1*a71a9546SAutomerger Merge Worker /* Shared library add-on to iptables for NFQ
2*a71a9546SAutomerger Merge Worker *
3*a71a9546SAutomerger Merge Worker * (C) 2005 by Harald Welte <[email protected]>
4*a71a9546SAutomerger Merge Worker *
5*a71a9546SAutomerger Merge Worker * This program is distributed under the terms of GNU GPL v2, 1991
6*a71a9546SAutomerger Merge Worker *
7*a71a9546SAutomerger Merge Worker */
8*a71a9546SAutomerger Merge Worker #include <stdio.h>
9*a71a9546SAutomerger Merge Worker #include <xtables.h>
10*a71a9546SAutomerger Merge Worker #include <linux/netfilter/xt_NFQUEUE.h>
11*a71a9546SAutomerger Merge Worker
12*a71a9546SAutomerger Merge Worker enum {
13*a71a9546SAutomerger Merge Worker O_QUEUE_NUM = 0,
14*a71a9546SAutomerger Merge Worker O_QUEUE_BALANCE,
15*a71a9546SAutomerger Merge Worker O_QUEUE_BYPASS,
16*a71a9546SAutomerger Merge Worker O_QUEUE_CPU_FANOUT,
17*a71a9546SAutomerger Merge Worker F_QUEUE_NUM = 1 << O_QUEUE_NUM,
18*a71a9546SAutomerger Merge Worker F_QUEUE_BALANCE = 1 << O_QUEUE_BALANCE,
19*a71a9546SAutomerger Merge Worker F_QUEUE_CPU_FANOUT = 1 << O_QUEUE_CPU_FANOUT,
20*a71a9546SAutomerger Merge Worker };
21*a71a9546SAutomerger Merge Worker
NFQUEUE_help(void)22*a71a9546SAutomerger Merge Worker static void NFQUEUE_help(void)
23*a71a9546SAutomerger Merge Worker {
24*a71a9546SAutomerger Merge Worker printf(
25*a71a9546SAutomerger Merge Worker "NFQUEUE target options\n"
26*a71a9546SAutomerger Merge Worker " --queue-num value Send packet to QUEUE number <value>.\n"
27*a71a9546SAutomerger Merge Worker " Valid queue numbers are 0-65535\n"
28*a71a9546SAutomerger Merge Worker );
29*a71a9546SAutomerger Merge Worker }
30*a71a9546SAutomerger Merge Worker
NFQUEUE_help_v1(void)31*a71a9546SAutomerger Merge Worker static void NFQUEUE_help_v1(void)
32*a71a9546SAutomerger Merge Worker {
33*a71a9546SAutomerger Merge Worker printf(
34*a71a9546SAutomerger Merge Worker "NFQUEUE target options\n"
35*a71a9546SAutomerger Merge Worker " --queue-num value Send packet to QUEUE number <value>.\n"
36*a71a9546SAutomerger Merge Worker " Valid queue numbers are 0-65535\n"
37*a71a9546SAutomerger Merge Worker " --queue-balance first:last Balance flows between queues <value> to <value>.\n");
38*a71a9546SAutomerger Merge Worker }
39*a71a9546SAutomerger Merge Worker
NFQUEUE_help_v2(void)40*a71a9546SAutomerger Merge Worker static void NFQUEUE_help_v2(void)
41*a71a9546SAutomerger Merge Worker {
42*a71a9546SAutomerger Merge Worker printf(
43*a71a9546SAutomerger Merge Worker "NFQUEUE target options\n"
44*a71a9546SAutomerger Merge Worker " --queue-num value Send packet to QUEUE number <value>.\n"
45*a71a9546SAutomerger Merge Worker " Valid queue numbers are 0-65535\n"
46*a71a9546SAutomerger Merge Worker " --queue-balance first:last Balance flows between queues <value> to <value>.\n"
47*a71a9546SAutomerger Merge Worker " --queue-bypass Bypass Queueing if no queue instance exists.\n"
48*a71a9546SAutomerger Merge Worker " --queue-cpu-fanout Use current CPU (no hashing)\n");
49*a71a9546SAutomerger Merge Worker }
50*a71a9546SAutomerger Merge Worker
NFQUEUE_help_v3(void)51*a71a9546SAutomerger Merge Worker static void NFQUEUE_help_v3(void)
52*a71a9546SAutomerger Merge Worker {
53*a71a9546SAutomerger Merge Worker printf(
54*a71a9546SAutomerger Merge Worker "NFQUEUE target options\n"
55*a71a9546SAutomerger Merge Worker " --queue-num value Send packet to QUEUE number <value>.\n"
56*a71a9546SAutomerger Merge Worker " Valid queue numbers are 0-65535\n"
57*a71a9546SAutomerger Merge Worker " --queue-balance first:last Balance flows between queues <value> to <value>.\n"
