Gitiles
Code Review Sign In
review.blissroms.org / platform_external_ebtables / a0efdcdbbbe6bc7ca6d1c9031d7b4e6fb0327acb / . / communication.c
blob: f19bda45280e85a6a79b1b1ac8414f2ab8fb1055 [file] [log] [blame]
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]1/*
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]2 * communication.c, v2.0 July 2002
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]3 *
4 * Author: Bart De Schuymer
5 *
6 */
7
Bart De Schuymer9895a8e2003-01-11 10:14:24 +0000[diff] [blame]8/*
9 * All the userspace/kernel communication is in this file.
10 * The other code should not have to know anything about the way the
11 * kernel likes the structure of the table data.
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]12 * The other code works with linked lists. So, the translation is done here.
Bart De Schuymer9895a8e2003-01-11 10:14:24 +0000[diff] [blame]13 */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]14
15#include <getopt.h>
16#include <string.h>
17#include <errno.h>
18#include <stdio.h>
19#include <stdlib.h>
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]20#include <fcntl.h>
21#include <unistd.h>
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]22#include <sys/socket.h>
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]23#include "include/ebtables_u.h"
24
25extern char* hooknames[NF_BR_NUMHOOKS];
26
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]27#ifdef KERNEL_64_USERSPACE_32
28#define sparc_cast (uint64_t)
29#else
30#define sparc_cast
31#endif
32
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]33int sockfd = -1;
34
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]35static int get_sockfd()
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]36{
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]37 int ret = 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]38 if (sockfd == -1) {
39 sockfd = socket(AF_INET, SOCK_RAW, PF_INET);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]40 if (sockfd < 0) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]41 ebt_print_error("Problem getting a socket, "
42 "you probably don't have the right "
43 "permissions");
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]44 ret = -1;
45 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]46 }
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]47 return ret;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]48}
49
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]50static struct ebt_replace *translate_user2kernel(struct ebt_u_replace *u_repl)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]51{
52 struct ebt_replace *new;
53 struct ebt_u_entry *e;
54 struct ebt_u_match_list *m_l;
55 struct ebt_u_watcher_list *w_l;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]56 struct ebt_u_entries *entries;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]57 char *p, *base;
58 int i, j;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]59 unsigned int entries_size = 0, *chain_offsets;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]60
61 new = (struct ebt_replace *)malloc(sizeof(struct ebt_replace));
62 if (!new)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]63 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]64 new->valid_hooks = u_repl->valid_hooks;
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]65 strcpy(new->name, u_repl->name);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]66 new->nentries = u_repl->nentries;
67 new->num_counters = u_repl->num_counters;
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]68 new->counters = sparc_cast u_repl->counters;
Bart De Schuymercaf30a42011-06-23 18:24:38 +0000[diff] [blame]69 chain_offsets = (unsigned int *)calloc(u_repl->num_chains, sizeof(unsigned int));
70 if (!chain_offsets)
71 ebt_print_memory();
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]72 /* Determine size */
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]73 for (i = 0; i < u_repl->num_chains; i++) {
74 if (!(entries = u_repl->chains[i]))
75 continue;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]76 chain_offsets[i] = entries_size;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]77 entries_size += sizeof(struct ebt_entries);
78 j = 0;
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]79 e = entries->entries->next;
80 while (e != entries->entries) {
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]81 j++;
82 entries_size += sizeof(struct ebt_entry);
83 m_l = e->m_list;
84 while (m_l) {
85 entries_size += m_l->m->match_size +
86 sizeof(struct ebt_entry_match);
87 m_l = m_l->next;
88 }
89 w_l = e->w_list;
90 while (w_l) {
91 entries_size += w_l->w->watcher_size +
92 sizeof(struct ebt_entry_watcher);
93 w_l = w_l->next;
94 }
95 entries_size += e->t->target_size +
96 sizeof(struct ebt_entry_target);
97 e = e->next;
98 }
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]99 /* A little sanity check */
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]100 if (j != entries->nentries)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]101 ebt_print_bug("Wrong nentries: %d != %d, hook = %s", j,
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]102 entries->nentries, entries->name);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]103 }
104
105 new->entries_size = entries_size;
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]106 p = (char *)malloc(entries_size);
107 if (!p)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]108 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]109
