aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/iptables
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2014-08-01 22:49:47 +0000
committerJo-Philipp Wich <jow@openwrt.org>2014-08-01 22:49:47 +0000
commit1706a28205a498c7f189e340ad0280e638629e1a (patch)
tree572649d0f1e9c2c3bf1056b926e7a2d4362125c8 /package/network/utils/iptables
parent4faf46a77b7f1575958a370f0c8fbf48fabb5b7e (diff)
downloadmaster-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.tar.gz
master-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.tar.bz2
master-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.zip
netfilter: introduce xt_id match
This commit implements a new netfilter match "xt_id" which can be used to attach unsigned 32bit IDs to iptables rules. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41945 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network/utils/iptables')
-rw-r--r--package/network/utils/iptables/patches/500-add-xt_id-match.patch59
1 files changed, 59 insertions, 0 deletions
diff --git a/package/network/utils/iptables/patches/500-add-xt_id-match.patch b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
new file mode 100644
index 0000000000..94762f0ab7
--- /dev/null
+++ b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
@@ -0,0 +1,59 @@
+--- /dev/null
++++ b/extensions/libxt_id.c
+@@ -0,0 +1,45 @@
++/* Shared library add-on to iptables to add id match support. */
++
++#include <stdio.h>
++#include <xtables.h>
++#include <linux/netfilter/xt_id.h>
++
++enum {
++ O_ID = 0,
++};
++
++static const struct xt_option_entry id_opts[] = {
++ {
++ .name = "id",
++ .id = O_ID,
++ .type = XTTYPE_UINT32,
++ .flags = XTOPT_MAND | XTOPT_PUT,
++ XTOPT_POINTER(struct xt_id_info, id)
++ },
++ XTOPT_TABLEEND,
++};
++
++/* Saves the union ipt_matchinfo in parsable form to stdout. */
++static void
++id_save(const void *ip, const struct xt_entry_match *match)
++{
++ struct xt_id_info *idinfo = (void *)match->data;
++
++ printf(" --id %lu", idinfo->id);
++}
++
++static struct xtables_match id_match = {
++ .family = NFPROTO_UNSPEC,
++ .name = "id",
++ .version = XTABLES_VERSION,
++ .size = XT_ALIGN(sizeof(struct xt_id_info)),
++ .userspacesize = XT_ALIGN(sizeof(struct xt_id_info)),
++ .save = id_save,
++ .x6_parse = xtables_option_parse,
++ .x6_options = id_opts,
++};
++
++void _init(void)
++{
++ xtables_register_match(&id_match);
++}
+--- /dev/null
++++ b/include/linux/netfilter/xt_id.h
+@@ -0,0 +1,8 @@
++#ifndef _XT_ID_H
++#define _XT_ID_H
++
++struct xt_id_info {
++ __u32 id;
++};
++
++#endif /* XT_ID_H */