58*a71a9546SAutomerger Merge Worker " --queue-bypass Bypass Queueing if no queue instance exists.\n"
59*a71a9546SAutomerger Merge Worker " --queue-cpu-fanout Use current CPU (no hashing)\n");
60*a71a9546SAutomerger Merge Worker }
61*a71a9546SAutomerger Merge Worker
62*a71a9546SAutomerger Merge Worker #define s struct xt_NFQ_info
63*a71a9546SAutomerger Merge Worker static const struct xt_option_entry NFQUEUE_opts[] = {
64*a71a9546SAutomerger Merge Worker {.name = "queue-num", .id = O_QUEUE_NUM, .type = XTTYPE_UINT16,
65*a71a9546SAutomerger Merge Worker .flags = XTOPT_PUT, XTOPT_POINTER(s, queuenum),
66*a71a9546SAutomerger Merge Worker .excl = F_QUEUE_BALANCE},
67*a71a9546SAutomerger Merge Worker {.name = "queue-balance", .id = O_QUEUE_BALANCE, .max = UINT16_MAX - 1,
68*a71a9546SAutomerger Merge Worker .type = XTTYPE_UINT16RC, .excl = F_QUEUE_NUM},
69*a71a9546SAutomerger Merge Worker {.name = "queue-bypass", .id = O_QUEUE_BYPASS, .type = XTTYPE_NONE},
70*a71a9546SAutomerger Merge Worker {.name = "queue-cpu-fanout", .id = O_QUEUE_CPU_FANOUT,
71*a71a9546SAutomerger Merge Worker .type = XTTYPE_NONE, .also = F_QUEUE_BALANCE},
72*a71a9546SAutomerger Merge Worker XTOPT_TABLEEND,
73*a71a9546SAutomerger Merge Worker };
74*a71a9546SAutomerger Merge Worker #undef s
75*a71a9546SAutomerger Merge Worker
NFQUEUE_parse(struct xt_option_call * cb)76*a71a9546SAutomerger Merge Worker static void NFQUEUE_parse(struct xt_option_call *cb)
77*a71a9546SAutomerger Merge Worker {
78*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
79*a71a9546SAutomerger Merge Worker if (cb->entry->id == O_QUEUE_BALANCE)
80*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM, "NFQUEUE target: "
81*a71a9546SAutomerger Merge Worker "--queue-balance not supported (kernel too old?)");
82*a71a9546SAutomerger Merge Worker }
83*a71a9546SAutomerger Merge Worker
NFQUEUE_parse_v1(struct xt_option_call * cb)84*a71a9546SAutomerger Merge Worker static void NFQUEUE_parse_v1(struct xt_option_call *cb)
85*a71a9546SAutomerger Merge Worker {
86*a71a9546SAutomerger Merge Worker struct xt_NFQ_info_v1 *info = cb->data;
87*a71a9546SAutomerger Merge Worker const uint16_t *r = cb->val.u16_range;
88*a71a9546SAutomerger Merge Worker
89*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
90*a71a9546SAutomerger Merge Worker switch (cb->entry->id) {
91*a71a9546SAutomerger Merge Worker case O_QUEUE_BALANCE:
92*a71a9546SAutomerger Merge Worker if (cb->nvals != 2)
93*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM,
94*a71a9546SAutomerger Merge Worker "Bad range \"%s\"", cb->arg);
95*a71a9546SAutomerger Merge Worker if (r[0] >= r[1])
96*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM, "%u should be less than %u",
97*a71a9546SAutomerger Merge Worker r[0], r[1]);
98*a71a9546SAutomerger Merge Worker info->queuenum = r[0];
99*a71a9546SAutomerger Merge Worker info->queues_total = r[1] - r[0] + 1;
100*a71a9546SAutomerger Merge Worker break;
101*a71a9546SAutomerger Merge Worker }
102*a71a9546SAutomerger Merge Worker }
103*a71a9546SAutomerger Merge Worker
NFQUEUE_parse_v2(struct xt_option_call * cb)104*a71a9546SAutomerger Merge Worker static void NFQUEUE_parse_v2(struct xt_option_call *cb)
105*a71a9546SAutomerger Merge Worker {
106*a71a9546SAutomerger Merge Worker struct xt_NFQ_info_v2 *info = cb->data;
107*a71a9546SAutomerger Merge Worker const uint16_t *r = cb->val.u16_range;
108*a71a9546SAutomerger Merge Worker
109*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
110*a71a9546SAutomerger Merge Worker switch (cb->entry->id) {
111*a71a9546SAutomerger Merge Worker case O_QUEUE_BALANCE:
112*a71a9546SAutomerger Merge Worker if (cb->nvals != 2)
113*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM,
