Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
extensions/libxt_tcpmss.c | 92 ++++++++++-----------------------------------
1 files changed, 20 insertions(+), 72 deletions(-)
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 3dc3528..c7c5971 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -1,14 +1,11 @@
-/* Shared library add-on to iptables to add tcp MSS matching support. */
-#include <stdbool.h>
#include <stdio.h>
-#include <netdb.h>
-#include <string.h>
-#include <stdlib.h>
-#include <getopt.h>
-
#include <xtables.h>
#include <linux/netfilter/xt_tcpmss.h>
+enum {
+ O_TCPMSS = 0,
+};
+
static void tcpmss_help(void)
{
printf(
@@ -17,71 +14,23 @@ static void tcpmss_help(void)
" (only valid for TCP SYN or SYN/ACK packets)\n");
}
-static const struct option tcpmss_opts[] = {
- {.name = "mss", .has_arg = true, .val = '1'},
- XT_GETOPT_TABLEEND,
+static const struct xt_option_entry tcpmss_opts[] = {
+ {.name = "mss", .id = O_TCPMSS, .type = XTTYPE_UINT16RC,
+ .flags = XTOPT_MAND | XTOPT_INVERT},
+ XTOPT_TABLEEND,
};
-static uint16_t
-parse_tcp_mssvalue(const char *mssvalue)
-{
- unsigned int mssvaluenum;
-
- if (xtables_strtoui(mssvalue, NULL, &mssvaluenum, 0, UINT16_MAX))
- return mssvaluenum;
-
- xtables_error(PARAMETER_PROBLEM,
- "Invalid mss `%s' specified", mssvalue);
-}
-
-static void
-parse_tcp_mssvalues(const char *mssvaluestring,
- uint16_t *mss_min, uint16_t *mss_max)
-{
- char *buffer;
- char *cp;
-
- buffer = strdup(mssvaluestring);
- if ((cp = strchr(buffer, ':')) == NULL)
- *mss_min = *mss_max = parse_tcp_mssvalue(buffer);
- else {
- *cp = '\0';
- cp++;
-
- *mss_min = buffer[0] ? parse_tcp_mssvalue(buffer) : 0;
- *mss_max = cp[0] ? parse_tcp_mssvalue(cp) : 0xFFFF;
- }
- free(buffer);
-}
-
-static int
-tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_match **match)
-{
- struct xt_tcpmss_match_info *mssinfo =
- (struct xt_tcpmss_match_info *)(*match)->data;
-
- switch (c) {
- case '1':
- if (*flags)
- xtables_error(PARAMETER_PROBLEM,
- "Only one `--mss' allowed");
- xtables_check_inverse(optarg, &invert, &optind, 0, argv);
- parse_tcp_mssvalues(optarg,
- &mssinfo->mss_min, &mssinfo->mss_max);
- if (invert)
- mssinfo->invert = 1;
- *flags = 1;
- break;
- }
- return 1;
-}
-
-static void tcpmss_check(unsigned int flags)
+static void tcpmss_parse(struct xt_option_call *cb)
{
- if (!flags)
- xtables_error(PARAMETER_PROBLEM,
- "tcpmss match: You must specify `--mss'");
+ struct xt_tcpmss_match_info *mssinfo = cb->data;
+
+ xtables_option_parse(cb);
+ mssinfo->mss_min = cb->val.u16_range[0];
+ mssinfo->mss_max = mssinfo->mss_min;
+ if (cb->nvals == 2)
+ mssinfo->mss_max = cb->val.u16_range[1];
+ if (cb->invert)
+ mssinfo->invert = 1;
}
static void
@@ -114,11 +63,10 @@ static struct xtables_match tcpmss_match = {
.size = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
.userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_match_info)),
.help = tcpmss_help,
- .parse = tcpmss_parse,
- .final_check = tcpmss_check,
.print = tcpmss_print,
.save = tcpmss_save,
- .extra_opts = tcpmss_opts,
+ .x6_parse = tcpmss_parse,
+ .x6_options = tcpmss_opts,
};
void _init(void)
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