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]110 /* Put everything in one block */
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]111 new->entries = sparc_cast p;
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]112 for (i = 0; i < u_repl->num_chains; i++) {
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]113 struct ebt_entries *hlp;
114
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]115 hlp = (struct ebt_entries *)p;
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]116 if (!(entries = u_repl->chains[i]))
117 continue;
118 if (i < NF_BR_NUMHOOKS)
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]119 new->hook_entry[i] = sparc_cast hlp;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]120 hlp->nentries = entries->nentries;
121 hlp->policy = entries->policy;
122 strcpy(hlp->name, entries->name);
123 hlp->counter_offset = entries->counter_offset;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]124 hlp->distinguisher = 0; /* Make the kernel see the light */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]125 p += sizeof(struct ebt_entries);
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]126 e = entries->entries->next;
127 while (e != entries->entries) {
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]128 struct ebt_entry *tmp = (struct ebt_entry *)p;
129
130 tmp->bitmask = e->bitmask | EBT_ENTRY_OR_ENTRIES;
131 tmp->invflags = e->invflags;
132 tmp->ethproto = e->ethproto;
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]133 strcpy(tmp->in, e->in);
134 strcpy(tmp->out, e->out);
135 strcpy(tmp->logical_in, e->logical_in);
136 strcpy(tmp->logical_out, e->logical_out);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]137 memcpy(tmp->sourcemac, e->sourcemac,
138 sizeof(tmp->sourcemac));
139 memcpy(tmp->sourcemsk, e->sourcemsk,
140 sizeof(tmp->sourcemsk));
141 memcpy(tmp->destmac, e->destmac, sizeof(tmp->destmac));
142 memcpy(tmp->destmsk, e->destmsk, sizeof(tmp->destmsk));
143
144 base = p;
145 p += sizeof(struct ebt_entry);
146 m_l = e->m_list;
147 while (m_l) {
148 memcpy(p, m_l->m, m_l->m->match_size +
149 sizeof(struct ebt_entry_match));
150 p += m_l->m->match_size +
151 sizeof(struct ebt_entry_match);
152 m_l = m_l->next;
153 }
154 tmp->watchers_offset = p - base;
155 w_l = e->w_list;
156 while (w_l) {
157 memcpy(p, w_l->w, w_l->w->watcher_size +
158 sizeof(struct ebt_entry_watcher));
159 p += w_l->w->watcher_size +
160 sizeof(struct ebt_entry_watcher);
161 w_l = w_l->next;
162 }
163 tmp->target_offset = p - base;
164 memcpy(p, e->t, e->t->target_size +
165 sizeof(struct ebt_entry_target));
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]166 if (!strcmp(e->t->u.name, EBT_STANDARD_TARGET)) {
167 struct ebt_standard_target *st =
168 (struct ebt_standard_target *)p;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]169 /* Translate the jump to a udc */
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]170 if (st->verdict >= 0)
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]171 st->verdict = chain_offsets
172 [st->verdict + NF_BR_NUMHOOKS];
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]173 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]174 p += e->t->target_size +
175 sizeof(struct ebt_entry_target);
176 tmp->next_offset = p - base;
177 e = e->next;
178 }
179 }
180
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]181 /* Sanity check */
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]182 if (p - (char *)new->entries != new->entries_size)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]183 ebt_print_bug("Entries_size bug");
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]184 free(chain_offsets);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]185 return new;
186}
187
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]188static void store_table_in_file(char *filename, struct ebt_replace *repl)
189{
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]190 char *data;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]191 int size;
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]192 int fd;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]193
Bart De Schuymer025859c2009-12-11 17:35:01 +0000[diff] [blame]194 /* Start from an empty file with the correct priviliges */
195 if ((fd = creat(filename, 0600)) == -1) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]196 ebt_print_error("Couldn't create file %s", filename);
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]197 return;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]198 }
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]199
200 size = sizeof(struct ebt_replace) + repl->entries_size +
201 repl->nentries * sizeof(struct ebt_counter);
202 data = (char *)malloc(size);
203 if (!data)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]204 ebt_print_memory();
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]205 memcpy(data, repl, sizeof(struct ebt_replace));
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]206 memcpy(data + sizeof(struct ebt_replace), (char *)repl->entries,
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]207 repl->entries_size);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]208 /* Initialize counters to zero, deliver_counters() can update them */
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]209 memset(data + sizeof(struct ebt_replace) + repl->entries_size,
210 0, repl->nentries * sizeof(struct ebt_counter));
