~ubuntu-branches/ubuntu/precise/iptables/precise-proposed

Viewing changes to extensions/libxt_cluster.c

Committer: Bazaar Package Importer
Author(s): Bhavani Shankar
Date: 2009-07-14 15:59:54 UTC
mfrom: (5.1.7 upstream)
Revision ID: james.westby@ubuntu.com-20090714155954-9039kro8cnh6lb1q

Tags: 1.4.4-1ubuntu1

* Merge from debian unstable, remaining changes: LP: #399211
  - Don't fail to run iptables-save if iptables module isn't loaded.
  - debian/patches/0901-build-libipq_pic.a.patch - Build libipq_pic.a with
    -fPIC. Upstream changed build system and patch modified accordingly.
  - Revert changes between 1.4.1.1-3 and 1.4.1.1-4, thus bringing back
    the howtos.
  - Added linuxdoc-tools to Build-Depends
  - Modified debian/iptables{,-dev}.install to match DM syntax
    (removed debian/tmp)

files added:
COMMIT_NOTES

debian/iptables.links

extensions/libxt_cluster.c

extensions/libxt_cluster.man

extensions/libxt_policy.c

include/linux/netfilter/xt_cluster.h

m4/libtool.m4

m4/ltoptions.m4

m4/ltsugar.m4

m4/ltversion.m4

m4/lt~obsolete.m4

files removed:
extensions/libip6t_policy.c

extensions/libipt_policy.c

files modified:
Makefile.in

aclocal.m4

config.h.in

configure

configure.ac

debian/changelog

debian/patches/0101-changelog.patch

depcomp

extensions/GNUmakefile.in

extensions/dscp_helper.c

extensions/libip6t_LOG.c

extensions/libip6t_REJECT.c

extensions/libip6t_hl.c

extensions/libip6t_icmp6.c

extensions/libip6t_ipv6header.c

extensions/libip6t_mh.c

extensions/libipt_DNAT.c

extensions/libipt_DNAT.man

extensions/libipt_LOG.c

extensions/libipt_MASQUERADE.c

extensions/libipt_NETMAP.c

extensions/libipt_REDIRECT.c

extensions/libipt_REJECT.c

extensions/libipt_SAME.c

extensions/libipt_SAME.man

extensions/libipt_SET.c

extensions/libipt_SET.man

extensions/libipt_SNAT.c

extensions/libipt_SNAT.man

extensions/libipt_addrtype.man

extensions/libipt_icmp.c

extensions/libipt_realm.c

extensions/libipt_set.c

extensions/libipt_set.h

extensions/libipt_set.man

extensions/libxt_CLASSIFY.c

extensions/libxt_CONNSECMARK.c

extensions/libxt_MARK.c

extensions/libxt_RATEEST.c

extensions/libxt_SECMARK.c

extensions/libxt_TCPMSS.man

extensions/libxt_TPROXY.man

extensions/libxt_TRACE.c

extensions/libxt_comment.c

extensions/libxt_connbytes.c

extensions/libxt_connlimit.c

extensions/libxt_connlimit.man

extensions/libxt_connmark.c

extensions/libxt_conntrack.c

extensions/libxt_dccp.c

extensions/libxt_hashlimit.c

extensions/libxt_helper.c

extensions/libxt_length.c

extensions/libxt_limit.c

extensions/libxt_mark.c

extensions/libxt_multiport.c

extensions/libxt_physdev.c

extensions/libxt_pkttype.c

extensions/libxt_quota.c

extensions/libxt_rateest.c

extensions/libxt_recent.man

extensions/libxt_sctp.c

extensions/libxt_standard.c

extensions/libxt_state.c

extensions/libxt_statistic.c

extensions/libxt_string.c

extensions/libxt_tcp.c

extensions/libxt_tcp.man

extensions/libxt_time.c

extensions/libxt_u32.c

include/Makefile.in

include/net/netfilter/nf_nat.h

include/xtables.h.in

install-sh

ip6tables-restore.c

ip6tables-save.c

iptables-restore.c

iptables-save.c

iptables-xml.c

libipq/Makefile.in

ltmain.sh *

missing

xtables.c

Show diffs side-by-side

added added

removed removed

extensions/libxt_cluster.c

* This program is free software; you can redistribute it and/or modify

* it under the terms of the GNU General Public License version 2 as

* published by the Free Software Foundation.

