1 /* Shared library add-on to iptables to add ROUTE v6 target support.
2 * Author : Cedric de Launois, <delaunois@info.ucl.ac.be>
10 #include <sys/types.h>
11 #include <sys/socket.h>
12 #include <arpa/inet.h>
14 #include <ip6tables.h>
15 #include <linux/netfilter_ipv6/ip6_tables.h>
16 #include <linux/netfilter_ipv6/ip6t_ROUTE.h>
18 /* Function which prints out usage message. */
23 "ROUTE target v%s options:\n"
24 " --oif \tifname \t\tRoute the packet through `ifname' network interface\n"
25 " --gw \tip \t\tRoute the packet via this gateway\n"
26 " --continue\t \t\tRoute the packet and continue traversing the rules.\n"
31 static struct option opts[] = {
35 { "continue", 0, 0, '4' },
39 /* Initialize the target. */
41 init(struct ip6t_entry_target *t, unsigned int *nfcache)
43 struct ip6t_route_target_info *route_info =
44 (struct ip6t_route_target_info*)t->data;
46 route_info->oif[0] = '\0';
47 route_info->iif[0] = '\0';
48 route_info->gw[0] = 0;
49 route_info->gw[1] = 0;
50 route_info->gw[2] = 0;
51 route_info->gw[3] = 0;
52 route_info->flags = 0;
56 #define IP6T_ROUTE_OPT_OIF 0x01
57 #define IP6T_ROUTE_OPT_IIF 0x02
58 #define IP6T_ROUTE_OPT_GW 0x04
59 #define IP6T_ROUTE_OPT_CONTINUE 0x08
61 /* Function which parses command options; returns true if it
64 parse(int c, char **argv, int invert, unsigned int *flags,
65 const struct ip6t_entry *entry,
66 struct ip6t_entry_target **target)
68 struct ip6t_route_target_info *route_info =
69 (struct ip6t_route_target_info*)(*target)->data;
73 if (*flags & IP6T_ROUTE_OPT_OIF)
74 exit_error(PARAMETER_PROBLEM,
75 "Can't specify --oif twice");
77 if (check_inverse(optarg, &invert, NULL, 0))
78 exit_error(PARAMETER_PROBLEM,
79 "Unexpected `!' after --oif");
81 if (strlen(optarg) > sizeof(route_info->oif) - 1)
82 exit_error(PARAMETER_PROBLEM,
83 "Maximum interface name length %u",
84 sizeof(route_info->oif) - 1);
86 strcpy(route_info->oif, optarg);
87 *flags |= IP6T_ROUTE_OPT_OIF;
91 exit_error(PARAMETER_PROBLEM,
92 "--iif option not implemented");
96 if (*flags & IP6T_ROUTE_OPT_GW)
97 exit_error(PARAMETER_PROBLEM,
98 "Can't specify --gw twice");
100 if (check_inverse(optarg, &invert, NULL, 0))
101 exit_error(PARAMETER_PROBLEM,
102 "Unexpected `!' after --gw");
104 if (!inet_pton(AF_INET6, optarg, (struct in6_addr*)&route_info->gw)) {
105 exit_error(PARAMETER_PROBLEM,
106 "Invalid IPv6 address %s",
110 *flags |= IP6T_ROUTE_OPT_GW;
114 if (*flags & IP6T_ROUTE_OPT_CONTINUE)
115 exit_error(PARAMETER_PROBLEM,
116 "Can't specify --continue twice");
118 route_info->flags |= IP6T_ROUTE_CONTINUE;
119 *flags |= IP6T_ROUTE_OPT_CONTINUE;
132 final_check(unsigned int flags)
135 exit_error(PARAMETER_PROBLEM,
136 "ROUTE target: oif or gw option required");
140 /* Prints out the targinfo. */
142 print(const struct ip6t_ip6 *ip,
143 const struct ip6t_entry_target *target,
146 const struct ip6t_route_target_info *route_info
147 = (const struct ip6t_route_target_info *)target->data;
151 if (route_info->oif[0])
152 printf("oif:%s ", route_info->oif);
154 if (route_info->gw[0]
157 || route_info->gw[3]) {
158 char address[INET6_ADDRSTRLEN];
159 printf("gw:%s ", inet_ntop(AF_INET6, route_info->gw, address, INET6_ADDRSTRLEN));
162 if (route_info->flags & IP6T_ROUTE_CONTINUE)
168 static void save(const struct ip6t_ip6 *ip,
169 const struct ip6t_entry_target *target)
171 const struct ip6t_route_target_info *route_info
172 = (const struct ip6t_route_target_info *)target->data;
174 if (route_info->oif[0])
175 printf("--oif %s ", route_info->oif);
177 if (route_info->gw[0]
180 || route_info->gw[3]) {
181 char address[INET6_ADDRSTRLEN];
182 printf("--gw %s ", inet_ntop(AF_INET6, route_info->gw, address, INET6_ADDRSTRLEN));
185 if (route_info->flags & IP6T_ROUTE_CONTINUE)
186 printf("--continue ");
191 struct ip6tables_target route
195 IP6T_ALIGN(sizeof(struct ip6t_route_target_info)),
196 IP6T_ALIGN(sizeof(struct ip6t_route_target_info)),
208 register_target6(&route);