Move print_rule to the file it's used in.
This commit is contained in:
Paul Chambers
Thomas Bernard
parent
9d1680455e
commit
913194cf75
|
|
@ -18,6 +18,7 @@ case "$argv" in
|
||||||
--ipv6) IPV6=1 ;;
|
--ipv6) IPV6=1 ;;
|
||||||
--igd2) IGD2=1 ;;
|
--igd2) IGD2=1 ;;
|
||||||
--strict) STRICT=1 ;;
|
--strict) STRICT=1 ;;
|
||||||
|
--debug) DEBUG=1 ;;
|
||||||
--leasefile) LEASEFILE=1 ;;
|
--leasefile) LEASEFILE=1 ;;
|
||||||
--vendorcfg) VENDORCFG=1 ;;
|
--vendorcfg) VENDORCFG=1 ;;
|
||||||
--pcp-peer) PCP_PEER=1 ;;
|
--pcp-peer) PCP_PEER=1 ;;
|
||||||
|
|
@ -39,6 +40,7 @@ case "$argv" in
|
||||||
echo " --ipv6 enable IPv6"
|
echo " --ipv6 enable IPv6"
|
||||||
echo " --igd2 build an IGDv2 instead of an IGDv1"
|
echo " --igd2 build an IGDv2 instead of an IGDv1"
|
||||||
echo " --strict be more strict regarding compliance with UPnP specifications"
|
echo " --strict be more strict regarding compliance with UPnP specifications"
|
||||||
|
echo " --debug #define DEBUG 1"
|
||||||
echo " --leasefile enable lease file"
|
echo " --leasefile enable lease file"
|
||||||
echo " --vendorcfg enable configuration of manufacturer info"
|
echo " --vendorcfg enable configuration of manufacturer info"
|
||||||
echo " --pcp-peer enable PCP PEER operation"
|
echo " --pcp-peer enable PCP PEER operation"
|
||||||
|
|
@ -122,6 +124,11 @@ echo "#define MINIUPNPD_VERSION \"`cat VERSION`\"" >> ${CONFIGFILE}
|
||||||
echo "#define MINIUPNPD_DATE \"$MINIUPNPD_DATE\"" >> ${CONFIGFILE}
|
echo "#define MINIUPNPD_DATE \"$MINIUPNPD_DATE\"" >> ${CONFIGFILE}
|
||||||
echo "" >> ${CONFIGFILE}
|
echo "" >> ${CONFIGFILE}
|
||||||
|
|
||||||
|
if [ -n "$DEBUG" ] ; then
|
||||||
|
echo "#define DEBUG 1" >> ${CONFIGFILE}
|
||||||
|
echo "" >> ${CONFIGFILE}
|
||||||
|
fi
|
||||||
|
|
||||||
cat >> ${CONFIGFILE} <<EOF
|
cat >> ${CONFIGFILE} <<EOF
|
||||||
#ifndef XSTR
|
#ifndef XSTR
|
||||||
#define XSTR(s) STR(s)
|
#define XSTR(s) STR(s)
|
||||||
|
|
|
||||||
|
|
@ -738,34 +738,3 @@ update_portmapping(const char * ifname, unsigned short eport, int proto,
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DEBUG
|
|
||||||
/* for debug */
|
|
||||||
|
|
||||||
extern void print_rule(rule_t *r);
|
|
||||||
|
|
||||||
/* read the "filter" and "nat" tables */
|
|
||||||
int
|
|
||||||
list_redirect_rule(const char * ifname)
|
|
||||||
{
|
|
||||||
rule_t *p;
|
|
||||||
UNUSED(ifname);
|
|
||||||
|
|
||||||
refresh_nft_cache_filter();
|
|
||||||
LIST_FOREACH(p, &head_filter, entry) {
|
|
||||||
print_rule(p);
|
|
||||||
}
|
|
||||||
|
|
||||||
refresh_nft_cache_redirect();
|
|
||||||
LIST_FOREACH(p, &head_redirect, entry) {
|
|
||||||
print_rule(p);
|
|
||||||
}
|
|
||||||
|
|
||||||
refresh_nft_cache_peer();
|
|
||||||
LIST_FOREACH(p, &head_peer, entry) {
|
|
||||||
print_rule(p);
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
|
||||||
|
|
@ -81,9 +81,4 @@ get_portmappings_in_range(unsigned short startport, unsigned short endport,
|
||||||
int get_nat_ext_addr(struct sockaddr* src, struct sockaddr *dst, uint8_t proto,
|
int get_nat_ext_addr(struct sockaddr* src, struct sockaddr *dst, uint8_t proto,
|
||||||
struct sockaddr* ret_ext);
|
struct sockaddr* ret_ext);
|
||||||
|
|
||||||
/* for debug */
|
|
||||||
int
|
|
||||||
list_redirect_rule(const char * ifname);
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -107,22 +107,46 @@ nft_mnl_connect(void)
|
||||||
void
|
void
|
||||||
nft_mnl_disconnect(void)
|
nft_mnl_disconnect(void)
|
||||||
{
|
{
|
||||||
mnl_socket_close(mnl_sock);
|
if (mnl_sock != NULL) {
|
