X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=extensions%2Flibipt_ROUTE.c;h=360f9832b6742404c3cd7b11cd5062fea3c754c1;hb=6afea0b41dfbc3824956d11d960ad80097218feb;hp=1cb3e8924bf25450de3a52443aff0bdca921b44f;hpb=f7b70cf9e00324b89b02de213bcd0dde7044d035;p=iptables.git

diff --git a/extensions/libipt_ROUTE.c b/extensions/libipt_ROUTE.c
index 1cb3e89..360f983 100644
--- a/extensions/libipt_ROUTE.c
+++ b/extensions/libipt_ROUTE.c
@@ -1,6 +1,6 @@
 /* Shared library add-on to iptables to add ROUTE target support.
  * Author : Cedric de Launois, <delaunois@info.ucl.ac.be>
- * v 1.8 2003/06/24
+ * v 1.11 2004/11/23
  */
 
 #include <stdio.h>
@@ -15,19 +15,27 @@
 #include <linux/netfilter_ipv4/ip_tables.h>
 #include <linux/netfilter_ipv4/ipt_ROUTE.h>
 
+/* compile IPT_ROUTE_TEE support even if kernel headers are unpatched */
+#ifndef IPT_ROUTE_TEE
+#define IPT_ROUTE_TEE		0x02
+#endif
+
 /* Function which prints out usage message. */
 static void
 help(void)
 {
 	printf(
 "ROUTE target v%s options:\n"
-"    --oif   \tifname \t\tRoute the packet through `ifname' network interface\n"
-"    --iif   \tifname \t\tChange the packet's incoming interface to `ifname'\n"
-"    --gw    \tip     \t\tRoute the packet via this gateway\n"
-"    --continue\t     \t\tRoute the packet and continue traversing the\n"
-"            \t       \t\trules. Not valid with --iif.\n"
+"    --oif   \tifname \t\tRoute packet through `ifname' network interface\n"
+"    --iif   \tifname \t\tChange packet's incoming interface to `ifname'\n"
+"    --gw    \tip     \t\tRoute packet via this gateway `ip'\n"
+"    --continue\t     \t\tRoute packet and continue traversing the\n"
+"            \t       \t\trules. Not valid with --iif or --tee.\n"
+"    --tee\t  \t\tDuplicate packet, route the duplicate,\n"
+"            \t       \t\tcontinue traversing with original packet.\n"
+"            \t       \t\tNot valid with --iif or --continue.\n"
 "\n",
-"1.8");
+"1.11");
 }
 
 static struct option opts[] = {
@@ -35,6 +43,7 @@ static struct option opts[] = {
 	{ "iif", 1, 0, '2' },
 	{ "gw", 1, 0, '3' },
 	{ "continue", 0, 0, '4' },
+	{ "tee", 0, 0, '5' },
 	{ 0 }
 };
 
@@ -56,6 +65,7 @@ init(struct ipt_entry_target *t, unsigned int *nfcache)
 #define IPT_ROUTE_OPT_IIF      0x02
 #define IPT_ROUTE_OPT_GW       0x04
 #define IPT_ROUTE_OPT_CONTINUE 0x08
+#define IPT_ROUTE_OPT_TEE      0x10
 
 /* Function which parses command options; returns true if it
    ate an option */
@@ -134,12 +144,28 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 		if (*flags & IPT_ROUTE_OPT_CONTINUE)
 			exit_error(PARAMETER_PROBLEM,
 				   "Can't specify --continue twice");
+		if (*flags & IPT_ROUTE_OPT_TEE)
+			exit_error(PARAMETER_PROBLEM,
+				   "Can't specify --continue AND --tee");
 
 		route_info->flags |= IPT_ROUTE_CONTINUE;
 		*flags |= IPT_ROUTE_OPT_CONTINUE;
 
 		break;
 
+	case '5':
+		if (*flags & IPT_ROUTE_OPT_TEE)
+			exit_error(PARAMETER_PROBLEM,
+				   "Can't specify --tee twice");
+		if (*flags & IPT_ROUTE_OPT_CONTINUE)
+			exit_error(PARAMETER_PROBLEM,
+				   "Can't specify --tee AND --continue");
+
+		route_info->flags |= IPT_ROUTE_TEE;
+		*flags |= IPT_ROUTE_OPT_TEE;
+
+		break;
+
 	default:
 		return 0;
 	}
@@ -155,7 +181,7 @@ final_check(unsigned int flags)
 		exit_error(PARAMETER_PROBLEM,
 		           "ROUTE target: oif, iif or gw option required");
 
-	if ((flags & IPT_ROUTE_OPT_CONTINUE) && (flags & IPT_ROUTE_OPT_IIF))
+	if ((flags & (IPT_ROUTE_OPT_CONTINUE|IPT_ROUTE_OPT_TEE)) && (flags & IPT_ROUTE_OPT_IIF))
 		exit_error(PARAMETER_PROBLEM,
 			   "ROUTE target: can't continue traversing the rules with iif option");
 }
@@ -186,6 +212,9 @@ print(const struct ipt_ip *ip,
 	if (route_info->flags & IPT_ROUTE_CONTINUE)
 		printf("continue");
 
+	if (route_info->flags & IPT_ROUTE_TEE)
+		printf("tee");
+
 }
 
 
@@ -208,23 +237,25 @@ static void save(const struct ipt_ip *ip,
 
 	if (route_info->flags & IPT_ROUTE_CONTINUE)
 		printf("--continue ");
+
+	if (route_info->flags & IPT_ROUTE_TEE)
+		printf("--tee ");
 }
 
 
-static
-struct iptables_target route
-= { NULL,
-    "ROUTE",
-    IPTABLES_VERSION,
-    IPT_ALIGN(sizeof(struct ipt_route_target_info)),
-    IPT_ALIGN(sizeof(struct ipt_route_target_info)),
-    &help,
-    &init,
-    &parse,
-    &final_check,
-    &print,
-    &save,
-    opts
+static struct iptables_target route = { 
+	.next		= NULL,
+	.name		= "ROUTE",
+	.version	= IPTABLES_VERSION,
+	.size		= IPT_ALIGN(sizeof(struct ipt_route_target_info)),
+	.userspacesize	= IPT_ALIGN(sizeof(struct ipt_route_target_info)),
+	.help		= &help,
+	.init		= &init,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts
 };
 
 void _init(void)