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]211 if (write(fd, data, size) != size)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]212 ebt_print_error("Couldn't write everything to file %s",
213 filename);
Bart De Schuymer6bdb9f42005-11-09 22:39:03 +0000[diff] [blame]214 close(fd);
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]215 free(data);
216}
217
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]218void ebt_deliver_table(struct ebt_u_replace *u_repl)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]219{
220 socklen_t optlen;
221 struct ebt_replace *repl;
222
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]223 /* Translate the struct ebt_u_replace to a struct ebt_replace */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]224 repl = translate_user2kernel(u_repl);
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]225 if (u_repl->filename != NULL) {
226 store_table_in_file(u_repl->filename, repl);
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]227 goto free_repl;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]228 }
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]229 /* Give the data to the kernel */
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]230 optlen = sizeof(struct ebt_replace) + repl->entries_size;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]231 if (get_sockfd())
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]232 goto free_repl;
Bart De Schuymer0cb01792003-05-04 16:52:04 +0000[diff] [blame]233 if (!setsockopt(sockfd, IPPROTO_IP, EBT_SO_SET_ENTRIES, repl, optlen))
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]234 goto free_repl;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]235 if (u_repl->command == 8) { /* The ebtables module may not
236 * yet be loaded with --atomic-commit */
Bart De Schuymer0cb01792003-05-04 16:52:04 +0000[diff] [blame]237 ebtables_insmod("ebtables");
238 if (!setsockopt(sockfd, IPPROTO_IP, EBT_SO_SET_ENTRIES,
239 repl, optlen))
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]240 goto free_repl;
Bart De Schuymer0cb01792003-05-04 16:52:04 +0000[diff] [blame]241 }
242
Bart De Schuymer192b91d2011-06-19 19:01:06 +0000[diff] [blame]243 ebt_print_error("Unable to update the kernel. Two possible causes:\n"
244 "1. Multiple ebtables programs were executing simultaneously. The ebtables\n"
245 " userspace tool doesn't by default support multiple ebtables programs running\n"
246 " concurrently. The ebtables option --concurrent or a tool like flock can be\n"
247 " used to support concurrent scripts that update the ebtables kernel tables.\n"
248 "2. The kernel doesn't support a certain ebtables extension, consider\n"
249 " recompiling your kernel or insmod the extension.\n");
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]250free_repl:
251 if (repl) {
252 free(repl->entries);
253 free(repl);
254 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]255}
256
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]257static int store_counters_in_file(char *filename, struct ebt_u_replace *repl)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]258{
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]259 int size = repl->nentries * sizeof(struct ebt_counter), ret = 0;
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]260 unsigned int entries_size;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]261 struct ebt_replace hlp;
262 FILE *file;
263
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]264 if (!(file = fopen(filename, "r+b"))) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]265 ebt_print_error("Could not open file %s", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]266 return -1;
267 }
268 /* Find out entries_size and then set the file pointer to the
269 * counters */
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]270 if (fseek(file, (char *)(&hlp.entries_size) - (char *)(&hlp), SEEK_SET)
271 || fread(&entries_size, sizeof(char), sizeof(unsigned int), file) !=
272 sizeof(unsigned int) ||
273 fseek(file, entries_size + sizeof(struct ebt_replace), SEEK_SET)) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]274 ebt_print_error("File %s is corrupt", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]275 ret = -1;
276 goto close_file;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]277 }
278 if (fwrite(repl->counters, sizeof(char), size, file) != size) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]279 ebt_print_error("Could not write everything to file %s",
280 filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]281 ret = -1;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]282 }
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]283close_file:
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]284 fclose(file);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]285 return 0;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]286}
287
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]288/* Gets executed after ebt_deliver_table. Delivers the counters to the kernel
289 * and resets the counterchanges to CNT_NORM */
Bart De Schuymer83a1b0f2005-09-28 19:36:17 +0000[diff] [blame]290void ebt_deliver_counters(struct ebt_u_replace *u_repl)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]291{
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]292 struct ebt_counter *old, *new, *newcounters;
293 socklen_t optlen;
294 struct ebt_replace repl;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]295 struct ebt_cntchanges *cc = u_repl->cc->next, *cc2;
Bart De Schuymerfaaa1a62011-08-11 18:23:13 +0000[diff] [blame]296 struct ebt_u_entries *entries = NULL;