114*a71a9546SAutomerger Merge Worker "Bad range \"%s\"", cb->arg);
115*a71a9546SAutomerger Merge Worker if (r[0] >= r[1])
116*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM,
117*a71a9546SAutomerger Merge Worker "%u should be less than %u",
118*a71a9546SAutomerger Merge Worker r[0], r[1]);
119*a71a9546SAutomerger Merge Worker info->queuenum = r[0];
120*a71a9546SAutomerger Merge Worker info->queues_total = r[1] - r[0] + 1;
121*a71a9546SAutomerger Merge Worker break;
122*a71a9546SAutomerger Merge Worker case O_QUEUE_BYPASS:
123*a71a9546SAutomerger Merge Worker info->bypass |= NFQ_FLAG_BYPASS;
124*a71a9546SAutomerger Merge Worker break;
125*a71a9546SAutomerger Merge Worker }
126*a71a9546SAutomerger Merge Worker }
127*a71a9546SAutomerger Merge Worker
NFQUEUE_parse_v3(struct xt_option_call * cb)128*a71a9546SAutomerger Merge Worker static void NFQUEUE_parse_v3(struct xt_option_call *cb)
129*a71a9546SAutomerger Merge Worker {
130*a71a9546SAutomerger Merge Worker struct xt_NFQ_info_v3 *info = cb->data;
131*a71a9546SAutomerger Merge Worker const uint16_t *r = cb->val.u16_range;
132*a71a9546SAutomerger Merge Worker
133*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
134*a71a9546SAutomerger Merge Worker switch (cb->entry->id) {
135*a71a9546SAutomerger Merge Worker case O_QUEUE_BALANCE:
136*a71a9546SAutomerger Merge Worker if (cb->nvals != 2)
137*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM,
138*a71a9546SAutomerger Merge Worker "Bad range \"%s\"", cb->arg);
139*a71a9546SAutomerger Merge Worker if (r[0] >= r[1])
140*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM,
141*a71a9546SAutomerger Merge Worker "%u should be less than %u",
142*a71a9546SAutomerger Merge Worker r[0], r[1]);
143*a71a9546SAutomerger Merge Worker info->queuenum = r[0];
144*a71a9546SAutomerger Merge Worker info->queues_total = r[1] - r[0] + 1;
145*a71a9546SAutomerger Merge Worker break;
146*a71a9546SAutomerger Merge Worker case O_QUEUE_BYPASS:
147*a71a9546SAutomerger Merge Worker info->flags |= NFQ_FLAG_BYPASS;
148*a71a9546SAutomerger Merge Worker break;
149*a71a9546SAutomerger Merge Worker case O_QUEUE_CPU_FANOUT:
150*a71a9546SAutomerger Merge Worker info->flags |= NFQ_FLAG_CPU_FANOUT;
151*a71a9546SAutomerger Merge Worker break;
152*a71a9546SAutomerger Merge Worker }
153*a71a9546SAutomerger Merge Worker }
154*a71a9546SAutomerger Merge Worker
NFQUEUE_print(const void * ip,const struct xt_entry_target * target,int numeric)155*a71a9546SAutomerger Merge Worker static void NFQUEUE_print(const void *ip,
156*a71a9546SAutomerger Merge Worker const struct xt_entry_target *target, int numeric)
157*a71a9546SAutomerger Merge Worker {
158*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info *tinfo =
159*a71a9546SAutomerger Merge Worker (const struct xt_NFQ_info *)target->data;
160*a71a9546SAutomerger Merge Worker printf(" NFQUEUE num %u", tinfo->queuenum);
161*a71a9546SAutomerger Merge Worker }
162*a71a9546SAutomerger Merge Worker
NFQUEUE_print_v1(const void * ip,const struct xt_entry_target * target,int numeric)163*a71a9546SAutomerger Merge Worker static void NFQUEUE_print_v1(const void *ip,
164*a71a9546SAutomerger Merge Worker const struct xt_entry_target *target, int numeric)
165*a71a9546SAutomerger Merge Worker {
166*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v1 *tinfo = (const void *)target->data;
167*a71a9546SAutomerger Merge Worker unsigned int last = tinfo->queues_total;
168*a71a9546SAutomerger Merge Worker
169*a71a9546SAutomerger Merge Worker if (last > 1) {
170*a71a9546SAutomerger Merge Worker last += tinfo->queuenum - 1;
171*a71a9546SAutomerger Merge Worker printf(" NFQUEUE balance %u:%u", tinfo->queuenum, last);
