 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
#include <assert.h>#include <endian.h>#include <errno.h>#include <setjmp.h>#include <stdio.h>#include <stdarg.h>#include <stdlib.h>#include <string.h>#include <unistd.h>#include <net/ethernet.h>#include <net/if.h>#include <libipset/compat.h>#include <libipset/debug.h>#include <libipset/data.h>#include <libipset/errcode.h>#include <libipset/print.h>#include <libipset/types.h>#include <libipset/transport.h>#include <libipset/mnl.h>#include <libipset/utils.h>#include <libipset/ui.h>#include <libipset/session.h>
Data Structures | |
| struct | ipset_session |
| struct | ipset_attr_policy |
Macros | |
| #define | IPSET_NEST_MAX 4 |
| #define | FAILURE(format, args...) { ipset_err(session, format , ## args); return MNL_CB_ERROR; } |
| #define | ATTR2DATA(session, nla, type, attrs) |
| #define | FAMILY_TO_STR(f) |
| #define | IPSET_PROTOCOL_MIN IPSET_PROTOCOL |
| #define | IPSET_PROTOCOL_MAX IPSET_PROTOCOL |
| #define | BUFFER_FULL(bufsize, nlmsg_len, nestlen, attrlen) |
| #define | ADDATTR_PROTOCOL(nlh) mnl_attr_put_u8(nlh, IPSET_ATTR_PROTOCOL, IPSET_PROTOCOL) |
| #define | ADDATTR(session, nlh, data, type, family, attrs) data2attr(session, nlh, data, type, family, attrs) |
| #define | ADDATTR_SETNAME(session, nlh, data) |
| #define | ADDATTR_IF(session, nlh, data, type, family, attrs) |
| #define | ADDATTR_RAW(session, nlh, data, type, attrs) rawdata2attr(session, nlh, data, type, NFPROTO_IPV4, attrs) |
| #define | PRIVATE_MSG_BUFLEN 256 |
Functions | |
| struct ipset_data * | ipset_session_data (const struct ipset_session *session) |
| ipset_session_data - return pointer to the data : session structure More... | |
| struct ipset_handle * | ipset_session_handle (const struct ipset_session *session) |
| ipset_session_handle - return pointer to the handle : session structure More... | |
| const struct ipset_type * | ipset_saved_type (const struct ipset_session *session) |
| ipset_saved_type - return pointer to the saved type : session structure More... | |
| void | ipset_session_lineno (struct ipset_session *session, uint32_t lineno) |
| ipset_session_lineno - set session lineno : session structure More... | |
| int | ipset_envopt_parse (struct ipset_session *session, int opt, const char *arg UNUSED) |
| ipset_envopt_parse - parse/set environment option : session structure : environment option More... | |
| bool | ipset_envopt_test (struct ipset_session *session, enum ipset_envopt opt) |
| ipset_envopt_test - test environment option : session structure : environment option More... | |
| int | ipset_session_output (struct ipset_session *session, enum ipset_output_mode mode) |
| ipset_session_output - set the session output mode : session structure : output mode More... | |
| int | __attribute__ ((format(printf, 3, 4))) |
| ipset_session_report - fill the report buffer : session structure : report type : message format More... | |
| void | ipset_session_report_reset (struct ipset_session *session) |
| ipset_session_reset - reset the report buffer : session structure More... | |
| const char * | ipset_session_error (const struct ipset_session *session) |
| ipset_session_error - return the report buffer as error : session structure More... | |
| const char * | ipset_session_warning (const struct ipset_session *session) |
| ipset_session_warning - return the report buffer as warning : session structure More... | |
| int | ipset_commit (struct ipset_session *session) |
| ipset_commit - commit buffered commands : session structure More... | |
| int | ipset_cmd (struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno) |
| ipset_cmd - execute a command : session structure : command to execute : command line number in restore mode More... | |
| int | ipset_session_outfn (struct ipset_session *session, ipset_outfn outfn) |
| ipset_session_outfn - set session output printing function More... | |
