On Nov 5 2007 01:14, Peter Warasin wrote: >Date: Mon, 05 Nov 2007 01:14:05 +0100 >From: Peter Warasin <peter@xxxxxxxxxx> >To: <netfilter-devel@xxxxxxxxxxxxxxx> >Subject: [PATCH 3/3] iptables-edit: introduces iptables-edit cli tool > > >-- >:: e n d i a n >:: open source - open minds > >:: peter warasin >:: http://www.endian.com :: peter@xxxxxxxxxx > |introduces the iptables-edit command line tool | |Signed-off-by: Peter Warasin <peter@xxxxxxxxxx> |--- | Makefile | 19 +++- | iptables-edit.c | 259 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ | iptables-multi.c | 4 | 3 files changed, 279 insertions(+), 3 deletions(-) | |Index: iptables-multi.c |=================================================================== |--- iptables-multi.c.orig |+++ iptables-multi.c |@@ -6,6 +6,7 @@ | int iptables_main(int argc, char **argv); | int iptables_save_main(int argc, char **argv); | int iptables_restore_main(int argc, char **argv); |+int iptables_edit_main(int argc, char **argv); | int iptables_xml_main(int argc, char **argv); | | int main(int argc, char **argv) { |@@ -28,6 +29,9 @@ | | if (!strcmp(progname, "iptables-xml")) | return iptables_xml_main(argc, argv); |+ |+ if (!strcmp(progname, "iptables-edit")) |+ return iptables_edit_main(argc, argv); | | fprintf(stderr, "iptables multi-purpose version: unknown applet name %s\n", progname); | exit(1); |Index: iptables-edit.c |=================================================================== |--- /dev/null |+++ iptables-edit.c |@@ -0,0 +1,259 @@ |+/* Code to apply iptables rules on an iptables dump file generated by iptables-save. */ |+/* (C) 2007 by Peter Warasin <peter@xxxxxxxxxx> |+ * based on previous code from Rusty Russell <rusty@xxxxxxxxxxxxxxxx> |+ * and Harald Welte <laforge@xxxxxxxxxxxx> |+ * |+ * This code is distributed under the terms of GNU GPL v2 |+ * |+ */ |+#include <getopt.h> |+#include <sys/errno.h> |+#include <stdio.h> |+#include <stdlib.h> |+#include <string.h> |+#include "libiptc/libiptc.h" |+#include "iptables.h" |+#include "iptables-dump.h" |+ |+int binary = 0, counters = 0, verbose = 0; |+char *modprobeparam = 0; |+char *dumpfile = 0; |+int commandargc = 0; |+char *commandargv[255]; |+ |+static struct option options[] = { |+ { "binary", 0, 0, 'b' }, |+ { "counters", 0, 0, 'c' }, |+ { "verbose", 0, 0, 'v' }, |+ { "help", 0, 0, 'h' }, |+ { "modprobe", 1, 0, 'M'}, |+ { "dump-file", 0, 0, 'i' }, Fix indent. |+ { 0 } {} or {NULL} |+}; |+ |+struct handle_list_t { |+ char tablename[IPT_TABLE_MAXNAMELEN + 1]; |+ iptc_handle_t handle; |+ struct handle_list_t *next; |+}; |+struct handle_list_t *table_handles = NULL; struct handle_list. _t is for typedefs. |+static void print_usage(const char *name, const char *version) __attribute__((noreturn)); Is this really needed... |+void add_handle(const char *tablename, iptc_handle_t handle) { |+ struct handle_list_t *tmp; |+ tmp = (struct handle_list_t *) malloc(sizeof(struct handle_list_t)); No casts. |+iptc_handle_t get_handle(const char *tablename) { '\n' before '{' missing? (Keep your own style consistent at least..) Also elsewhere. |+static int for_each_table(int (*func)(const char *tablename)) |+{ |+ int ret = 1; |+ FILE *procfile = NULL; |+ char tablename[IPT_TABLE_MAXNAMELEN+1]; WS. |+/* function adding one argument to newargv, updating newargc |+ * returns true if argument added, false otherwise */ |+static int add_argv(char *what) { |+ if (what && ((commandargc + 1) < sizeof(commandargv)/sizeof(char *))) { rid extra (); sizeof(a)/sizeof(*a) is probably available as ARRAY_SIZE macro already somewhere. |+ case 'M': |+ modprobeparam = optarg; |+ break; |+ case 'i': |+ dumpfile = optarg; |+ break; |+ |+ } |+ } - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html