aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/iptables
diff options
context:
space:
mode:
authorJo-Philipp Wich <jow@openwrt.org>2014-08-01 22:49:47 +0000
committerJo-Philipp Wich <jow@openwrt.org>2014-08-01 22:49:47 +0000
commitbaa7c211f5545c4ccc1029991dfca34584cfa221 (patch)
tree9234641fbb37b4c0d011092e3e99d1a5ef6c1ae0 /package/network/utils/iptables
parent930e3e7ca30c899d73390fcc8ade503bc249de37 (diff)
downloadupstream-baa7c211f5545c4ccc1029991dfca34584cfa221.tar.gz
upstream-baa7c211f5545c4ccc1029991dfca34584cfa221.tar.bz2
upstream-baa7c211f5545c4ccc1029991dfca34584cfa221.zip
netfilter: introduce xt_id match
This commit implements a new netfilter match "xt_id" which can be used to attach unsigned 32bit IDs to iptables rules. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 41945
Diffstat (limited to 'package/network/utils/iptables')
-rw-r--r--package/network/utils/iptables/patches/500-add-xt_id-match.patch59
1 files changed, 59 insertions, 0 deletions
diff --git a/package/network/utils/iptables/patches/500-add-xt_id-match.patch b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
new file mode 100644
index 0000000000..94762f0ab7
--- /dev/null
+++ b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
@@ -0,0 +1,59 @@
+--- /dev/null
++++ b/extensions/libxt_id.c
+@@ -0,0 +1,45 @@
++/* Shared library add-on to iptables to add id match support. */
++
++#include <stdio.h>
++#include <xtables.h>
++#include <linux/netfilter/xt_id.h>
++
++enum {
++ O_ID = 0,
++};
++
++static const struct xt_option_entry id_opts[] = {
++ {
++ .name = "id",
++ .id = O_ID,
++ .type = XTTYPE_UINT32,
++ .flags = XTOPT_MAND | XTOPT_PUT,
++ XTOPT_POINTER(struct xt_id_info, id)
++ },
++ XTOPT_TABLEEND,
++};
++
++/* Saves the union ipt_matchinfo in parsable form to stdout. */
++static void
++id_save(const void *ip, const struct xt_entry_match *match)
++{
++ struct xt_id_info *idinfo = (void *)match->data;
++
++ printf(" --id %lu", idinfo->id);
++}
++
++static struct xtables_match id_match = {
++ .family = NFPROTO_UNSPEC,
++ .name = "id",
++ .version = XTABLES_VERSION,
++ .size = XT_ALIGN(sizeof(struct xt_id_info)),
++ .userspacesize = XT_ALIGN(sizeof(struct xt_id_info)),
++ .save = id_save,
++ .x6_parse = xtables_option_parse,
++ .x6_options = id_opts,
++};
++
++void _init(void)
++{
++ xtables_register_match(&id_match);
++}
+--- /dev/null
++++ b/include/linux/netfilter/xt_id.h
+@@ -0,0 +1,8 @@
++#ifndef _XT_ID_H
++#define _XT_ID_H
++
++struct xt_id_info {
++ __u32 id;
++};
++
++#endif /* XT_ID_H */