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]297 struct ebt_u_entry *next = NULL;
298 int i, chainnr = 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]299
300 if (u_repl->nentries == 0)
301 return;
302
303 newcounters = (struct ebt_counter *)
304 malloc(u_repl->nentries * sizeof(struct ebt_counter));
305 if (!newcounters)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]306 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]307 memset(newcounters, 0, u_repl->nentries * sizeof(struct ebt_counter));
308 old = u_repl->counters;
309 new = newcounters;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]310 while (cc != u_repl->cc) {
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]311 if (!next || next == entries->entries) {
Bart De Schuymer5457c222011-12-04 09:16:57 +0000[diff] [blame]312 chainnr++;
Bart De Schuymer97783d22009-11-04 21:39:26 +0000[diff] [blame]313 while (chainnr < u_repl->num_chains && (!(entries = u_repl->chains[chainnr]) ||
314 (next = entries->entries->next) == entries->entries))
315 chainnr++;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]316 if (chainnr == u_repl->num_chains)
317 break;
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]318 }
Bart De Schuymercaf30a42011-06-23 18:24:38 +0000[diff] [blame]319 if (next == NULL)
320 ebt_print_bug("next == NULL");
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]321 if (cc->type == CNT_NORM) {
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]322 /* 'Normal' rule, meaning we didn't do anything to it
323 * So, we just copy */
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]324 *new = *old;
Bart De Schuymerab611e22005-02-14 20:20:03 +0000[diff] [blame]325 next->cnt = *new;
326 next->cnt_surplus.pcnt = next->cnt_surplus.bcnt = 0;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]327 old++; /* We've used an old counter */
328 new++; /* We've set a new counter */
Bart De Schuymerff587202005-02-08 20:02:28 +0000[diff] [blame]329 next = next->next;
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]330 } else if (cc->type == CNT_DEL) {
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]331 old++; /* Don't use this old counter */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]332 } else {
Bart De Schuymer0436eda2005-03-28 20:29:37 +0000[diff] [blame]333 if (cc->type == CNT_CHANGE) {
Bart De Schuymer0436eda2005-03-28 20:29:37 +0000[diff] [blame]334 if (cc->change % 3 == 1)
335 new->pcnt = old->pcnt + next->cnt_surplus.pcnt;
336 else if (cc->change % 3 == 2)
337 new->pcnt = old->pcnt - next->cnt_surplus.pcnt;
338 else
339 new->pcnt = next->cnt.pcnt;
340 if (cc->change / 3 == 1)
341 new->bcnt = old->bcnt + next->cnt_surplus.bcnt;
342 else if (cc->change / 3 == 2)
343 new->bcnt = old->bcnt - next->cnt_surplus.bcnt;
344 else
345 new->bcnt = next->cnt.bcnt;
Bart De Schuymerab611e22005-02-14 20:20:03 +0000[diff] [blame]346 } else
347 *new = next->cnt;
348 next->cnt = *new;
349 next->cnt_surplus.pcnt = next->cnt_surplus.bcnt = 0;
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]350 if (cc->type == CNT_ADD)
351 new++;
352 else {
353 old++;
354 new++;
355 }
Bart De Schuymerff587202005-02-08 20:02:28 +0000[diff] [blame]356 next = next->next;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]357 }
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]358 cc = cc->next;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]359 }
360
361 free(u_repl->counters);
362 u_repl->counters = newcounters;
363 u_repl->num_counters = u_repl->nentries;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]364 /* Reset the counterchanges to CNT_NORM and delete the unused cc */
365 i = 0;
366 cc = u_repl->cc->next;
367 while (cc != u_repl->cc) {
368 if (cc->type == CNT_DEL) {
369 cc->prev->next = cc->next;
370 cc->next->prev = cc->prev;
371 cc2 = cc->next;
372 free(cc);
373 cc = cc2;
374 } else {
375 cc->type = CNT_NORM;
376 cc->change = 0;
377 i++;
378 cc = cc->next;
379 }
380 }
381 if (i != u_repl->nentries)
382 ebt_print_bug("i != u_repl->nentries");
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]383 if (u_repl->filename != NULL) {
384 store_counters_in_file(u_repl->filename, u_repl);
385 return;
386 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]387 optlen = u_repl->nentries * sizeof(struct ebt_counter) +
388 sizeof(struct ebt_replace);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]389 /* Now put the stuff in the kernel's struct ebt_replace */
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]390 repl.counters = sparc_cast u_repl->counters;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]391 repl.num_counters = u_repl->num_counters;
392 memcpy(repl.name, u_repl->name, sizeof(repl.name));
393
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]394 if (get_sockfd())
395 return;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]396 if (setsockopt(sockfd, IPPROTO_IP, EBT_SO_SET_COUNTERS, &repl, optlen))
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]397 ebt_print_bug("Couldn't update kernel counters");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]398}
399
400static int
401ebt_translate_match(struct ebt_entry_match *m, struct ebt_u_match_list ***l)
402{
403 struct ebt_u_match_list *new;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]404 int ret = 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]405
406 new = (struct ebt_u_match_list *)
407 malloc(sizeof(struct ebt_u_match_list));
408 if (!new)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]409 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]410 new->m = (struct ebt_entry_match *)