172*a71a9546SAutomerger Merge Worker } else {
173*a71a9546SAutomerger Merge Worker printf(" NFQUEUE num %u", tinfo->queuenum);
174*a71a9546SAutomerger Merge Worker }
175*a71a9546SAutomerger Merge Worker }
176*a71a9546SAutomerger Merge Worker
NFQUEUE_print_v2(const void * ip,const struct xt_entry_target * target,int numeric)177*a71a9546SAutomerger Merge Worker static void NFQUEUE_print_v2(const void *ip,
178*a71a9546SAutomerger Merge Worker const struct xt_entry_target *target, int numeric)
179*a71a9546SAutomerger Merge Worker {
180*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v2 *info = (void *) target->data;
181*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
182*a71a9546SAutomerger Merge Worker
183*a71a9546SAutomerger Merge Worker if (last > 1) {
184*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
185*a71a9546SAutomerger Merge Worker printf(" NFQUEUE balance %u:%u", info->queuenum, last);
186*a71a9546SAutomerger Merge Worker } else
187*a71a9546SAutomerger Merge Worker printf(" NFQUEUE num %u", info->queuenum);
188*a71a9546SAutomerger Merge Worker
189*a71a9546SAutomerger Merge Worker if (info->bypass & NFQ_FLAG_BYPASS)
190*a71a9546SAutomerger Merge Worker printf(" bypass");
191*a71a9546SAutomerger Merge Worker }
192*a71a9546SAutomerger Merge Worker
NFQUEUE_print_v3(const void * ip,const struct xt_entry_target * target,int numeric)193*a71a9546SAutomerger Merge Worker static void NFQUEUE_print_v3(const void *ip,
194*a71a9546SAutomerger Merge Worker const struct xt_entry_target *target, int numeric)
195*a71a9546SAutomerger Merge Worker {
196*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v3 *info = (void *)target->data;
197*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
198*a71a9546SAutomerger Merge Worker
199*a71a9546SAutomerger Merge Worker if (last > 1) {
200*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
201*a71a9546SAutomerger Merge Worker printf(" NFQUEUE balance %u:%u", info->queuenum, last);
202*a71a9546SAutomerger Merge Worker } else
203*a71a9546SAutomerger Merge Worker printf(" NFQUEUE num %u", info->queuenum);
204*a71a9546SAutomerger Merge Worker
205*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_BYPASS)
206*a71a9546SAutomerger Merge Worker printf(" bypass");
207*a71a9546SAutomerger Merge Worker
208*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_CPU_FANOUT)
209*a71a9546SAutomerger Merge Worker printf(" cpu-fanout");
210*a71a9546SAutomerger Merge Worker }
211*a71a9546SAutomerger Merge Worker
NFQUEUE_save(const void * ip,const struct xt_entry_target * target)212*a71a9546SAutomerger Merge Worker static void NFQUEUE_save(const void *ip, const struct xt_entry_target *target)
213*a71a9546SAutomerger Merge Worker {
214*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info *tinfo =
215*a71a9546SAutomerger Merge Worker (const struct xt_NFQ_info *)target->data;
216*a71a9546SAutomerger Merge Worker
217*a71a9546SAutomerger Merge Worker printf(" --queue-num %u", tinfo->queuenum);
218*a71a9546SAutomerger Merge Worker }
219*a71a9546SAutomerger Merge Worker
NFQUEUE_save_v1(const void * ip,const struct xt_entry_target * target)220*a71a9546SAutomerger Merge Worker static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target)
221*a71a9546SAutomerger Merge Worker {
222*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v1 *tinfo = (const void *)target->data;
223*a71a9546SAutomerger Merge Worker unsigned int last = tinfo->queues_total;
224*a71a9546SAutomerger Merge Worker
225*a71a9546SAutomerger Merge Worker if (last > 1) {
226*a71a9546SAutomerger Merge Worker last += tinfo->queuenum - 1;
