, ebt_u_entry::next, and ebt_u_entry::prev.

Referenced by ebt_flush_chains().

Here is the call graph for this function:

Here is the caller graph for this function:

struct ebt_u_match* ebt_find_match ( const char *  name)

References ebt_matches, ebt_u_match::m, ebt_u_match::name, and ebt_u_match::next.

Referenced by do_command(), and ebt_do_final_checks().

Here is the caller graph for this function:

struct ebt_u_table* ebt_find_table ( const char *  name)

References ebt_tables, ebt_u_table::name, and ebt_u_table::next.

Referenced by do_command(), and ebt_get_kernel_table().

Here is the caller graph for this function:

struct ebt_u_target* ebt_find_target ( const char *  name)

References ebt_targets, ebt_u_target::name, ebt_u_target::next, and ebt_u_target::t.

Referenced by do_command(), ebt_do_final_checks(), and ebt_initialize_entry().

Here is the caller graph for this function:

struct ebt_u_watcher* ebt_find_watcher ( const char *  name)

References ebt_watchers, ebt_u_watcher::name, ebt_u_watcher::next, and ebt_u_watcher::w.

Referenced by do_command(), and ebt_do_final_checks().

Here is the caller graph for this function:

void ebt_flush_chains ( struct ebt_u_replace replace)

References ebt_u_replace::chains, ebt_u_entries::counter_offset, ebt_empty_chain(), ebt_to_chain, entries, ebt_u_entries::nentries, ebt_u_replace::nentries, ebt_u_replace::num_chains, and ebt_u_replace::selected_chain.

Referenced by do_command().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_free_u_entry ( struct ebt_u_entry e)

References ebt_u_match_list::m, ebt_u_entry::m_list, ebt_u_match_list::next, ebt_u_watcher_list::next, ebt_u_entry::t, ebt_u_watcher_list::w, and ebt_u_entry::w_list.

Referenced by ebt_cleanup_replace(), ebt_delete_rule(), and ebt_empty_chain().

Here is the caller graph for this function:

int ebt_get_chainnr ( const struct ebt_u_replace replace,
const char *  arg 
)

References ebt_u_replace::chains, ebt_u_entries::name, and ebt_u_replace::num_chains.

Referenced by do_command(), and main().

Here is the caller graph for this function:

int ebt_get_kernel_table ( struct ebt_u_replace replace,
int  init 
)

References ebt_errormsg, ebt_find_table(), ebt_get_table(), ebt_print_error, ebt_print_error2, ebtables_insmod(), LOCKFILE, ebt_u_replace::name, and use_lockfd.

Referenced by do_command(), and main().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_initialize_entry ( struct ebt_u_entry e)

References ebt_counter::bcnt, ebt_u_entry::bitmask, ebt_u_entry::cnt, ebt_u_entry::cnt_surplus, EBT_CONTINUE, ebt_find_target(), EBT_NOPROTO, ebt_print_bug, EBT_STANDARD_TARGET, ebt_u_entry::ethproto, ebt_u_entry::in, ebt_u_entry::invflags, ebt_u_entry::logical_in, ebt_u_entry::logical_out, ebt_u_entry::m_list, NULL, ebt_u_entry::out, ebt_counter::pcnt, ebt_u_entry::t, ebt_u_target::used, and ebt_u_entry::w_list.

Referenced by do_command().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_iterate_matches ( void(*)(struct ebt_u_match *)  f)

References ebt_u_match::next.

Referenced by ebt_early_init_once().

Here is the caller graph for this function:

void ebt_iterate_targets ( void(*)(struct ebt_u_target *)  f)

References ebt_u_target::next.

Referenced by ebt_early_init_once().

Here is the caller graph for this function:

void ebt_iterate_watchers ( void(*)(struct ebt_u_watcher *)  f)

References ebt_u_watcher::next.

Referenced by ebt_early_init_once().

Here is the caller graph for this function:

void ebt_list_extensions ( )

References ebt_matches, ebt_tables, ebt_targets, ebt_watchers, ebt_u_match::m, ebt_u_table::name, ebt_u_match::name, ebt_u_watcher::name, ebt_u_target::name, ebt_u_table::next, ebt_u_match::next, ebt_u_watcher::next, ebt_u_target::next, PRINT_VERSION, ebt_u_target::t, and ebt_u_watcher::w.

Referenced by do_command().

Here is the caller graph for this function:

struct ebt_u_entries* ebt_name_to_chain ( const struct ebt_u_replace replace,
const char *  arg 
)

References ebt_u_replace::chains, ebt_u_entries::name, NULL, and ebt_u_replace::num_chains.

void ebt_new_chain ( struct ebt_u_replace replace,
const char *  name,
int  policy 
)

References ebt_u_replace::chains, ebt_double_chains(), ebt_print_memory, ebt_u_replace::max_chains, ebt_u_entries::nentries, ebt_u_replace::nentries, new, NULL, ebt_u_replace::num_chains, and ebt_u_entries::policy.

Referenced by do_command(), and main().

Here is the call graph for this function:

Here is the caller graph for this function:

void ebt_register_match ( struct ebt_u_match m)

References EBT_ALIGN, ebt_print_memory, ebt_u_match::init, ebt_u_match::m, ebt_entry_match::match_size, ebt_entry_match::name, ebt_u_match::name, ebt_u_match::next, NULL, ebt_u_match::size, size, and ebt_entry_match::u.