||||||
mnl_sock = NULL;
|
mnl_socket_close(mnl_sock);
|
||||||
|
mnl_sock = NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DEBUG
|
#ifdef DEBUG
|
||||||
void
|
void
|
||||||
print_rule(rule_t *r)
|
print_rule(const char *func, int line, const struct nftnl_rule *rule)
|
||||||
{
|
{
|
||||||
char buf[8192];
|
fprintf(stdout,"%s[%d]: ", func, line);
|
||||||
|
nftnl_rule_fprintf(stdout, rule, NFTNL_OUTPUT_DEFAULT, 0);
|
||||||
nftnl_rule_snprintf(buf, sizeof(buf), r, NFTNL_OUTPUT_DEFAULT, 0);
|
}
|
||||||
fprintf(stdout, "%s\n", buf);
|
|
||||||
|
/* print out the "filter" and "nat" tables */
|
||||||
|
void
|
||||||
|
print_redirect_rules(const char * ifname)
|
||||||
|
{
|
||||||
|
rule_t *p;
|
||||||
|
int i;
|
||||||
|
UNUSED(ifname);
|
||||||
|
|
||||||
|
refresh_nft_cache_filter();
|
||||||
|
i = 1;
|
||||||
|
LIST_FOREACH(p, &head_filter, entry) {
|
||||||
|
print_rule("filter", i++, p);
|
||||||
|
}
|
||||||
|
|
||||||
|
refresh_nft_cache_redirect();
|
||||||
|
i = 1;
|
||||||
|
LIST_FOREACH(p, &head_redirect, entry) {
|
||||||
|
print_rule("redirect", i++, p);
|
||||||
|
}
|
||||||
|
|
||||||
|
refresh_nft_cache_peer();
|
||||||
|
i = 1;
|
||||||
|
LIST_FOREACH(p, &head_peer, entry) {
|
||||||
|
print_rule("peer", 0, p);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#define debug_rule(rule) do { print_rule(rule); } while (0)
|
|
||||||
#else
|
|
||||||
#define debug_rule(rule)
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static enum rule_reg_type *
|
static enum rule_reg_type *
|
||||||
|
|
@ -452,7 +476,7 @@ static int
|
||||||
table_cb(const struct nlmsghdr *nlh, void *data)
|
table_cb(const struct nlmsghdr *nlh, void *data)
|
||||||
{
|
{
|
||||||
int result = MNL_CB_OK;
|
int result = MNL_CB_OK;
|
||||||
struct nftnl_rule *t;
|
struct nftnl_rule *rule;
|
||||||
uint32_t len;
|
uint32_t len;
|
||||||
struct nftnl_expr *expr;
|
struct nftnl_expr *expr;
|
||||||
struct nftnl_expr_iter *itr;
|
struct nftnl_expr_iter *itr;
|
||||||
|
|
@ -470,30 +494,29 @@ table_cb(const struct nlmsghdr *nlh, void *data)
|
||||||
log_error("out of memory: %m");
|
log_error("out of memory: %m");
|
||||||
} else {
|
} else {
|
||||||
memset(r, 0, sizeof(rule_t));
|
memset(r, 0, sizeof(rule_t));
|
||||||
t = nftnl_rule_alloc();
|
rule = nftnl_rule_alloc();
|
||||||
if (t == NULL) {
|
if (rule == NULL) {
|
||||||
log_error("nftnl_rule_alloc() FAILED");
|
log_error("nftnl_rule_alloc() FAILED");
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
if (nftnl_rule_nlmsg_parse(nlh, t) < 0) {
|
if (nftnl_rule_nlmsg_parse(nlh, rule) < 0) {
|
||||||
log_error("nftnl_rule_nlmsg_parse FAILED");
|
log_error("nftnl_rule_nlmsg_parse FAILED");
|
||||||
} else {
|
} else {
|
||||||
|
chain = (char *) nftnl_rule_get_data(rule, NFTNL_RULE_CHAIN, &len);
|
||||||
chain = (char *) nftnl_rule_get_data(t, NFTNL_RULE_CHAIN, &len);
|
|
||||||
if (strcmp(chain, nft_prerouting_chain) == 0 ||
|
if (strcmp(chain, nft_prerouting_chain) == 0 ||
|
||||||
strcmp(chain, nft_postrouting_chain) == 0 ||
|
strcmp(chain, nft_postrouting_chain) == 0 ||
|
||||||
strcmp(chain, nft_forward_chain) == 0) {
|
strcmp(chain, nft_forward_chain) == 0) {
|
||||||
r->table = strdup(
|
r->table = strdup(
|
||||||
(char *) nftnl_rule_get_data(t, NFTNL_RULE_TABLE, &len));
|
(char *) nftnl_rule_get_data(rule, NFTNL_RULE_TABLE, &len));
|
||||||
r->chain = strdup(chain);
|
r->chain = strdup(chain);
|
||||||
r->family = *(uint32_t *) nftnl_rule_get_data(t, NFTNL_RULE_FAMILY,
|
r->family = *(uint32_t *) nftnl_rule_get_data(rule, NFTNL_RULE_FAMILY,