227*a71a9546SAutomerger Merge Worker printf(" --queue-balance %u:%u", tinfo->queuenum, last);
228*a71a9546SAutomerger Merge Worker } else {
229*a71a9546SAutomerger Merge Worker printf(" --queue-num %u", tinfo->queuenum);
230*a71a9546SAutomerger Merge Worker }
231*a71a9546SAutomerger Merge Worker }
232*a71a9546SAutomerger Merge Worker
NFQUEUE_save_v2(const void * ip,const struct xt_entry_target * target)233*a71a9546SAutomerger Merge Worker static void NFQUEUE_save_v2(const void *ip, const struct xt_entry_target *target)
234*a71a9546SAutomerger Merge Worker {
235*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v2 *info = (void *) target->data;
236*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
237*a71a9546SAutomerger Merge Worker
238*a71a9546SAutomerger Merge Worker if (last > 1) {
239*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
240*a71a9546SAutomerger Merge Worker printf(" --queue-balance %u:%u", info->queuenum, last);
241*a71a9546SAutomerger Merge Worker } else
242*a71a9546SAutomerger Merge Worker printf(" --queue-num %u", info->queuenum);
243*a71a9546SAutomerger Merge Worker
244*a71a9546SAutomerger Merge Worker if (info->bypass & NFQ_FLAG_BYPASS)
245*a71a9546SAutomerger Merge Worker printf(" --queue-bypass");
246*a71a9546SAutomerger Merge Worker }
247*a71a9546SAutomerger Merge Worker
NFQUEUE_save_v3(const void * ip,const struct xt_entry_target * target)248*a71a9546SAutomerger Merge Worker static void NFQUEUE_save_v3(const void *ip,
249*a71a9546SAutomerger Merge Worker const struct xt_entry_target *target)
250*a71a9546SAutomerger Merge Worker {
251*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v3 *info = (void *)target->data;
252*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
253*a71a9546SAutomerger Merge Worker
254*a71a9546SAutomerger Merge Worker if (last > 1) {
255*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
256*a71a9546SAutomerger Merge Worker printf(" --queue-balance %u:%u", info->queuenum, last);
257*a71a9546SAutomerger Merge Worker } else
258*a71a9546SAutomerger Merge Worker printf(" --queue-num %u", info->queuenum);
259*a71a9546SAutomerger Merge Worker
260*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_BYPASS)
261*a71a9546SAutomerger Merge Worker printf(" --queue-bypass");
262*a71a9546SAutomerger Merge Worker
263*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_CPU_FANOUT)
264*a71a9546SAutomerger Merge Worker printf(" --queue-cpu-fanout");
265*a71a9546SAutomerger Merge Worker }
266*a71a9546SAutomerger Merge Worker
NFQUEUE_init_v1(struct xt_entry_target * t)267*a71a9546SAutomerger Merge Worker static void NFQUEUE_init_v1(struct xt_entry_target *t)
268*a71a9546SAutomerger Merge Worker {
269*a71a9546SAutomerger Merge Worker struct xt_NFQ_info_v1 *tinfo = (void *)t->data;
270*a71a9546SAutomerger Merge Worker tinfo->queues_total = 1;
271*a71a9546SAutomerger Merge Worker }
272*a71a9546SAutomerger Merge Worker
NFQUEUE_xlate(struct xt_xlate * xl,const struct xt_xlate_tg_params * params)273*a71a9546SAutomerger Merge Worker static int NFQUEUE_xlate(struct xt_xlate *xl,
274*a71a9546SAutomerger Merge Worker const struct xt_xlate_tg_params *params)
275*a71a9546SAutomerger Merge Worker {
276*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info *tinfo =
277*a71a9546SAutomerger Merge Worker (const struct xt_NFQ_info *)params->target->data;
278*a71a9546SAutomerger Merge Worker
279*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u ", tinfo->queuenum);
280*a71a9546SAutomerger Merge Worker
281*a71a9546SAutomerger Merge Worker return 1;
282*a71a9546SAutomerger Merge Worker }
283*a71a9546SAutomerger Merge Worker
