xref: /aosp_15_r20/external/iptables/extensions/libipt_realm.c (revision a71a954618bbadd4a345637e5edcf36eec826889) 
1*a71a9546SAutomerger Merge Worker #include <stdio.h>
2*a71a9546SAutomerger Merge Worker #include <string.h>
3*a71a9546SAutomerger Merge Worker #include <stdlib.h>
4*a71a9546SAutomerger Merge Worker #include <errno.h>
5*a71a9546SAutomerger Merge Worker #if defined(__GLIBC__) && __GLIBC__ == 2
6*a71a9546SAutomerger Merge Worker #include <net/ethernet.h>
7*a71a9546SAutomerger Merge Worker #else
8*a71a9546SAutomerger Merge Worker #include <linux/if_ether.h>
9*a71a9546SAutomerger Merge Worker #endif
10*a71a9546SAutomerger Merge Worker #include <xtables.h>
11*a71a9546SAutomerger Merge Worker #include <linux/netfilter_ipv4/ipt_realm.h>
12*a71a9546SAutomerger Merge Worker 
13*a71a9546SAutomerger Merge Worker enum {
14*a71a9546SAutomerger Merge Worker 	O_REALM = 0,
15*a71a9546SAutomerger Merge Worker };
16*a71a9546SAutomerger Merge Worker 
realm_help(void)17*a71a9546SAutomerger Merge Worker static void realm_help(void)
18*a71a9546SAutomerger Merge Worker {
19*a71a9546SAutomerger Merge Worker 	printf(
20*a71a9546SAutomerger Merge Worker "realm match options:\n"
21*a71a9546SAutomerger Merge Worker "[!] --realm value[/mask]\n"
22*a71a9546SAutomerger Merge Worker "				Match realm\n");
23*a71a9546SAutomerger Merge Worker }
24*a71a9546SAutomerger Merge Worker 
25*a71a9546SAutomerger Merge Worker static const struct xt_option_entry realm_opts[] = {
26*a71a9546SAutomerger Merge Worker 	{.name = "realm", .id = O_REALM, .type = XTTYPE_STRING,
27*a71a9546SAutomerger Merge Worker 	 .flags = XTOPT_MAND | XTOPT_INVERT},
28*a71a9546SAutomerger Merge Worker 	XTOPT_TABLEEND,
29*a71a9546SAutomerger Merge Worker };
30*a71a9546SAutomerger Merge Worker 
31*a71a9546SAutomerger Merge Worker static const char f_realms[] = "/etc/iproute2/rt_realms";
32*a71a9546SAutomerger Merge Worker /* array of realms from f_realms[] */
33*a71a9546SAutomerger Merge Worker static struct xtables_lmap *realms;
34*a71a9546SAutomerger Merge Worker 
realm_parse(struct xt_option_call * cb)35*a71a9546SAutomerger Merge Worker static void realm_parse(struct xt_option_call *cb)
36*a71a9546SAutomerger Merge Worker {
37*a71a9546SAutomerger Merge Worker 	struct xt_realm_info *ri = cb->data;
38*a71a9546SAutomerger Merge Worker 	unsigned int id, mask;
39*a71a9546SAutomerger Merge Worker 
40*a71a9546SAutomerger Merge Worker 	xtables_option_parse(cb);
41*a71a9546SAutomerger Merge Worker 	xtables_parse_val_mask(cb, &id, &mask, realms);
42*a71a9546SAutomerger Merge Worker 
43*a71a9546SAutomerger Merge Worker 	ri->id = id;
44*a71a9546SAutomerger Merge Worker 	ri->mask = mask;
45*a71a9546SAutomerger Merge Worker 
46*a71a9546SAutomerger Merge Worker 	if (cb->invert)
47*a71a9546SAutomerger Merge Worker 		ri->invert = 1;
48*a71a9546SAutomerger Merge Worker }
49*a71a9546SAutomerger Merge Worker 
realm_print(const void * ip,const struct xt_entry_match * match,int numeric)50*a71a9546SAutomerger Merge Worker static void realm_print(const void *ip, const struct xt_entry_match *match,
51*a71a9546SAutomerger Merge Worker 			int numeric)
52*a71a9546SAutomerger Merge Worker {
53*a71a9546SAutomerger Merge Worker 	const struct xt_realm_info *ri = (const void *)match->data;
54*a71a9546SAutomerger Merge Worker 
55*a71a9546SAutomerger Merge Worker 	if (ri->invert)
56*a71a9546SAutomerger Merge Worker 		printf(" !");
57*a71a9546SAutomerger Merge Worker 
58*a71a9546SAutomerger Merge Worker 	printf(" realm");
59*a71a9546SAutomerger Merge Worker 	xtables_print_val_mask(ri->id, ri->mask, numeric ? NULL : realms);
60*a71a9546SAutomerger Merge Worker }
61*a71a9546SAutomerger Merge Worker 
realm_save(const void * ip,const struct xt_entry_match * match)62*a71a9546SAutomerger Merge Worker static void realm_save(const void *ip, const struct xt_entry_match *match)
63*a71a9546SAutomerger Merge Worker {
64*a71a9546SAutomerger Merge Worker 	const struct xt_realm_info *ri = (const void *)match->data;
65*a71a9546SAutomerger Merge Worker 
66*a71a9546SAutomerger Merge Worker 	if (ri->invert)