411 malloc(m->match_size + sizeof(struct ebt_entry_match));
412 if (!new->m)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]413 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]414 memcpy(new->m, m, m->match_size + sizeof(struct ebt_entry_match));
415 new->next = NULL;
416 **l = new;
417 *l = &new->next;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]418 if (ebt_find_match(new->m->u.name) == NULL) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]419 ebt_print_error("Kernel match %s unsupported by userspace tool",
420 new->m->u.name);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]421 ret = -1;
422 }
423 return ret;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]424}
425
426static int
427ebt_translate_watcher(struct ebt_entry_watcher *w,
428 struct ebt_u_watcher_list ***l)
429{
430 struct ebt_u_watcher_list *new;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]431 int ret = 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]432
433 new = (struct ebt_u_watcher_list *)
434 malloc(sizeof(struct ebt_u_watcher_list));
435 if (!new)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]436 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]437 new->w = (struct ebt_entry_watcher *)
438 malloc(w->watcher_size + sizeof(struct ebt_entry_watcher));
439 if (!new->w)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]440 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]441 memcpy(new->w, w, w->watcher_size + sizeof(struct ebt_entry_watcher));
442 new->next = NULL;
443 **l = new;
444 *l = &new->next;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]445 if (ebt_find_watcher(new->w->u.name) == NULL) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]446 ebt_print_error("Kernel watcher %s unsupported by userspace "
447 "tool", new->w->u.name);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]448 ret = -1;
449 }
450 return ret;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]451}
452
453static int
Bart De Schuymer510c9ce2006-01-23 18:50:54 +0000[diff] [blame]454ebt_translate_entry(struct ebt_entry *e, int *hook, int *n, int *cnt,
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]455 int *totalcnt, struct ebt_u_entry **u_e, struct ebt_u_replace *u_repl,
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]456 unsigned int valid_hooks, char *base, struct ebt_cntchanges **cc)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]457{
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]458 /* An entry */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]459 if (e->bitmask & EBT_ENTRY_OR_ENTRIES) {
460 struct ebt_u_entry *new;
461 struct ebt_u_match_list **m_l;
462 struct ebt_u_watcher_list **w_l;
463 struct ebt_entry_target *t;
464
465 new = (struct ebt_u_entry *)malloc(sizeof(struct ebt_u_entry));
466 if (!new)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]467 ebt_print_memory();
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]468 new->bitmask = e->bitmask;
Bart De Schuymer9895a8e2003-01-11 10:14:24 +0000[diff] [blame]469 /*
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]470 * Plain userspace code doesn't know about
Bart De Schuymer9895a8e2003-01-11 10:14:24 +0000[diff] [blame]471 * EBT_ENTRY_OR_ENTRIES
472 */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]473 new->bitmask &= ~EBT_ENTRY_OR_ENTRIES;
474 new->invflags = e->invflags;
475 new->ethproto = e->ethproto;
Bart De Schuymere3cceb72002-07-26 12:47:33 +0000[diff] [blame]476 strcpy(new->in, e->in);
477 strcpy(new->out, e->out);
478 strcpy(new->logical_in, e->logical_in);
479 strcpy(new->logical_out, e->logical_out);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]480 memcpy(new->sourcemac, e->sourcemac, sizeof(new->sourcemac));
481 memcpy(new->sourcemsk, e->sourcemsk, sizeof(new->sourcemsk));
482 memcpy(new->destmac, e->destmac, sizeof(new->destmac));
483 memcpy(new->destmsk, e->destmsk, sizeof(new->destmsk));
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]484 if (*totalcnt >= u_repl->nentries)
485 ebt_print_bug("*totalcnt >= u_repl->nentries");
486 new->cnt = u_repl->counters[*totalcnt];
Bart De Schuymer0436eda2005-03-28 20:29:37 +0000[diff] [blame]487 new->cnt_surplus.pcnt = new->cnt_surplus.bcnt = 0;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]488 new->cc = *cc;
489 *cc = (*cc)->next;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]490 new->m_list = NULL;
491 new->w_list = NULL;
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]492 new->next = (*u_e)->next;
493 new->next->prev = new;
494 (*u_e)->next = new;
495 new->prev = *u_e;
496 *u_e = new;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]497 m_l = &new->m_list;
498 EBT_MATCH_ITERATE(e, ebt_translate_match, &m_l);
499 w_l = &new->w_list;
500 EBT_WATCHER_ITERATE(e, ebt_translate_watcher, &w_l);
501
502 t = (struct ebt_entry_target *)(((char *)e) + e->target_offset);
503 new->t = (struct ebt_entry_target *)
504 malloc(t->target_size + sizeof(struct ebt_entry_target));
505 if (!new->t)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]506 ebt_print_memory();
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]507 if (ebt_find_target(t->u.name) == NULL) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]508 ebt_print_error("Kernel target %s unsupported by "
509 "userspace tool", t->u.name);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]510 return -1;
511 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]512 memcpy(new->t, t, t->target_size +
513 sizeof(struct ebt_entry_target));
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]514 /* Deal with jumps to udc */
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]515 if (!strcmp(t->u.name, EBT_STANDARD_TARGET)) {
516 char *tmp = base;
517 int verdict = ((struct ebt_standard_target *)t)->verdict;
518 int i;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]519
520 if (verdict >= 0) {
521 tmp += verdict;
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]522 for (i = NF_BR_NUMHOOKS; i < u_repl->num_chains; i++)
523 if (u_repl->chains[i]->kernel_start == tmp)
524 break;
525 if (i == u_repl->num_chains)
526 ebt_print_bug("Can't find udc for jump");
Bart De Schuymer201e1b72006-03-13 19:31:13 +0000[diff] [blame]527 ((struct ebt_standard_target *)new->t)->verdict = i-NF_BR_NUMHOOKS;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]528 }
529 }
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]530
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]531 (*cnt)++;
532 (*totalcnt)++;
533 return 0;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]534 } else { /* A new chain */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]535 int i;
536 struct ebt_entries *entries = (struct ebt_entries *)e;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]537
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]538 if (*n != *cnt)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]539 ebt_print_bug("Nr of entries in the chain is wrong");
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]540 *n = entries->nentries;
541 *cnt = 0;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]542 for (i = *hook + 1; i < NF_BR_NUMHOOKS; i++)
543 if (valid_hooks & (1 << i))
544 break;
545 *hook = i;
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]546 *u_e = u_repl->chains[*hook]->entries;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]547 return 0;
548 }
549}
550
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]551/* Initialize all chain headers */
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]552static int
Bart De Schuymer510c9ce2006-01-23 18:50:54 +0000[diff] [blame]553ebt_translate_chains(struct ebt_entry *e, int *hook,
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]554 struct ebt_u_replace *u_repl, unsigned int valid_hooks)
555{
556 int i;
557 struct ebt_entries *entries = (struct ebt_entries *)e;
558 struct ebt_u_entries *new;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]559
560 if (!(e->bitmask & EBT_ENTRY_OR_ENTRIES)) {
561 for (i = *hook + 1; i < NF_BR_NUMHOOKS; i++)
562 if (valid_hooks & (1 << i))
563 break;
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]564 new = (struct ebt_u_entries *)malloc(sizeof(struct ebt_u_entries));
565 if (!new)
566 ebt_print_memory();
567 if (i == u_repl->max_chains)
568 ebt_double_chains(u_repl);
569 u_repl->chains[i] = new;
570 if (i >= NF_BR_NUMHOOKS)
571 new->kernel_start = (char *)e;
572 *hook = i;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]573 new->nentries = entries->nentries;
574 new->policy = entries->policy;
Bart De Schuymere94eaf72005-08-28 16:06:22 +0000[diff] [blame]575 new->entries = (struct ebt_u_entry *)malloc(sizeof(struct ebt_u_entry));
576 if (!new->entries)
577 ebt_print_memory();
578 new->entries->next = new->entries->prev = new->entries;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]579 new->counter_offset = entries->counter_offset;
580 strcpy(new->name, entries->name);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]581 }
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]582 return 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]583}
584
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]585static int retrieve_from_file(char *filename, struct ebt_replace *repl,
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]586 char command)
587{
588 FILE *file;
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]589 char *hlp = NULL, *entries;
590 struct ebt_counter *counters;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]591 int size, ret = 0;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]592
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]593 if (!(file = fopen(filename, "r+b"))) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]594 ebt_print_error("Could not open file %s", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]595 return -1;
596 }
597 /* Make sure table name is right if command isn't -L or --atomic-commit */
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]598 if (command != 'L' && command != 8) {
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]599 hlp = (char *)malloc(strlen(repl->name) + 1);
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]600 if (!hlp)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]601 ebt_print_memory();
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]602 strcpy(hlp, repl->name);
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]603 }
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]604 if (fread(repl, sizeof(char), sizeof(struct ebt_replace), file)
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]605 != sizeof(struct ebt_replace)) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]606 ebt_print_error("File %s is corrupt", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]607 ret = -1;
608 goto close_file;
609 }
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]610 if (command != 'L' && command != 8 && strcmp(hlp, repl->name)) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]611 ebt_print_error("File %s contains wrong table name or is "
612 "corrupt", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]613 ret = -1;
614 goto close_file;
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]615 } else if (!ebt_find_table(repl->name)) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]616 ebt_print_error("File %s contains invalid table name",
617 filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]618 ret = -1;
619 goto close_file;
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]620 }
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]621
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]622 size = sizeof(struct ebt_replace) +
623 repl->nentries * sizeof(struct ebt_counter) + repl->entries_size;
624 fseek(file, 0, SEEK_END);
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]625 if (size != ftell(file)) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]626 ebt_print_error("File %s has wrong size", filename);
Bart De Schuymer2f7e8d12005-01-19 21:23:02 +0000[diff] [blame]627 ret = -1;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]628 goto close_file;
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]629 }
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]630 entries = (char *)malloc(repl->entries_size);
631 if (!entries)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]632 ebt_print_memory();
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]633 repl->entries = sparc_cast entries;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]634 if (repl->nentries) {
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]635 counters = (struct ebt_counter *)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]636 malloc(repl->nentries * sizeof(struct ebt_counter));
Bart De Schuymer8e96bee2003-08-27 16:59:39 +0000[diff] [blame]637 repl->counters = sparc_cast counters;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]638 if (!repl->counters)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]639 ebt_print_memory();
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]640 } else
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]641 repl->counters = sparc_cast NULL;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]642 /* Copy entries and counters */
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]643 if (fseek(file, sizeof(struct ebt_replace), SEEK_SET) ||
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]644 fread((char *)repl->entries, sizeof(char), repl->entries_size, file)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]645 != repl->entries_size ||
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]646 fseek(file, sizeof(struct ebt_replace) + repl->entries_size,
647 SEEK_SET)
Bart De Schuymercaf30a42011-06-23 18:24:38 +0000[diff] [blame]648 || (repl->counters && fread((char *)repl->counters, sizeof(char),
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]649 repl->nentries * sizeof(struct ebt_counter), file)
Bart De Schuymercaf30a42011-06-23 18:24:38 +0000[diff] [blame]650 != repl->nentries * sizeof(struct ebt_counter))) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]651 ebt_print_error("File %s is corrupt", filename);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]652 free(entries);
653 repl->entries = NULL;
654 ret = -1;
Bart De Schuymere8890ff2002-07-15 20:29:04 +0000[diff] [blame]655 }
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]656close_file:
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]657 fclose(file);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]658 free(hlp);
659 return ret;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]660}
661
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]662static int retrieve_from_kernel(struct ebt_replace *repl, char command,
663 int init)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]664{
665 socklen_t optlen;
666 int optname;
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]667 char *entries;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]668
669 optlen = sizeof(struct ebt_replace);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]670 if (get_sockfd())
671 return -1;
Bart De Schuymer9895a8e2003-01-11 10:14:24 +0000[diff] [blame]672 /* --atomic-init || --init-table */
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]673 if (init)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]674 optname = EBT_SO_GET_INIT_INFO;
675 else
676 optname = EBT_SO_GET_INFO;
677 if (getsockopt(sockfd, IPPROTO_IP, optname, repl, &optlen))
678 return -1;
679
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]680 if ( !(entries = (char *)malloc(repl->entries_size)) )
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]681 ebt_print_memory();
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]682 repl->entries = sparc_cast entries;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]683 if (repl->nentries) {
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]684 struct ebt_counter *counters;
685
686 if (!(counters = (struct ebt_counter *)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]687 malloc(repl->nentries * sizeof(struct ebt_counter))) )
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]688 ebt_print_memory();
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]689 repl->counters = sparc_cast counters;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]690 }
691 else
Bart De Schuymerf81c2702003-07-23 21:07:04 +0000[diff] [blame]692 repl->counters = sparc_cast NULL;
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]693
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]694 /* We want to receive the counters */
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]695 repl->num_counters = repl->nentries;
696 optlen += repl->entries_size + repl->num_counters *
697 sizeof(struct ebt_counter);
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]698 if (init)
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]699 optname = EBT_SO_GET_INIT_ENTRIES;
700 else
701 optname = EBT_SO_GET_ENTRIES;
702 if (getsockopt(sockfd, IPPROTO_IP, optname, repl, &optlen))
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]703 ebt_print_bug("Hmm, what is wrong??? bug#1");
Bart De Schuymer62423742002-07-14 19:06:20 +0000[diff] [blame]704
705 return 0;
706}
707
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]708int ebt_get_table(struct ebt_u_replace *u_repl, int init)
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]709{
710 int i, j, k, hook;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]711 struct ebt_replace repl;
Bart De Schuymerfaaa1a62011-08-11 18:23:13 +0000[diff] [blame]712 struct ebt_u_entry *u_e = NULL;
713 struct ebt_cntchanges *new_cc = NULL, *cc;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]714
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]715 strcpy(repl.name, u_repl->name);
Bart De Schuymer62a7fdb2002-08-24 21:01:21 +0000[diff] [blame]716 if (u_repl->filename != NULL) {
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]717 if (init)
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]718 ebt_print_bug("Getting initial table data from a file is impossible");
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]719 if (retrieve_from_file(u_repl->filename, &repl, u_repl->command))
720 return -1;
721 /* -L with a wrong table name should be dealt with silently */
Bart De Schuymer62a7fdb2002-08-24 21:01:21 +0000[diff] [blame]722 strcpy(u_repl->name, repl.name);
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]723 } else if (retrieve_from_kernel(&repl, u_repl->command, init))
Bart De Schuymer0cff9e92002-07-25 12:29:50 +0000[diff] [blame]724 return -1;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]725
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]726 /* Translate the struct ebt_replace to a struct ebt_u_replace */
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]727 u_repl->valid_hooks = repl.valid_hooks;
728 u_repl->nentries = repl.nentries;
729 u_repl->num_counters = repl.num_counters;
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]730 u_repl->counters = repl.counters;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]731 u_repl->cc = (struct ebt_cntchanges *)malloc(sizeof(struct ebt_cntchanges));
732 if (!u_repl->cc)
733 ebt_print_memory();
734 u_repl->cc->next = u_repl->cc->prev = u_repl->cc;
735 cc = u_repl->cc;
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]736 for (i = 0; i < repl.nentries; i++) {
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]737 new_cc = (struct ebt_cntchanges *)malloc(sizeof(struct ebt_cntchanges));
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]738 if (!new_cc)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]739 ebt_print_memory();
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]740 new_cc->type = CNT_NORM;
Bart De Schuymer0436eda2005-03-28 20:29:37 +0000[diff] [blame]741 new_cc->change = 0;
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]742 new_cc->prev = cc;
743 cc->next = new_cc;
744 cc = new_cc;
745 }
746 if (repl.nentries) {
747 new_cc->next = u_repl->cc;
748 u_repl->cc->prev = new_cc;
Bart De Schuymer8339ff12004-01-14 20:05:27 +0000[diff] [blame]749 }
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]750 u_repl->chains = (struct ebt_u_entries **)calloc(EBT_ORI_MAX_CHAINS, sizeof(void *));
751 u_repl->max_chains = EBT_ORI_MAX_CHAINS;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]752 hook = -1;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]753 /* FIXME: Clean up when an error is encountered */
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]754 EBT_ENTRY_ITERATE(repl.entries, repl.entries_size, ebt_translate_chains,
755 &hook, u_repl, u_repl->valid_hooks);
Bart De Schuymer9bfcfd82005-08-27 16:52:19 +0000[diff] [blame]756 if (hook >= NF_BR_NUMHOOKS)
757 u_repl->num_chains = hook + 1;
758 else
759 u_repl->num_chains = NF_BR_NUMHOOKS;
Bart De Schuymer6622a012005-01-19 21:09:05 +0000[diff] [blame]760 i = 0; /* Holds the expected nr. of entries for the chain */
761 j = 0; /* Holds the up to now counted entries for the chain */
Bart De Schuymerd2ced822005-01-23 19:19:00 +0000[diff] [blame]762 k = 0; /* Holds the total nr. of entries, should equal u_repl->nentries afterwards */
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]763 cc = u_repl->cc->next;
Bart De Schuymer60332e02002-06-23 08:01:47 +0000[diff] [blame]764 hook = -1;
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]765 EBT_ENTRY_ITERATE((char *)repl.entries, repl.entries_size,
766 ebt_translate_entry, &hook, &i, &j, &k, &u_e, u_repl,
Bart De Schuymer482fbaf2005-08-28 13:16:25 +0000[diff] [blame]767 u_repl->valid_hooks, (char *)repl.entries, &cc);
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]768 if (k != u_repl->nentries)
Bart De Schuymer64182a32004-01-21 20:39:54 +0000[diff] [blame]769 ebt_print_bug("Wrong total nentries");
Bart De Schuymer92579fe2005-09-01 20:35:43 +0000[diff] [blame]770 free(repl.entries);
Bart De Schuymer9ce6ee92002-06-14 21:56:35 +0000[diff] [blame]771 return 0;
Bart De Schuymer1abc55d2002-06-01 19:23:47 +0000[diff] [blame]772}