首页 发现 帮助
注册 登录
OpenWrt
/
openwrt
镜像自地址 https://github.com/openwrt/openwrt.git
2
0
派生 0
文件 工单管理 0 Wiki
目录树: fc80ef3613
分支列表 标签列表
openwrt
/
package
/
network
/
utils
/
iproute2
/
patches
/
135-sync-iptables-header.patch

135-sync-iptables-header.patch 2.8 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 
  1. Description: Sync header from iptables
    2. 

  2.  The current versions in several suites have the same content:
    3. 

  3.   - 1.6.1-2 (unstable)
    4. 

  4. Bug: https://bugs.debian.org/868059
    5. 

  5. Forwarded: not-needed
    6. 

  6. Author: Cyril Brulebois <[email protected]>
    7. 

  7. Last-Update: 2017-11-22
    8. 

  8. --- a/include/xtables.h
    9. 

  9. +++ b/include/xtables.h
    10. 

  10. @@ -205,9 +205,24 @@ enum xtables_ext_flags {
    11. 

  11.  	XTABLES_EXT_ALIAS = 1 << 0,
    12. 

  12.  };
    13. 

  13.  
    14. 

  14. +struct xt_xlate;
    15. 

  15. +
    16. 

  16. +struct xt_xlate_mt_params {
    17. 

  17. +	const void			*ip;
    18. 

  18. +	const struct xt_entry_match	*match;
    19. 

  19. +	int				numeric;
    20. 

  20. +	bool				escape_quotes;
    21. 

  21. +};
    22. 

  22. +
    23. 

  23. +struct xt_xlate_tg_params {
    24. 

  24. +	const void			*ip;
    25. 

  25. +	const struct xt_entry_target	*target;
    26. 

  26. +	int				numeric;
    27. 

  27. +	bool				escape_quotes;
    28. 

  28. +};
    29. 

  29. +
    30. 

  30.  /* Include file for additions: new matches and targets. */
    31. 

  31. -struct xtables_match
    32. 

  32. -{
    33. 

  33. +struct xtables_match {
    34. 

  34.  	/*
    35. 

  35.  	 * ABI/API version this module requires. Must be first member,
    36. 

  36.  	 * as the rest of this struct may be subject to ABI changes.
    37. 

  37. @@ -269,6 +284,10 @@ struct xtables_match
    38. 

  38.  	void (*x6_fcheck)(struct xt_fcheck_call *);
    39. 

  39.  	const struct xt_option_entry *x6_options;
    40. 

  40.  
    41. 

  41. +	/* Translate iptables to nft */
    42. 

  42. +	int (*xlate)(struct xt_xlate *xl,
    43. 

  43. +		     const struct xt_xlate_mt_params *params);
    44. 

  44. +
    45. 

  45.  	/* Size of per-extension instance extra "global" scratch space */
    46. 

  46.  	size_t udata_size;
    47. 

  47.  
    48. 

  48. @@ -280,8 +299,7 @@ struct xtables_match
    49. 

  49.  	unsigned int loaded; /* simulate loading so options are merged properly */
    50. 

  50.  };
    51. 

  51.  
    52. 

  52. -struct xtables_target
    53. 

  53. -{
    54. 

  54. +struct xtables_target {
    55. 

  55.  	/*
    56. 

  56.  	 * ABI/API version this module requires. Must be first member,
    57. 

  57.  	 * as the rest of this struct may be subject to ABI changes.
    58. 

  58. @@ -346,6 +364,10 @@ struct xtables_target
    59. 

  59.  	void (*x6_fcheck)(struct xt_fcheck_call *);
    60. 

  60.  	const struct xt_option_entry *x6_options;
    61. 

  61.  
    62. 

  62. +	/* Translate iptables to nft */
    63. 

  63. +	int (*xlate)(struct xt_xlate *xl,
    64. 

  64. +		     const struct xt_xlate_tg_params *params);
    65. 

  65. +
    66. 

  66.  	size_t udata_size;
    67. 

  67.  
    68. 

  68.  	/* Ignore these men behind the curtain: */
    69. 

  69. @@ -406,6 +428,17 @@ struct xtables_globals
    70. 

  70.  
    71. 

  71.  #define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false}
    72. 

  72.  
    73. 

  73. +/*
    74. 

  74. + * enum op-
    75. 

  75. + *
    76. 

  76. + * For writing clean nftables translations code
    77. 

  77. + */
    78. 

  78. +enum xt_op {
    79. 

  79. +	XT_OP_EQ,
    80. 

  80. +	XT_OP_NEQ,
    81. 

  81. +	XT_OP_MAX,
    82. 

  82. +};
    83. 

  83. +
    84. 

  84.  #ifdef __cplusplus
    85. 

  85.  extern "C" {
    86. 

  86.  #endif
    87. 

  87. @@ -548,6 +581,14 @@ extern void xtables_lmap_free(struct xta
    88. 

  88.  extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *);
    89. 

  89.  extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int);
    90. 

  90.  
    91. 

  91. +/* xlate infrastructure */
    92. 

  92. +struct xt_xlate *xt_xlate_alloc(int size);
    93. 

  93. +void xt_xlate_free(struct xt_xlate *xl);
    94. 

  94. +void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
    95. 

  95. +void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment);
    96. 

  96. +const char *xt_xlate_get_comment(struct xt_xlate *xl);
    97. 

  97. +const char *xt_xlate_get(struct xt_xlate *xl);
    98. 

  98. +
    99. 

  99.  #ifdef XTABLES_INTERNAL
    100. 

  100.  
    101. 

  101.  /* Shipped modules rely on this... */
    102.