Referenced by _init().

Here is the caller graph for this function:

void ebt_register_table ( struct ebt_u_table t)

References ebt_tables, and ebt_u_table::next.

Referenced by _init().

Here is the caller graph for this function:

void ebt_register_target ( struct ebt_u_target t)

References EBT_ALIGN, ebt_print_memory, ebt_u_target::init, ebt_entry_target::name, ebt_u_target::name, ebt_u_target::next, NULL, size, ebt_u_target::size, ebt_u_target::t, ebt_entry_target::target_size, and ebt_entry_target::u.

Referenced by _init().

Here is the caller graph for this function:

void ebt_register_watcher ( struct ebt_u_watcher w)

References EBT_ALIGN, ebt_print_memory, ebt_u_watcher::init, ebt_entry_watcher::name, ebt_u_watcher::name, ebt_u_watcher::next, NULL, ebt_u_watcher::size, size, ebt_entry_watcher::u, ebt_u_watcher::w, and ebt_entry_watcher::watcher_size.

Referenced by _init().

Here is the caller graph for this function:

void ebt_reinit_extensions ( )

References EBT_ALIGN, ebt_print_memory, ebt_u_match::flags, ebt_u_watcher::flags, ebt_u_target::flags, ebt_u_match::init, ebt_u_watcher::init, ebt_u_target::init, ebt_u_match::m, ebt_entry_match::match_size, ebt_entry_match::name, ebt_entry_watcher::name, ebt_entry_target::name, ebt_u_match::name, ebt_u_watcher::name, ebt_u_target::name, ebt_u_match::next, ebt_u_watcher::next, ebt_u_target::next, ebt_u_match::size, ebt_u_watcher::size, size, ebt_u_target::size, ebt_u_target::t, ebt_entry_target::target_size, ebt_entry_match::u, ebt_entry_watcher::u, ebt_entry_target::u, ebt_u_match::used, ebt_u_watcher::used, ebt_u_target::used, ebt_u_watcher::w, and ebt_entry_watcher::watcher_size.

Referenced by main().

Here is the caller graph for this function:

void ebt_rename_chain ( struct ebt_u_replace replace,
const char *  name 
)

References ebt_print_bug, ebt_to_chain, and ebt_u_entries::name.

Referenced by do_command().

Here is the caller graph for this function:

void ebt_zero_counters ( struct ebt_u_replace replace)

References ebt_counter::bcnt, ebt_u_entry::cc, ebt_u_replace::chains, ebt_cntchanges::change, ebt_u_entry::cnt, CNT_CHANGE, CNT_NORM, ebt_to_chain, ebt_u_entries::entries, ebt_u_entries::nentries, ebt_u_entry::next, ebt_u_replace::num_chains, ebt_counter::pcnt, and ebt_cntchanges::type.

Referenced by do_command().

Here is the caller graph for this function:

int ebtables_insmod ( const char *  modname)

References buf, and NULL.

Referenced by ebt_deliver_table(), and ebt_get_kernel_table().

Here is the caller graph for this function:

void unlock_file ( )

References LOCKFILE.

Referenced by __attribute__().

Here is the caller graph for this function:

Variable Documentation

char ebt_errormsg[ERRORMSG_MAXLEN]

Referenced by do_command(), ebt_do_final_checks(), ebt_get_kernel_table(), and main().

const char* ebt_hooknames[NF_BR_NUMHOOKS]
Initial value:
=
{
[NF_BR_PRE_ROUTING]"PREROUTING",
[NF_BR_LOCAL_IN]"INPUT",
[NF_BR_FORWARD]"FORWARD",
[NF_BR_LOCAL_OUT]"OUTPUT",
[NF_BR_POST_ROUTING]"POSTROUTING",
[NF_BR_BROUTING]"BROUTING"
}
NF_BR_POST_ROUTING
#define NF_BR_POST_ROUTING
Definition: netfilter_bridge.h:22
NF_BR_LOCAL_OUT
#define NF_BR_LOCAL_OUT
Definition: netfilter_bridge.h:20
NF_BR_PRE_ROUTING
#define NF_BR_PRE_ROUTING
Definition: netfilter_bridge.h:14
NF_BR_BROUTING
#define NF_BR_BROUTING
Definition: netfilter_bridge.h:24
NF_BR_FORWARD
#define NF_BR_FORWARD
Definition: netfilter_bridge.h:18
NF_BR_LOCAL_IN
#define NF_BR_LOCAL_IN
Definition: netfilter_bridge.h:16
struct ebt_u_match* ebt_matches

Referenced by do_command(), ebt_find_match(), and ebt_list_extensions().

char* ebt_modprobe

Referenced by do_command().

int ebt_silent

Referenced by main().

const char* ebt_standard_targets[NUM_STANDARD_TARGETS]
Initial value:
=
{
"ACCEPT",
"DROP",
"CONTINUE",
"RETURN",
}

Referenced by do_command(), and main().

struct ebt_u_table* ebt_tables

Referenced by ebt_find_table(), ebt_list_extensions(), and ebt_register_table().

struct ebt_u_target* ebt_targets

Referenced by ebt_find_target(), and ebt_list_extensions().

struct ebt_u_watcher* ebt_watchers

Referenced by do_command(), ebt_find_watcher(), and ebt_list_extensions().

int use_lockfd

Referenced by __attribute__(), do_command(), and ebt_get_kernel_table().