|
||||||
&len);
|
&len);
|
||||||
descr = (char *) nftnl_rule_get_data(t, NFTNL_RULE_USERDATA,
|
descr = (char *) nftnl_rule_get_data(rule, NFTNL_RULE_USERDATA,
|
||||||
&r->desc_len);
|
&r->desc_len);
|
||||||
if (r->desc_len > 0)
|
if (r->desc_len > 0)
|
||||||
r->desc = strndup(descr, r->desc_len);
|
r->desc = strndup(descr, r->desc_len);
|
||||||
|
|
||||||
r->handle = *(uint32_t *) nftnl_rule_get_data(t,
|
r->handle = *(uint32_t *) nftnl_rule_get_data(rule,
|
||||||
NFTNL_RULE_HANDLE,
|
NFTNL_RULE_HANDLE,
|
||||||
&len);
|
&len);
|
||||||
r->type = RULE_NONE;
|
r->type = RULE_NONE;
|
||||||
|
|
@ -504,7 +527,7 @@ table_cb(const struct nlmsghdr *nlh, void *data)
|
||||||
r->type = RULE_FILTER;
|
r->type = RULE_FILTER;
|
||||||
}
|
}
|
||||||
|
|
||||||
itr = nftnl_expr_iter_create(t);
|
itr = nftnl_expr_iter_create(rule);
|
||||||
|
|
||||||
while ((expr = nftnl_expr_iter_next(itr)) != NULL) {
|
while ((expr = nftnl_expr_iter_next(itr)) != NULL) {
|
||||||
rule_expr_cb(expr, r);
|
rule_expr_cb(expr, r);
|
||||||
|
|
@ -538,7 +561,7 @@ table_cb(const struct nlmsghdr *nlh, void *data)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
nftnl_rule_free(t);
|
nftnl_rule_free(rule);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -92,6 +92,19 @@ nft_mnl_connect(void);
|
||||||
void
|
void
|
||||||
nft_mnl_disconnect(void);
|
nft_mnl_disconnect(void);
|
||||||
|
|
||||||
|
#ifdef DEBUG
|
||||||
|
void
|
||||||
|
print_rule(const char *func, int line, const struct nftnl_rule *rule);
|
||||||
|
|
||||||
|
void
|
||||||
|
print_redirect_rules(const char * ifname);
|
||||||
|
|
||||||
|
#define debug_rule(rule) do { print_rule(__func__, __LINE__, rule); } while (0)
|
||||||
|
|
||||||
|
#else
|
||||||
|
#define debug_rule(rule)
|
||||||
|
#endif
|
||||||
|
|
||||||
int
|
int
|
||||||
nft_send_rule(struct nftnl_rule * rule, uint16_t cmd, enum rule_chain_type type);
|
nft_send_rule(struct nftnl_rule * rule, uint16_t cmd, enum rule_chain_type type);
|
||||||
struct nftnl_rule *
|
struct nftnl_rule *
|
||||||
|
|
@ -126,7 +139,6 @@ void refresh_nft_cache_filter(void);
|
||||||
void refresh_nft_cache_redirect(void);
|
void refresh_nft_cache_redirect(void);
|
||||||
void refresh_nft_cache_peer(void);
|
void refresh_nft_cache_peer(void);
|
||||||
void refresh_nft_cache(struct rule_list *head, const char *table, const char *chain, uint32_t family);
|
void refresh_nft_cache(struct rule_list *head, const char *table, const char *chain, uint32_t family);
|
||||||
void print_rule(rule_t *r);
|
|
||||||
|
|
||||||
int
|
int
|
||||||
table_op(enum nf_tables_msg_types op, uint16_t family, const char * name);
|
table_op(enum nf_tables_msg_types op, uint16_t family, const char * name);
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
|
|
||||||
#include "nftnlrdr.h"
|
#include "nftnlrdr.h"
|
||||||
|
#include "nftnlrdr_misc.h"
|
||||||
#include "../commonrdr.h"
|
#include "../commonrdr.h"
|
||||||
|
|
||||||
#ifndef PRIu64
|
#ifndef PRIu64
|
||||||
|
|
@ -84,7 +85,7 @@ main(int argc, char ** argv)
|
||||||
printf("test\n");
|
printf("test\n");
|
||||||
}
|
}
|
||||||
printf("trying to list nat rules :\n");
|
printf("trying to list nat rules :\n");
|
||||||
list_redirect_rule(argv[1]);
|
print_redirect_rules(argv[1]);
|
||||||
printf("deleting\n");
|
printf("deleting\n");
|
||||||
delete_redirect_and_filter_rules(eport, IPPROTO_TCP);
|
delete_redirect_and_filter_rules(eport, IPPROTO_TCP);
|
||||||
return 0;
|
return 0;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue