I made these changes, if I am not wrong now is possible to parse
target and match using libxtables:
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index 90bfc65..c43e10c 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -459,6 +459,8 @@ int do_commandeb(struct nft_handle *h, int argc,
char *argv[], char **table)
int rulenum_end = 0;
int ret = 0;
struct xtables_target *t;
+ struct xtables_rule_match *matchp = NULL;
+ struct xtables_match *m = NULL;
memset(&fw, 0, sizeof(fw));
@@ -925,19 +927,23 @@ big_iface_length:
continue;
default:
/* Is it a target option? */
- /*t = (struct ebt_u_target *)new_entry->t;
- if ((t->parse(c - t->option_offset, argv,
argc, new_entry, &t->flags, &t->t))) {
- if (ebt_errormsg[0] != '\0')
- return -1;
+ if (fw.target) {
+ xtables_option_tpcall(c, argv,
fw.invflags, fw.target, &fw);
goto check_extension;
- }*/
+ }
/* Is it a match_option? */
- /*for (m = ebt_matches; m; m = m->next)
- if (m->parse(c - m->option_offset,
argv, argc, new_entry, &m->flags, &m->m))
- break;
+ for (matchp = fw.matches; matchp; matchp =
matchp->next) {
+ m = matchp->match;
+
+ if (matchp->completed ||
+ (m->x6_parse == NULL && m->parse == NULL))
+ continue;
+
+ xtables_option_mpcall(c, argv,
fw.invflags, m, &fw);
+ }
- if (m != NULL) {
+ /*if (m != NULL) {
if (ebt_errormsg[0] != '\0')
return -1;
if (m->used == 0) {
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