| struct ipset_session * | ipset_session_init (ipset_outfn outfn) |
| ipset_session_init - initialize an ipset session More... | |
| int | ipset_session_fini (struct ipset_session *session) |
| ipset_session_fini - destroy an ipset session : session structure More... | |
| #define ADDATTR | ( | session, | |
| nlh, | |||
| data, | |||
| type, | |||
| family, | |||
| attrs | |||
| ) | data2attr(session, nlh, data, type, family, attrs) |
| #define ADDATTR_PROTOCOL | ( | nlh | ) | mnl_attr_put_u8(nlh, IPSET_ATTR_PROTOCOL, IPSET_PROTOCOL) |
| #define ADDATTR_RAW | ( | session, | |
| nlh, | |||
| data, | |||
| type, | |||
| attrs | |||
| ) | rawdata2attr(session, nlh, data, type, NFPROTO_IPV4, attrs) |
| #define ATTR2DATA | ( | session, | |
| nla, | |||
| type, | |||
| attrs | |||
| ) |
| #define BUFFER_FULL | ( | bufsize, | |
| nlmsg_len, | |||
| nestlen, | |||
| attrlen | |||
| ) |
| #define FAILURE | ( | format, | |
| args... | |||
| ) | { ipset_err(session, format , ## args); return MNL_CB_ERROR; } |
| #define FAMILY_TO_STR | ( | f | ) |
| #define IPSET_NEST_MAX 4 |
| #define IPSET_PROTOCOL_MAX IPSET_PROTOCOL |
| #define IPSET_PROTOCOL_MIN IPSET_PROTOCOL |
| #define PRIVATE_MSG_BUFLEN 256 |
| int __attribute__ | ( | (format(printf, 3, 4)) | ) |
ipset_session_report - fill the report buffer : session structure : report type : message format
Fill the report buffer with an error or warning message. Depending on the report type, set the error or warning message pointer.
Returns -1.
References ipset_type::args, IPSET_ERROR, IPSET_ERRORBUFLEN, len, and NULL.
| int ipset_cmd | ( | struct ipset_session * | session, |
| enum ipset_cmd | cmd, | ||
| uint32_t | lineno | ||
| ) |
ipset_cmd - execute a command : session structure : command to execute : command line number in restore mode
Execute - or prepare/buffer in restore mode - a command. It is the caller responsibility that the data field be filled out with all required parameters for a successful execution. The data field is cleared after this function call for the public commands.
Returns 0 on success or a negative error code.
References ipset_session::cmd, D, ipset_session::data, data, ipset_session::handle, IPSET_CMD_ADD, IPSET_CMD_DEL, IPSET_CMD_HEADER, IPSET_CMD_LIST, IPSET_CMD_PROTOCOL, IPSET_CMD_SAVE, IPSET_CMD_TYPE, ipset_commit(), ipset_data_get(), ipset_data_reset(), ipset_data_setname(), ipset_err, IPSET_LIST_NONE, IPSET_LIST_PLAIN, IPSET_LIST_SAVE, IPSET_LIST_XML, IPSET_MSG_MAX, IPSET_OPT_TYPE, ipset_session::lineno, lineno, ipset_session::mode, NULL, ipset_session::saved_setname, ipset_session::saved_type, and ipset_session::version_checked.
| int ipset_commit | ( | struct ipset_session * | session | ) |
ipset_commit - commit buffered commands : session structure
Commit buffered commands, if there are any.
Returns 0 on success or a negative error code.
References ipset_session::buffer, ipset_session::bufsize, ipset_session::cmd, D, ipset_session::handle, ipset_err, ipset_session::nested, ipset_session::nestid, nlh, nlmsghdr::nlmsg_len, NULL, ipset_session::printed_set, ipset_transport::query, ipset_session::report, ipset_session::saved_setname, and ipset_session::transport.
Referenced by ipset_cmd().
| int ipset_envopt_parse | ( | struct ipset_session * | session, |
| int | opt, | ||
| const char *arg | UNUSED | ||
| ) |
ipset_envopt_parse - parse/set environment option : session structure : environment option
Parse and set an environment option.
Returns 0 on success or a negative error code.
References ipset_session::envopts, IPSET_ENV_EXIST, IPSET_ENV_LIST_HEADER, IPSET_ENV_LIST_SETNAME, IPSET_ENV_QUIET, IPSET_ENV_RESOLVE, IPSET_ENV_SORTED, and opt.
| bool ipset_envopt_test | ( | struct ipset_session * | session, |
| enum ipset_envopt | opt | ||
| ) |
ipset_envopt_test - test environment option : session structure : environment option
Test whether the environment option is set in the session.