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

#include <getopt.h>

#include <stddef.h>

#include <xtables.h>

#include <linux/netfilter/x_tables.h>

#include <linux/netfilter/xt_cluster.h>

/* hack to keep for check */

static unsigned int total_nodes;

static unsigned int node_mask;

static void

cluster_help(void)

{

printf(

"cluster match options:\n"

" --cluster-total-nodes <num> Set number of total nodes in cluster\n"

" [!] --cluster-local-node <num> Set the local node number\n"

" [!] --cluster-local-nodemask <num> Set the local node mask\n"

" --cluster-hash-seed <num> Set seed value of the Jenkins hash\n");

}

enum {

CLUSTER_OPT_TOTAL_NODES,

CLUSTER_OPT_LOCAL_NODE,

CLUSTER_OPT_NODE_MASK,

CLUSTER_OPT_HASH_SEED,

};

static const struct option cluster_opts[] = {

{ "cluster-total-nodes", 1, NULL, CLUSTER_OPT_TOTAL_NODES },

{ "cluster-local-node", 1, NULL, CLUSTER_OPT_LOCAL_NODE },

{ "cluster-local-nodemask", 1, NULL, CLUSTER_OPT_NODE_MASK },

{ "cluster-hash-seed", 1, NULL, CLUSTER_OPT_HASH_SEED },

{ .name = NULL }

};

static int

cluster_parse(int c, char **argv, int invert, unsigned int *flags,

const void *entry, struct xt_entry_match **match)

{

struct xt_cluster_match_info *info = (void *)(*match)->data;

unsigned int num;

switch (c) {

case CLUSTER_OPT_TOTAL_NODES:

if (*flags & (1 << c)) {

xtables_error(PARAMETER_PROBLEM,

"Can only specify "

"`--cluster-total-nodes' once");

}

if (!xtables_strtoui(optarg, NULL, &num, 1,

XT_CLUSTER_NODES_MAX)) {

xtables_error(PARAMETER_PROBLEM,

"Unable to parse `%s' in "

"`--cluster-total-nodes'", optarg);

}

total_nodes = num;

info->total_nodes = total_nodes = num;

*flags |= 1 << c;

break;

case CLUSTER_OPT_LOCAL_NODE:

if (*flags & (1 << c)) {

xtables_error(PARAMETER_PROBLEM,

"Can only specify "

"`--cluster-local-node' once");

}

if (*flags & (1 << CLUSTER_OPT_NODE_MASK)) {

xtables_error(PARAMETER_PROBLEM, "You cannot use "

"`--cluster-local-nodemask' and "

"`--cluster-local-node'");

}

xtables_check_inverse(optarg, &invert, &optind, 0);

if (!xtables_strtoui(optarg, NULL, &num, 1,

XT_CLUSTER_NODES_MAX)) {

xtables_error(PARAMETER_PROBLEM,

"Unable to parse `%s' in "

"`--cluster-local-node'", optarg);

}

if (invert)

info->flags |= (1 << XT_CLUSTER_F_INV);

info->node_mask = node_mask = (1 << (num - 1));

*flags |= 1 << c;

break;

case CLUSTER_OPT_NODE_MASK:

if (*flags & (1 << c)) {

xtables_error(PARAMETER_PROBLEM,

100

"Can only specify "

101

"`--cluster-local-node' once");

102

}

103

if (*flags & (1 << CLUSTER_OPT_LOCAL_NODE)) {

104

xtables_error(PARAMETER_PROBLEM, "You cannot use "

105

"`--cluster-local-nodemask' and "

106

"`--cluster-local-node'");

107

}

108

xtables_check_inverse(optarg, &invert, &optind, 0);

109

110

if (!xtables_strtoui(optarg, NULL, &num, 1,

111

XT_CLUSTER_NODES_MAX)) {

112

xtables_error(PARAMETER_PROBLEM,

113

"Unable to parse `%s' in "

114

"`--cluster-local-node'", optarg);

115

}

116

if (invert)

117

info->flags |= (1 << XT_CLUSTER_F_INV);

118

119

info->node_mask = node_mask = num;

120

*flags |= 1 << c;

121

break;

122

123

case CLUSTER_OPT_HASH_SEED:

124

if (*flags & (1 << c)) {

125

xtables_error(PARAMETER_PROBLEM,

126

"Can only specify "

127

"`--cluster-hash-seed' once");