NFQUEUE_xlate_v1(struct xt_xlate * xl,const struct xt_xlate_tg_params * params)284*a71a9546SAutomerger Merge Worker static int NFQUEUE_xlate_v1(struct xt_xlate *xl,
285*a71a9546SAutomerger Merge Worker const struct xt_xlate_tg_params *params)
286*a71a9546SAutomerger Merge Worker {
287*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v1 *tinfo = (const void *)params->target->data;
288*a71a9546SAutomerger Merge Worker unsigned int last = tinfo->queues_total;
289*a71a9546SAutomerger Merge Worker
290*a71a9546SAutomerger Merge Worker if (last > 1) {
291*a71a9546SAutomerger Merge Worker last += tinfo->queuenum - 1;
292*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u-%u ", tinfo->queuenum, last);
293*a71a9546SAutomerger Merge Worker } else {
294*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u ", tinfo->queuenum);
295*a71a9546SAutomerger Merge Worker }
296*a71a9546SAutomerger Merge Worker
297*a71a9546SAutomerger Merge Worker return 1;
298*a71a9546SAutomerger Merge Worker }
299*a71a9546SAutomerger Merge Worker
NFQUEUE_xlate_v2(struct xt_xlate * xl,const struct xt_xlate_tg_params * params)300*a71a9546SAutomerger Merge Worker static int NFQUEUE_xlate_v2(struct xt_xlate *xl,
301*a71a9546SAutomerger Merge Worker const struct xt_xlate_tg_params *params)
302*a71a9546SAutomerger Merge Worker {
303*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v2 *info = (void *)params->target->data;
304*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
305*a71a9546SAutomerger Merge Worker
306*a71a9546SAutomerger Merge Worker if (last > 1) {
307*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
308*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u-%u ", info->queuenum, last);
309*a71a9546SAutomerger Merge Worker } else
310*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u ", info->queuenum);
311*a71a9546SAutomerger Merge Worker
312*a71a9546SAutomerger Merge Worker if (info->bypass & NFQ_FLAG_BYPASS)
313*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "bypass");
314*a71a9546SAutomerger Merge Worker
315*a71a9546SAutomerger Merge Worker return 1;
316*a71a9546SAutomerger Merge Worker }
317*a71a9546SAutomerger Merge Worker
NFQUEUE_xlate_v3(struct xt_xlate * xl,const struct xt_xlate_tg_params * params)318*a71a9546SAutomerger Merge Worker static int NFQUEUE_xlate_v3(struct xt_xlate *xl,
319*a71a9546SAutomerger Merge Worker const struct xt_xlate_tg_params *params)
320*a71a9546SAutomerger Merge Worker {
321*a71a9546SAutomerger Merge Worker const struct xt_NFQ_info_v3 *info = (void *)params->target->data;
322*a71a9546SAutomerger Merge Worker unsigned int last = info->queues_total;
323*a71a9546SAutomerger Merge Worker
324*a71a9546SAutomerger Merge Worker if (last > 1) {
325*a71a9546SAutomerger Merge Worker last += info->queuenum - 1;
326*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u-%u ", info->queuenum, last);
327*a71a9546SAutomerger Merge Worker } else
328*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "queue num %u ", info->queuenum);
329*a71a9546SAutomerger Merge Worker
330*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_BYPASS)
331*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "bypass");
332*a71a9546SAutomerger Merge Worker
333*a71a9546SAutomerger Merge Worker if (info->flags & NFQ_FLAG_CPU_FANOUT)
334*a71a9546SAutomerger Merge Worker xt_xlate_add(xl, "%sfanout ",
335*a71a9546SAutomerger Merge Worker info->flags & NFQ_FLAG_BYPASS ? "," : "");
336*a71a9546SAutomerger Merge Worker
337*a71a9546SAutomerger Merge Worker return 1;
338*a71a9546SAutomerger Merge Worker }
339*a71a9546SAutomerger Merge Worker
340*a71a9546SAutomerger Merge Worker static struct xtables_target nfqueue_targets[] = {
341*a71a9546SAutomerger Merge Worker {
