netfilter: introduce xt_id match

[openwrt.git] / package / network / utils / iptables / patches / 500-add-xt_id-match.patch

diff --git a/package/network/utils/iptables/patches/500-add-xt_id-match.patch b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
new file mode 100644 (file)
index 0000000..94762f0
--- /dev/null
+++ b/package/network/utils/iptables/patches/500-add-xt_id-match.patch
@@ -0,0 +1,59 @@
+--- /dev/null
++++ b/extensions/libxt_id.c
+@@ -0,0 +1,45 @@
++/* Shared library add-on to iptables to add id match support. */
++
++#include <stdio.h>
++#include <xtables.h>
++#include <linux/netfilter/xt_id.h>
++
++enum {
++      O_ID = 0,
++};
++
++static const struct xt_option_entry id_opts[] = {
++      {
++              .name  = "id",
++              .id    = O_ID,
++              .type  = XTTYPE_UINT32,
++              .flags = XTOPT_MAND | XTOPT_PUT,
++              XTOPT_POINTER(struct xt_id_info, id)
++      },
++      XTOPT_TABLEEND,
++};
++
++/* Saves the union ipt_matchinfo in parsable form to stdout. */
++static void
++id_save(const void *ip, const struct xt_entry_match *match)
++{
++      struct xt_id_info *idinfo = (void *)match->data;
++
++      printf(" --id %lu", idinfo->id);
++}
++
++static struct xtables_match id_match = {
++      .family         = NFPROTO_UNSPEC,
++      .name           = "id",
++      .version        = XTABLES_VERSION,
++      .size           = XT_ALIGN(sizeof(struct xt_id_info)),
++      .userspacesize  = XT_ALIGN(sizeof(struct xt_id_info)),
++      .save           = id_save,
++      .x6_parse       = xtables_option_parse,
++      .x6_options     = id_opts,
++};
++
++void _init(void)
++{
++      xtables_register_match(&id_match);
++}
+--- /dev/null
++++ b/include/linux/netfilter/xt_id.h
+@@ -0,0 +1,8 @@
++#ifndef _XT_ID_H
++#define _XT_ID_H
++
++struct xt_id_info {
++      __u32 id;
++};
++
++#endif /* XT_ID_H */