mirror of
https://github.com/status-im/miniupnp.git
synced 2025-01-18 10:22:03 +00:00
use the same name for all three tables, like sshguard does
This commit is contained in:
parent
13b63da3fb
commit
6a53e6e765
@ -77,27 +77,27 @@ init_redirect(void) {
|
||||
|
||||
/* 'ip' family */
|
||||
if (result == 0) {
|
||||
result = table_op(NFT_MSG_NEWTABLE, NFPROTO_IPV4, nft_table4);
|
||||
result = table_op(NFT_MSG_NEWTABLE, NFPROTO_IPV4, nft_table);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV4, nft_table4,
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV4, nft_table,
|
||||
nft_prerouting_chain, NAT_CHAIN_TYPE, NF_INET_PRE_ROUTING, NF_IP_PRI_NAT_DST);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV4, nft_table4,
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV4, nft_table,
|
||||
nft_postrouting_chain, NAT_CHAIN_TYPE, NF_INET_POST_ROUTING, NF_IP_PRI_NAT_SRC);
|
||||
}
|
||||
|
||||
/* 'ip6' family */
|
||||
if (result == 0) {
|
||||
result = table_op(NFT_MSG_NEWTABLE, NFPROTO_IPV6, nft_table6);
|
||||
result = table_op(NFT_MSG_NEWTABLE, NFPROTO_IPV6, nft_table);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV6, nft_table6,
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV6, nft_table,
|
||||
nft_prerouting_chain, NAT_CHAIN_TYPE, NF_INET_PRE_ROUTING, NF_IP_PRI_NAT_DST);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV6, nft_table6,
|
||||
result = chain_op(NFT_MSG_NEWCHAIN, NFPROTO_IPV6, nft_table,
|
||||
nft_postrouting_chain, NAT_CHAIN_TYPE, NF_INET_POST_ROUTING, NF_IP_PRI_NAT_SRC);
|
||||
}
|
||||
|
||||
@ -116,27 +116,27 @@ shutdown_redirect(void) {
|
||||
}
|
||||
|
||||
/* 'ip' family */
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV4, nft_table4,
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV4, nft_table,
|
||||
nft_prerouting_chain, NAT_CHAIN_TYPE, NF_INET_PRE_ROUTING, NF_IP_PRI_NAT_DST);
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV4, nft_table4,
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV4, nft_table,
|
||||
nft_postrouting_chain, NAT_CHAIN_TYPE, NF_INET_POST_ROUTING, NF_IP_PRI_NAT_SRC);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = table_op(NFT_MSG_DELTABLE, NFPROTO_IPV4, nft_table4);
|
||||
result = table_op(NFT_MSG_DELTABLE, NFPROTO_IPV4, nft_table);
|
||||
}
|
||||
|
||||
/* 'ip6' family */
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV6, nft_table6,
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV6, nft_table,
|
||||
nft_prerouting_chain, NAT_CHAIN_TYPE, NF_INET_PRE_ROUTING, NF_IP_PRI_NAT_DST);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV6, nft_table6,
|
||||
result = chain_op(NFT_MSG_DELCHAIN, NFPROTO_IPV6, nft_table,
|
||||
nft_postrouting_chain, NAT_CHAIN_TYPE, NF_INET_POST_ROUTING, NF_IP_PRI_NAT_SRC);
|
||||
}
|
||||
if (result == 0) {
|
||||
result = table_op(NFT_MSG_DELTABLE, NFPROTO_IPV6, nft_table6);
|
||||
result = table_op(NFT_MSG_DELTABLE, NFPROTO_IPV6, nft_table);
|
||||
}
|
||||
|
||||
finish_batch();
|
||||
@ -157,12 +157,6 @@ set_rdr_name(rdr_name_type param, const char *string) {
|
||||
case TABLE_NAME:
|
||||
nft_table = string;
|
||||
break;
|
||||
case TABLE4_NAME:
|
||||
nft_table4 = string;
|
||||
break;
|
||||
case TABLE6_NAME:
|
||||
nft_table6 = string;
|
||||
break;
|
||||
case NAT_CHAIN_NAME:
|
||||
nft_prerouting_chain = string;
|
||||
break;
|
||||
|
@ -64,8 +64,6 @@
|
||||
#define RULE_CACHE_VALID 1
|
||||
|
||||
const char * nft_table = "miniupnpd";
|
||||
const char * nft_table4 = "miniupnpd4";
