#include "fwd.h"
#include "fwd_xtables.h"
+#include "fwd_utils.h"
/* Required by certain extensions like SNAT and DNAT */
return NULL;
}
+void fwd_xt_parse_frag(
+ struct fwd_xt_rule *r, int frag, int inv
+) {
+ if( frag )
+ {
+ r->entry->ip.flags |= IPT_F_FRAG;
+
+ if( inv )
+ r->entry->ip.invflags |= IPT_INV_FRAG;
+ }
+}
void fwd_xt_parse_proto(
struct fwd_xt_rule *r, struct fwd_proto *p, int inv
}
void fwd_xt_parse_in(
- struct fwd_xt_rule *r, struct fwd_network_list *n, int inv
+ struct fwd_xt_rule *r, struct fwd_network *n, int inv
) {
if( n != NULL )
{
}
void fwd_xt_parse_out(
- struct fwd_xt_rule *r, struct fwd_network_list *n, int inv
+ struct fwd_xt_rule *r, struct fwd_network *n, int inv
) {
if( n != NULL )
{
}
m->parse(optc, opts, inv, &m->mflags, r->entry, &m->m);
+ inv = 0;
}
}
}
t->parse(optc, opts, inv, &t->tflags, r->entry, &t->t);
+ inv = 0;
}
}
}
-int fwd_xt_exec_rule(struct fwd_xt_rule *r, const char *chain)
+static int fwd_xt_exec_rule(struct fwd_xt_rule *r, const char *chain, int pos)
{
size_t s;
struct xtables_rule_match *m, *next;
memcpy(e->elems + s, r->target->t, r->target->t->u.target_size);
- rv = iptc_append_entry(chain, e, r->iptc);
+ rv = (pos > -1)
+ ? iptc_insert_entry(chain, e, (unsigned int) pos, r->iptc)
+ : iptc_append_entry(chain, e, r->iptc)
+ ;
}
else
{
return rv;
}
+int fwd_xt_insert_rule(
+ struct fwd_xt_rule *r, const char *chain, unsigned int pos
+) {
+ return fwd_xt_exec_rule(r, chain, pos);
+}
+
+int fwd_xt_append_rule(
+ struct fwd_xt_rule *r, const char *chain
+) {
+ return fwd_xt_exec_rule(r, chain, -1);
+}
+
projects / project / luci.git / blobdiff