128

}

129

if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX)) {

130

xtables_error(PARAMETER_PROBLEM,

131

"Unable to parse `%s'", optarg);

132

}

133

info->hash_seed = num;

134

*flags |= 1 << c;

135

break;

136

default:

137

return 0;

138

}

139

140

return 1;

141

}

142

143

static void

144

cluster_check(unsigned int flags)

145

{

146

if ((flags & ((1 << CLUSTER_OPT_TOTAL_NODES) |

147

(1 << CLUSTER_OPT_LOCAL_NODE) |

148

(1 << CLUSTER_OPT_HASH_SEED)))

149

== ((1 << CLUSTER_OPT_TOTAL_NODES) |

150

(1 << CLUSTER_OPT_LOCAL_NODE) |

151

(1 << CLUSTER_OPT_HASH_SEED))) {

152

if (node_mask >= (1ULL << total_nodes)) {

153

xtables_error(PARAMETER_PROBLEM,

154

"cluster match: "

155

"`--cluster-local-node' "

156

"must be <= `--cluster-total-nodes'");

157

}

158

return;

159

}

160

if ((flags & ((1 << CLUSTER_OPT_TOTAL_NODES) |

161

(1 << CLUSTER_OPT_NODE_MASK) |

162

(1 << CLUSTER_OPT_HASH_SEED)))

163

== ((1 << CLUSTER_OPT_TOTAL_NODES) |

164

(1 << CLUSTER_OPT_NODE_MASK) |

165

(1 << CLUSTER_OPT_HASH_SEED))) {

166

if (node_mask >= (1ULL << total_nodes)) {

167

xtables_error(PARAMETER_PROBLEM,

168

"cluster match: "

169

"`--cluster-local-nodemask' too big "

170

"for `--cluster-total-nodes'");

171

}

172

return;

173

}

174

if (!(flags & (1 << CLUSTER_OPT_TOTAL_NODES))) {

175

xtables_error(PARAMETER_PROBLEM,

176

"cluster match: `--cluster-total-nodes' "

177

"is missing");

178

}

179

if (!(flags & (1 << CLUSTER_OPT_HASH_SEED))) {

180

xtables_error(PARAMETER_PROBLEM,

181

"cluster match: `--cluster-hash-seed' "

182

"is missing");

183

}

184

if (!(flags & ((1 << (CLUSTER_OPT_LOCAL_NODE) |

185

(1 << (CLUSTER_OPT_NODE_MASK)))))) {

186

xtables_error(PARAMETER_PROBLEM,

187

"cluster match: `--cluster-local-node' or"

188

"`--cluster-local-nodemask' is missing");

189

}

190

}

191

192

static void

193

cluster_print(const void *ip, const struct xt_entry_match *match, int numeric)

194

{

195

const struct xt_cluster_match_info *info = (void *)match->data;

196

197

printf("cluster ");

198

if (info->flags & XT_CLUSTER_F_INV)

199

printf("!node_mask=0x%08x ", info->node_mask);

200

else

201

printf("node_mask=0x%08x ", info->node_mask);

202

203

printf("total_nodes=%u hash_seed=0x%08x ",

204

info->total_nodes, info->hash_seed);

205

}

206

207

static void

208

cluster_save(const void *ip, const struct xt_entry_match *match)

209

{

210

const struct xt_cluster_match_info *info = (void *)match->data;

211

212

if (info->flags & XT_CLUSTER_F_INV)

213

printf("! --cluster-local-nodemask 0x%08x ", info->node_mask);

214

else

215

printf("--cluster-local-nodemask 0x%08x ", info->node_mask);

216

217

printf("--cluster-total-nodes %u --cluster-hash-seed 0x%08x ",

218

info->total_nodes, info->hash_seed);

219

}

220

221

static struct xtables_match cluster_mt_reg = {

222

.family = NFPROTO_UNSPEC,

223

.name = "cluster",

224

.version = XTABLES_VERSION,

225

.size = XT_ALIGN(sizeof(struct xt_cluster_match_info)),

226

.userspacesize = XT_ALIGN(sizeof(struct xt_cluster_match_info)),

227

.help = cluster_help,

228

.parse = cluster_parse,

229

.final_check = cluster_check,

230

.print = cluster_print,

231

.save = cluster_save,

232

.extra_opts = cluster_opts,

233

};

234

235

void _init(void)

236

{

237

xtables_register_match(&cluster_mt_reg);

238

}

Older »