diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2014-08-01 22:49:47 +0000 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2014-08-01 22:49:47 +0000 |
commit | 1706a28205a498c7f189e340ad0280e638629e1a (patch) | |
tree | 572649d0f1e9c2c3bf1056b926e7a2d4362125c8 /package/network | |
parent | 4faf46a77b7f1575958a370f0c8fbf48fabb5b7e (diff) | |
download | master-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.tar.gz master-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.tar.bz2 master-187ad058-1706a28205a498c7f189e340ad0280e638629e1a.zip |
netfilter: introduce xt_id match
This commit implements a new netfilter match "xt_id" which can be used to
attach unsigned 32bit IDs to iptables rules.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@41945 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network')
-rw-r--r-- | package/network/utils/iptables/patches/500-add-xt_id-match.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/package/network/utils/iptables/patches/500-add-xt_id-match.patch b/package/network/utils/iptables/patches/500-add-xt_id-match.patch new file mode 100644 index 0000000000..94762f0ab7 --- /dev/null +++ b/package/network/utils/iptables/patches/500-add-xt_id-match.patch @@ -0,0 +1,59 @@ +--- /dev/null ++++ b/extensions/libxt_id.c +@@ -0,0 +1,45 @@ ++/* Shared library add-on to iptables to add id match support. */ ++ ++#include <stdio.h> ++#include <xtables.h> ++#include <linux/netfilter/xt_id.h> ++ ++enum { ++ O_ID = 0, ++}; ++ ++static const struct xt_option_entry id_opts[] = { ++ { ++ .name = "id", ++ .id = O_ID, ++ .type = XTTYPE_UINT32, ++ .flags = XTOPT_MAND | XTOPT_PUT, ++ XTOPT_POINTER(struct xt_id_info, id) ++ }, ++ XTOPT_TABLEEND, ++}; ++ ++/* Saves the union ipt_matchinfo in parsable form to stdout. */ ++static void ++id_save(const void *ip, const struct xt_entry_match *match) ++{ ++ struct xt_id_info *idinfo = (void *)match->data; ++ ++ printf(" --id %lu", idinfo->id); ++} ++ ++static struct xtables_match id_match = { ++ .family = NFPROTO_UNSPEC, ++ .name = "id", ++ .version = XTABLES_VERSION, ++ .size = XT_ALIGN(sizeof(struct xt_id_info)), ++ .userspacesize = XT_ALIGN(sizeof(struct xt_id_info)), ++ .save = id_save, ++ .x6_parse = xtables_option_parse, ++ .x6_options = id_opts, ++}; ++ ++void _init(void) ++{ ++ xtables_register_match(&id_match); ++} +--- /dev/null ++++ b/include/linux/netfilter/xt_id.h +@@ -0,0 +1,8 @@ ++#ifndef _XT_ID_H ++#define _XT_ID_H ++ ++struct xt_id_info { ++ __u32 id; ++}; ++ ++#endif /* XT_ID_H */ |