2 * fwd - OpenWrt firewall daemon - libiptc/libxtables interface headers
4 * Copyright (C) 2009 Jo-Philipp Wich <xm@subsignal.org>
6 * The fwd program is free software: you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License version 2
8 * as published by the Free Software Foundation.
10 * The fwd program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
13 * See the GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with the fwd program. If not, see http://www.gnu.org/licenses/.
20 #ifndef __FWD_XTABLES_H__
21 #define __FWD_XTABLES_H__
25 #include <libiptc/libxtc.h>
31 #include <sys/utsname.h>
36 struct iptc_handle *iptc;
37 struct ipt_entry *entry;
38 struct xtables_rule_match *matches;
39 struct xtables_target *target;
43 /* Required by certain extensions like SNAT and DNAT */
44 extern int kernel_version;
45 extern void get_kernel_version(void);
48 void fwd_xt_init(void);
50 struct fwd_xt_rule * fwd_xt_init_rule(const char *table);
52 void fwd_xt_parse_proto(struct fwd_xt_rule *r, struct fwd_proto *p, int inv);
53 void fwd_xt_parse_in(struct fwd_xt_rule *r, struct fwd_network_list *n, int inv);
54 void fwd_xt_parse_out(struct fwd_xt_rule *r, struct fwd_network_list *n, int inv);
55 void fwd_xt_parse_src(struct fwd_xt_rule *r, struct fwd_cidr *c, int inv);
56 void fwd_xt_parse_dest(struct fwd_xt_rule *r, struct fwd_cidr *c, int inv);
58 struct xtables_match * fwd_xt_get_match(struct fwd_xt_rule *r, const char *name);
59 void fwd_xt_parse_match(struct fwd_xt_rule *r, struct xtables_match *m, const char *opt, const char *val);
61 struct xtables_target * fwd_xt_get_target(struct fwd_xt_rule *r, const char *name);
62 void fwd_xt_parse_target(struct fwd_xt_rule *r, struct xtables_target *t, const char *opt, const char *val);
64 int fwd_xt_exec_rule(struct fwd_xt_rule *r, const char *chain);