342*a71a9546SAutomerger Merge Worker .family = NFPROTO_UNSPEC,
343*a71a9546SAutomerger Merge Worker .name = "NFQUEUE",
344*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
345*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct xt_NFQ_info)),
346*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info)),
347*a71a9546SAutomerger Merge Worker .help = NFQUEUE_help,
348*a71a9546SAutomerger Merge Worker .print = NFQUEUE_print,
349*a71a9546SAutomerger Merge Worker .save = NFQUEUE_save,
350*a71a9546SAutomerger Merge Worker .x6_parse = NFQUEUE_parse,
351*a71a9546SAutomerger Merge Worker .x6_options = NFQUEUE_opts,
352*a71a9546SAutomerger Merge Worker .xlate = NFQUEUE_xlate,
353*a71a9546SAutomerger Merge Worker },{
354*a71a9546SAutomerger Merge Worker .family = NFPROTO_UNSPEC,
355*a71a9546SAutomerger Merge Worker .revision = 1,
356*a71a9546SAutomerger Merge Worker .name = "NFQUEUE",
357*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
358*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct xt_NFQ_info_v1)),
359*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info_v1)),
360*a71a9546SAutomerger Merge Worker .help = NFQUEUE_help_v1,
361*a71a9546SAutomerger Merge Worker .init = NFQUEUE_init_v1,
362*a71a9546SAutomerger Merge Worker .print = NFQUEUE_print_v1,
363*a71a9546SAutomerger Merge Worker .save = NFQUEUE_save_v1,
364*a71a9546SAutomerger Merge Worker .x6_parse = NFQUEUE_parse_v1,
365*a71a9546SAutomerger Merge Worker .x6_options = NFQUEUE_opts,
366*a71a9546SAutomerger Merge Worker .xlate = NFQUEUE_xlate_v1,
367*a71a9546SAutomerger Merge Worker },{
368*a71a9546SAutomerger Merge Worker .family = NFPROTO_UNSPEC,
369*a71a9546SAutomerger Merge Worker .revision = 2,
370*a71a9546SAutomerger Merge Worker .name = "NFQUEUE",
371*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
372*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct xt_NFQ_info_v2)),
373*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info_v2)),
374*a71a9546SAutomerger Merge Worker .help = NFQUEUE_help_v2,
375*a71a9546SAutomerger Merge Worker .init = NFQUEUE_init_v1,
376*a71a9546SAutomerger Merge Worker .print = NFQUEUE_print_v2,
377*a71a9546SAutomerger Merge Worker .save = NFQUEUE_save_v2,
378*a71a9546SAutomerger Merge Worker .x6_parse = NFQUEUE_parse_v2,
379*a71a9546SAutomerger Merge Worker .x6_options = NFQUEUE_opts,
380*a71a9546SAutomerger Merge Worker .xlate = NFQUEUE_xlate_v2,
381*a71a9546SAutomerger Merge Worker },{
382*a71a9546SAutomerger Merge Worker .family = NFPROTO_UNSPEC,
383*a71a9546SAutomerger Merge Worker .revision = 3,
384*a71a9546SAutomerger Merge Worker .name = "NFQUEUE",
385*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
386*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct xt_NFQ_info_v3)),
387*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct xt_NFQ_info_v3)),
388*a71a9546SAutomerger Merge Worker .help = NFQUEUE_help_v3,
389*a71a9546SAutomerger Merge Worker .init = NFQUEUE_init_v1,
390*a71a9546SAutomerger Merge Worker .print = NFQUEUE_print_v3,
391*a71a9546SAutomerger Merge Worker .save = NFQUEUE_save_v3,
392*a71a9546SAutomerger Merge Worker .x6_parse = NFQUEUE_parse_v3,
393*a71a9546SAutomerger Merge Worker .x6_options = NFQUEUE_opts,
394*a71a9546SAutomerger Merge Worker .xlate = NFQUEUE_xlate_v3,
395*a71a9546SAutomerger Merge Worker }
396*a71a9546SAutomerger Merge Worker };
397*a71a9546SAutomerger Merge Worker
_init(void)398*a71a9546SAutomerger Merge Worker void _init(void)
399*a71a9546SAutomerger Merge Worker {
400*a71a9546SAutomerger Merge Worker xtables_register_targets(nfqueue_targets, ARRAY_SIZE(nfqueue_targets));
401*a71a9546SAutomerger Merge Worker }
402