1 /* Shared library add-on to iptables to add IP pool mangling target. */
10 #include <linux/netfilter_ipv4/ip_tables.h>
11 #include <linux/netfilter_ipv4/ip_nat_rule.h>
12 #include <linux/netfilter_ipv4/ip_pool.h>
13 #include <linux/netfilter_ipv4/ipt_pool.h>
15 #include <libippool/ip_pool_support.h>
18 #define ip_pool_init ip_POOL_init
19 #define ip_pool_get_index ip_POOL_get_index
20 #define ip_pool_get_name ip_POOL_get_name
21 #include "../ippool/libippool.c"
23 /* Function which prints out usage message. */
29 " --add-srcip <pool>\n"
30 " --del-srcip <pool>\n"
31 " --add-dstip <pool>\n"
32 " --del-dstip <pool>\n"
33 " add/del src/dst IP from pool.\n\n",
37 static struct option opts[] = {
38 { "add-srcip", 1, 0, '1' },
39 { "del-srcip", 1, 0, '2' },
40 { "add-dstip", 1, 0, '3' },
41 { "del-dstip", 1, 0, '4' },
45 /* Initialize the target. */
47 init(struct ipt_entry_target *target, unsigned int *nfcache)
49 struct ipt_pool_info *ipi = (struct ipt_pool_info *) target->data;
51 ipi->src = ipi->dst = IP_POOL_NONE;
54 /* Can't cache this */
55 *nfcache |= NFC_UNKNOWN;
58 /* Function which parses command options; returns true if it
61 parse(int c, char **argv, int invert, unsigned int *flags,
62 const struct ipt_entry *entry,
63 struct ipt_entry_target **target)
65 struct ipt_pool_info *ipi = (struct ipt_pool_info *) (*target)->data;
67 case '1': /* --add-srcip <pool> */
68 ipi->src = ip_pool_get_index(optarg);
69 ipi->flags &= ~IPT_POOL_DEL_SRC;
71 case '2': /* --del-srcip <pool> */
72 ipi->src = ip_pool_get_index(optarg);
73 ipi->flags |= IPT_POOL_DEL_SRC;
75 case '3': /* --add-dstip <pool> */
76 ipi->dst = ip_pool_get_index(optarg);
77 ipi->flags &= ~IPT_POOL_DEL_DST;
79 case '4': /* --del-dstip <pool> */
80 ipi->dst = ip_pool_get_index(optarg);
81 ipi->flags |= IPT_POOL_DEL_DST;
89 /* Final check; don't care. */
90 static void final_check(unsigned int flags)
94 /* Prints out the targinfo. */
96 print(const struct ipt_ip *ip,
97 const struct ipt_entry_target *target,
101 struct ipt_pool_info *ipi = (struct ipt_pool_info *) target->data;
104 if (ipi->src != IP_POOL_NONE) {
105 printf(" --%s-srcip %s",
106 (ipi->flags & IPT_POOL_DEL_SRC) ? "del" : "add",
107 ip_pool_get_name(buf, sizeof(buf), ipi->src, numeric));
109 if (ipi->dst != IP_POOL_NONE) {
110 printf(" --%s-dstip %s",
111 (ipi->flags & IPT_POOL_DEL_DST) ? "del" : "add",
112 ip_pool_get_name(buf, sizeof(buf), ipi->dst, numeric));
116 /* Saves the union ipt_targinfo in parsable form to stdout. */
118 save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
121 struct ipt_pool_info *ipi = (struct ipt_pool_info *) target->data;
124 if (ipi->src != IP_POOL_NONE) {
125 printf(" --%s-srcip %s",
126 (ipi->flags & IPT_POOL_DEL_SRC) ? "del" : "add",
127 ip_pool_get_name(buf, sizeof(buf), ipi->src, 0));
129 if (ipi->dst != IP_POOL_NONE) {
130 printf(" --%s-dstip %s",
131 (ipi->flags & IPT_POOL_DEL_DST) ? "del" : "add",
132 ip_pool_get_name(buf, sizeof(buf), ipi->dst, 0));
137 struct iptables_target ipt_pool_target
141 IPT_ALIGN(sizeof(struct ipt_pool_info)),
142 IPT_ALIGN(sizeof(struct ipt_pool_info)),
154 register_target(&ipt_pool_target);