X-Git-Url: https://git.octo.it/?a=blobdiff_plain;f=src%2Fiptables.c;h=aa53074a641aae4acf9b8d98e0f6907591f04904;hb=77460335ec305aa4fbd8218c6e5c1c849fbef9c0;hp=c8542a5f78b2378a6a61842bf0ab34da9bb46e91;hpb=6a15196163ed05f9f8541962ef8782e5e22e1009;p=collectd.git diff --git a/src/iptables.c b/src/iptables.c index c8542a5f..aa53074a 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -29,13 +29,38 @@ #include "plugin.h" #include "configfile.h" +#include + #if OWN_LIBIPTC -# include "libiptc/libiptc.h" -# include "libiptc/libip6tc.h" -#else +# include "owniptc/libiptc.h" +# include "owniptc/libip6tc.h" + +# define HAVE_IPTC_HANDLE_T 1 +# define HAVE_IP6TC_HANDLE_T 1 + +#else /* if !OWN_LIBIPTC */ # include # include -#endif + +/* + * iptc_handle_t was available before libiptc was officially available as a + * shared library. Note, that when the shared lib was introduced, the API and + * ABI have changed slightly: + * 'iptc_handle_t' used to be 'struct iptc_handle *' and most functions used + * 'iptc_handle_t *' as an argument. Now, most functions use 'struct + * iptc_handle *' (thus removing one level of pointer indirection). + * + * HAVE_IPTC_HANDLE_T is used to determine which API ought to be used. While + * this is somewhat hacky, I didn't find better way to solve that :-/ + * -tokkee + */ +# ifndef HAVE_IPTC_HANDLE_T +typedef struct iptc_handle iptc_handle_t; +# endif +# ifndef HAVE_IP6TC_HANDLE_T +typedef struct ip6tc_handle ip6tc_handle_t; +# endif +#endif /* !OWN_LIBIPTC */ /* * (Module-)Global variables @@ -54,15 +79,19 @@ static int config_keys_num = STATIC_ARRAY_SIZE (config_keys); /* Each table/chain combo that will be queried goes into this list */ + +enum protocol_version_e +{ + IPV4, + IPV6 +}; +typedef enum protocol_version_e protocol_version_t; + #ifndef XT_TABLE_MAXNAMELEN # define XT_TABLE_MAXNAMELEN 32 #endif typedef struct { - enum - { - IPV4, - IPV6 - } ip_version; + protocol_version_t ip_version; char table[XT_TABLE_MAXNAMELEN]; char chain[XT_TABLE_MAXNAMELEN]; union @@ -85,14 +114,14 @@ static int chain_num = 0; static int iptables_config (const char *key, const char *value) { /* int ip_value; */ - enum { IPV4, IPV6 } ip_protocol; + protocol_version_t ip_version = 0; if (strcasecmp (key, "Chain") == 0) - ip_protocol = IPV4; + ip_version = IPV4; else if (strcasecmp (key, "Chain6") == 0) - ip_protocol = IPV6; + ip_version = IPV6; - if (( ip_protocol == IPV4 ) || ( ip_protocol == IPV6 )) + if (( ip_version == IPV4 ) || ( ip_version == IPV6 )) { ip_chain_t temp, *final, **list; char *table; @@ -122,7 +151,7 @@ static int iptables_config (const char *key, const char *value) */ /* set IPv4 or IPv6 */ - temp.ip_version = ip_protocol; + temp.ip_version = ip_version; /* Chain [ [name]] */ fields_num = strsplit (value_copy, fields, 4); @@ -423,8 +452,15 @@ static int iptables_read (void) if ( chain->ip_version == IPV4 ) { - iptc_handle_t handle; +#ifdef HAVE_IPTC_HANDLE_T + iptc_handle_t _handle; + iptc_handle_t *handle = &_handle; + + *handle = iptc_init (chain->table); +#else + iptc_handle_t *handle; handle = iptc_init (chain->table); +#endif if (!handle) { @@ -434,13 +470,20 @@ static int iptables_read (void) continue; } - submit_chain (&handle, chain); - iptc_free (&handle); + submit_chain (handle, chain); + iptc_free (handle); } else if ( chain->ip_version == IPV6 ) { - ip6tc_handle_t handle; +#ifdef HAVE_IP6TC_HANDLE_T + ip6tc_handle_t _handle; + ip6tc_handle_t *handle = &_handle; + + *handle = ip6tc_init (chain->table); +#else + ip6tc_handle_t *handle; handle = ip6tc_init (chain->table); +#endif if (!handle) { @@ -450,8 +493,8 @@ static int iptables_read (void) continue; } - submit6_chain (&handle, chain); - ip6tc_free (&handle); + submit6_chain (handle, chain); + ip6tc_free (handle); } else num_failures++;