return NULL;
}
+void fwd_xt_parse_frag(
+ struct fwd_xt_rule *r, int frag, int inv
+) {
+ if( frag )
+ {
+ r->entry->ip.flags |= IPT_F_FRAG;
+
+ if( inv )
+ r->entry->ip.invflags |= IPT_INV_FRAG;
+ }
+}
void fwd_xt_parse_proto(
struct fwd_xt_rule *r, struct fwd_proto *p, int inv
}
-int fwd_xt_exec_rule(struct fwd_xt_rule *r, const char *chain)
+static int fwd_xt_exec_rule(struct fwd_xt_rule *r, const char *chain, int pos)
{
size_t s;
struct xtables_rule_match *m, *next;
memcpy(e->elems + s, r->target->t, r->target->t->u.target_size);
- rv = iptc_append_entry(chain, e, r->iptc);
+ rv = (pos > -1)
+ ? iptc_insert_entry(chain, e, (unsigned int) pos, r->iptc)
+ : iptc_append_entry(chain, e, r->iptc)
+ ;
}
else
{
return rv;
}
+int fwd_xt_insert_rule(
+ struct fwd_xt_rule *r, const char *chain, unsigned int pos
+) {
+ return fwd_xt_exec_rule(r, chain, pos);
+}
+
+int fwd_xt_append_rule(
+ struct fwd_xt_rule *r, const char *chain
+) {
+ return fwd_xt_exec_rule(r, chain, -1);
+}
+