|
||||
const char * nft_table6 = "miniupnpd6";
|
||||
const char * nft_prerouting_chain = "prerouting";
|
||||
const char * nft_postrouting_chain = "postrouting";
|
||||
const char * nft_forward_chain = "forward";
|
||||
@ -656,7 +654,7 @@ table_cb(const struct nlmsghdr *nlh, void *data)
|
||||
void
|
||||
refresh_nft_cache_filter(void) {
|
||||
if (rule_list_filter_validate != RULE_CACHE_VALID) {
|
||||
refresh_nft_cache(&head_filter, nft_table4, nft_forward_chain, NFPROTO_INET);
|
||||
refresh_nft_cache(&head_filter, nft_table, nft_forward_chain, NFPROTO_INET);
|
||||
rule_list_filter_validate = RULE_CACHE_VALID;
|
||||
}
|
||||
}
|
||||
@ -664,7 +662,7 @@ refresh_nft_cache_filter(void) {
|
||||
void
|
||||
refresh_nft_cache_peer(void) {
|
||||
if (rule_list_peer_validate != RULE_CACHE_VALID) {
|
||||
refresh_nft_cache(&head_peer, nft_table4, nft_postrouting_chain, NFPROTO_IPV4);
|
||||
refresh_nft_cache(&head_peer, nft_table, nft_postrouting_chain, NFPROTO_IPV4);
|
||||
rule_list_peer_validate = RULE_CACHE_VALID;
|
||||
}
|
||||
}
|
||||
@ -673,7 +671,7 @@ void
|
||||
refresh_nft_cache_redirect(void)
|
||||
{
|
||||
if (rule_list_redirect_validate != RULE_CACHE_VALID) {
|
||||
refresh_nft_cache(&head_redirect, nft_table4, nft_prerouting_chain, NFPROTO_IPV4);
|
||||
refresh_nft_cache(&head_redirect, nft_table, nft_prerouting_chain, NFPROTO_IPV4);
|
||||
rule_list_redirect_validate = RULE_CACHE_VALID;
|
||||
}
|
||||
}
|
||||
@ -935,9 +933,9 @@ rule_set_snat(uint8_t family, uint8_t proto,
|
||||
return NULL;
|
||||
}
|
||||
|
||||
nftnl_rule_set(r, NFTNL_RULE_TABLE, family == NFPROTO_IPV6 ? nft_table6 : nft_table4);
|
||||
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_postrouting_chain);
|
||||
nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family);
|
||||
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
|
||||
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_postrouting_chain);
|
||||
|
||||
if (descr != NULL) {
|
||||
descr_len = strlen(descr);
|
||||
@ -1021,9 +1019,9 @@ rule_set_dnat(uint8_t family, const char * ifname, uint8_t proto,
|
||||
return NULL;
|
||||
}
|
||||
|
||||
nftnl_rule_set(r, NFTNL_RULE_TABLE, family == NFPROTO_IPV6 ? nft_table6 : nft_table4);
|
||||
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_prerouting_chain);
|
||||
nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family);
|
||||
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
|
||||
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_prerouting_chain);
|
||||
|
||||
if (descr != NULL) {
|
||||
descr_len = strlen(descr);
|
||||
@ -1183,9 +1181,9 @@ rule_set_filter_common(struct nftnl_rule *r, uint8_t family, const char * ifname
|
||||
uint32_t descr_len;
|
||||
UNUSED(eport);
|
||||
|
||||
nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family);
|
||||
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
|
||||
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_forward_chain);
|
||||
nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family);
|
||||
|
||||
if (descr != NULL) {
|
||||
descr_len = strlen(descr);
|
||||
|
@ -9,8 +9,6 @@
|
||||
#include <sys/queue.h>
|
||||
|
||||
extern const char * nft_table;
|
||||
extern const char * nft_table4;
|
||||
extern const char * nft_table6;
|
||||
extern const char * nft_prerouting_chain;
|
||||
extern const char * nft_postrouting_chain;
|
||||
extern const char * nft_forward_chain;
|
||||
|
Loading…
x
Reference in New Issue
Block a user