67*a71a9546SAutomerger Merge Worker 		printf(" !");
68*a71a9546SAutomerger Merge Worker 
69*a71a9546SAutomerger Merge Worker 	printf(" --realm");
70*a71a9546SAutomerger Merge Worker 	xtables_print_val_mask(ri->id, ri->mask, realms);
71*a71a9546SAutomerger Merge Worker }
72*a71a9546SAutomerger Merge Worker 
73*a71a9546SAutomerger Merge Worker static void
print_realm_xlate(unsigned long id,unsigned long mask,int numeric,struct xt_xlate * xl,uint32_t op)74*a71a9546SAutomerger Merge Worker print_realm_xlate(unsigned long id, unsigned long mask,
75*a71a9546SAutomerger Merge Worker 		  int numeric, struct xt_xlate *xl, uint32_t op)
76*a71a9546SAutomerger Merge Worker {
77*a71a9546SAutomerger Merge Worker 	const char *name = NULL;
78*a71a9546SAutomerger Merge Worker 
79*a71a9546SAutomerger Merge Worker 	if (mask != 0xffffffff)
80*a71a9546SAutomerger Merge Worker 		xt_xlate_add(xl, " and 0x%lx %s 0x%lx", mask,
81*a71a9546SAutomerger Merge Worker 			   op == XT_OP_EQ ? "==" : "!=", id);
82*a71a9546SAutomerger Merge Worker 	else {
83*a71a9546SAutomerger Merge Worker 		if (numeric == 0)
84*a71a9546SAutomerger Merge Worker 			name = xtables_lmap_id2name(realms, id);
85*a71a9546SAutomerger Merge Worker 		if (name)
86*a71a9546SAutomerger Merge Worker 			xt_xlate_add(xl, " %s%s",
87*a71a9546SAutomerger Merge Worker 				   op == XT_OP_EQ ? "" : "!= ", name);
88*a71a9546SAutomerger Merge Worker 		else
89*a71a9546SAutomerger Merge Worker 			xt_xlate_add(xl, " %s0x%lx",
90*a71a9546SAutomerger Merge Worker 				   op == XT_OP_EQ ? "" : "!= ", id);
91*a71a9546SAutomerger Merge Worker 	}
92*a71a9546SAutomerger Merge Worker }
93*a71a9546SAutomerger Merge Worker 
realm_xlate(struct xt_xlate * xl,const struct xt_xlate_mt_params * params)94*a71a9546SAutomerger Merge Worker static int realm_xlate(struct xt_xlate *xl,
95*a71a9546SAutomerger Merge Worker 		       const struct xt_xlate_mt_params *params)
96*a71a9546SAutomerger Merge Worker {
97*a71a9546SAutomerger Merge Worker 	const struct xt_realm_info *ri = (const void *)params->match->data;
98*a71a9546SAutomerger Merge Worker 	enum xt_op op = XT_OP_EQ;
99*a71a9546SAutomerger Merge Worker 
100*a71a9546SAutomerger Merge Worker 	if (ri->invert)
101*a71a9546SAutomerger Merge Worker 		op = XT_OP_NEQ;
102*a71a9546SAutomerger Merge Worker 
103*a71a9546SAutomerger Merge Worker 	xt_xlate_add(xl, "rtclassid");
104*a71a9546SAutomerger Merge Worker 	print_realm_xlate(ri->id, ri->mask, 0, xl, op);
105*a71a9546SAutomerger Merge Worker 
106*a71a9546SAutomerger Merge Worker 	return 1;
107*a71a9546SAutomerger Merge Worker }
108*a71a9546SAutomerger Merge Worker 
109*a71a9546SAutomerger Merge Worker static struct xtables_match realm_mt_reg = {
110*a71a9546SAutomerger Merge Worker 	.name		= "realm",
111*a71a9546SAutomerger Merge Worker 	.version	= XTABLES_VERSION,
112*a71a9546SAutomerger Merge Worker 	.family		= NFPROTO_IPV4,
113*a71a9546SAutomerger Merge Worker 	.size		= XT_ALIGN(sizeof(struct xt_realm_info)),
114*a71a9546SAutomerger Merge Worker 	.userspacesize	= XT_ALIGN(sizeof(struct xt_realm_info)),
115*a71a9546SAutomerger Merge Worker 	.help		= realm_help,
116*a71a9546SAutomerger Merge Worker 	.print		= realm_print,
117*a71a9546SAutomerger Merge Worker 	.save		= realm_save,
118*a71a9546SAutomerger Merge Worker 	.x6_parse	= realm_parse,
119*a71a9546SAutomerger Merge Worker 	.x6_options	= realm_opts,
120*a71a9546SAutomerger Merge Worker 	.xlate		= realm_xlate,
121*a71a9546SAutomerger Merge Worker };
122*a71a9546SAutomerger Merge Worker 
_init(void)123*a71a9546SAutomerger Merge Worker void _init(void)
124*a71a9546SAutomerger Merge Worker {
125*a71a9546SAutomerger Merge Worker 	realms = xtables_lmap_init(f_realms);
126*a71a9546SAutomerger Merge Worker 	if (realms == NULL && errno != ENOENT)
127*a71a9546SAutomerger Merge Worker 		fprintf(stderr, "Warning: %s: %s\n", f_realms,
128*a71a9546SAutomerger Merge Worker 			strerror(errno));
129*a71a9546SAutomerger Merge Worker 
130*a71a9546SAutomerger Merge Worker 	xtables_register_match(&realm_mt_reg);
131*a71a9546SAutomerger Merge Worker }
132