From: Jo-Philipp Wich Date: Tue, 26 May 2015 10:29:52 +0000 (+0200) Subject: Rework match initialization X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=980b7859bbd1db1e5e46422fccccbce38f9809ab;p=oweals%2Ffirewall3.git Rework match initialization Signed-off-by: Jo-Philipp Wich --- diff --git a/CMakeLists.txt b/CMakeLists.txt index bfaa3eb..22e890d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -5,14 +5,7 @@ ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations) SET(iptc_libs ip4tc) -SET(sed_match "^[[:space:]]*__ipt_module(\\(.*\\)).*") -SET(sed_replace "-Wl,--undefined=libxt_\\1_init -Wl,--undefined=libipt_\\1_init -Wl,--undefined=libip6t_\\1_init") - -EXECUTE_PROCESS(COMMAND sed -n -e "s/${sed_match}/${sed_replace}/; T n; H; :n; \${ x; s/^\\n//; s/\\n/ /gp }" ${CMAKE_SOURCE_DIR}/iptables.h - OUTPUT_VARIABLE ext_syms OUTPUT_STRIP_TRAILING_WHITESPACE) - SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "") -SET(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -Wl,--unresolved-symbols=ignore-all ${ext_syms}") LIST(APPEND ext_libs iptext) LIST(APPEND ext_libs iptext4) diff --git a/iptables.c b/iptables.c index ca84761..0f41fb0 100644 --- a/iptables.c +++ b/iptables.c @@ -53,22 +53,14 @@ get_kernel_version(void) kernel_version = 0x10000 * x + 0x100 * y + z; } -#ifdef DISABLE_IPV6 -#undef __ipt_module -#define __ipt_module(x) libxt_##x##_init, libipt_##x##_init, -#else -#undef __ipt_module -#define __ipt_module(x) libxt_##x##_init, libipt_##x##_init, libip6t_##x##_init, -#endif - static void fw3_init_extensions(void) { - int i; - void (*initfuncs[])(void) = { FW3_IPT_MODULES }; + init_extensions(); + init_extensions4(); - for (i = 0; i < sizeof(initfuncs)/sizeof(initfuncs[0]); i++) - if (initfuncs[i]) - initfuncs[i](); +#ifndef DISABLE_IPV6 + init_extensions6(); +#endif } struct fw3_ipt_handle * diff --git a/iptables.h b/iptables.h index 61a292e..fabefa8 100644 --- a/iptables.h +++ b/iptables.h @@ -39,48 +39,10 @@ # error "Unsupported xtables version" #endif -/* libext.a interface */ -#define FW3_IPT_MODULES \ - __ipt_module(comment) \ - __ipt_module(conntrack) \ - __ipt_module(icmp) \ - __ipt_module(icmp6) \ - __ipt_module(limit) \ - __ipt_module(connlimit) \ - __ipt_module(mac) \ - __ipt_module(mark) \ - __ipt_module(multiport) \ - __ipt_module(set) \ - __ipt_module(standard) \ - __ipt_module(tcp) \ - __ipt_module(time) \ - __ipt_module(udp) \ - __ipt_module(CT) \ - __ipt_module(DNAT) \ - __ipt_module(LOG) \ - __ipt_module(MARK) \ - __ipt_module(MASQUERADE) \ - __ipt_module(REDIRECT) \ - __ipt_module(REJECT) \ - __ipt_module(SET) \ - __ipt_module(SNAT) \ - __ipt_module(TCPMSS) - -#ifdef DISABLE_IPV6 -#undef __ipt_module -#define __ipt_module(x) \ - extern void libxt_##x##_init(void) __attribute__((weak)); \ - extern void libipt_##x##_init(void) __attribute__((weak)); -#else -#undef __ipt_module -#define __ipt_module(x) \ - extern void libxt_##x##_init(void) __attribute__((weak)); \ - extern void libipt_##x##_init(void) __attribute__((weak)); \ - extern void libip6t_##x##_init(void) __attribute__((weak)); -#endif - -FW3_IPT_MODULES - +/* libipt*ext.so interfaces */ +extern void init_extensions(void); +extern void init_extensions4(void); +extern void init_extensions6(void); /* Required by certain extensions like SNAT and DNAT */ extern int kernel_version;