Returns true or false.
References ipset_session::envopts, and opt.
Referenced by parse_commandline().
| const struct ipset_type* ipset_saved_type | ( | const struct ipset_session * | session | ) |
ipset_saved_type - return pointer to the saved type : session structure
Returns the pointer to the saved type from the last ipset_cmd It is required to decode type-specific error codes in restore mode.
References ipset_session::saved_type.
Referenced by ipset_errcode().
| struct ipset_data* ipset_session_data | ( | const struct ipset_session * | session | ) |
ipset_session_data - return pointer to the data : session structure
Returns the pointer to the data structure of the session.
References ipset_session::data.
Referenced by ipset_call_parser(), ipset_parse_after(), ipset_parse_before(), ipset_parse_comment(), ipset_parse_family(), ipset_parse_iface(), ipset_parse_ignored(), ipset_parse_ip4_net6(), ipset_parse_ip4_single6(), ipset_parse_iptimeout(), ipset_parse_name_compat(), ipset_parse_netmask(), ipset_parse_proto_port(), ipset_parse_skbmark(), ipset_parse_skbprio(), ipset_parse_tcp_udp_port(), ipset_type_check(), and ipset_type_get().
| const char* ipset_session_error | ( | const struct ipset_session * | session | ) |
ipset_session_error - return the report buffer as error : session structure
Return the pointer to the report buffer as an error report. If there is no error message in the buffer, NULL returned.
References ipset_session::errmsg.
| int ipset_session_fini | ( | struct ipset_session * | session | ) |
ipset_session_fini - destroy an ipset session : session structure
Destroy an ipset session: release the created structures.
Returns 0 on success or a negative error code.
References ipset_session::data, ipset_transport::fini, ipset_session::handle, ipset_cache_fini(), ipset_data_fini(), and ipset_session::transport.
Referenced by main().
| struct ipset_handle* ipset_session_handle | ( | const struct ipset_session * | session | ) |
ipset_session_handle - return pointer to the handle : session structure
Returns the pointer to the transport handle structure of the session.
References ipset_session::handle.
| struct ipset_session* ipset_session_init | ( | ipset_outfn | outfn | ) |
ipset_session_init - initialize an ipset session
Initialize an ipset session by allocating a session structure and filling out with the initialization data.
Returns the created session sctructure on success or NULL.
References ipset_session::buffer, ipset_session::bufsize, ipset_session::data, ipset_cache_init(), ipset_data_init(), ipset_mnl_transport, NULL, ipset_session::outfn, and ipset_session::transport.
Referenced by main().
| void ipset_session_lineno | ( | struct ipset_session * | session, |
| uint32_t | lineno | ||
| ) |
ipset_session_lineno - set session lineno : session structure
Set session lineno to report parser errors correctly.
References ipset_session::lineno, and lineno.
Referenced by parse_commandline().
| int ipset_session_outfn | ( | struct ipset_session * | session, |
| ipset_outfn | outfn | ||
| ) |
ipset_session_outfn - set session output printing function
Set the session printing function.
References ipset_session::outfn.
| int ipset_session_output | ( | struct ipset_session * | session, |
| enum ipset_output_mode | mode | ||
| ) |
ipset_session_output - set the session output mode : session structure : output mode
Set the output mode for the session.
Returns 0 on success or a negative error code.
References ipset_session::mode.
Referenced by ipset_parse_output().
| void ipset_session_report_reset | ( | struct ipset_session * | session | ) |
ipset_session_reset - reset the report buffer : session structure
Reset the report buffer, the error and warning pointers.
References ipset_session::errmsg, NULL, ipset_session::report, and ipset_session::warnmsg.
Referenced by ipset_parse_mark(), ipset_parse_port(), and parse_commandline().
| const char* ipset_session_warning | ( | const struct ipset_session * | session | ) |
ipset_session_warning - return the report buffer as warning : session structure
Return the pointer to the report buffer as a warning report. If there is no warning message in the buffer, NULL returned.
References ipset_session::warnmsg.
Referenced by parse_commandline().
1.8.8