2 * Copyright (c) 2016 Samsung Electronics Co., Ltd.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 #include "stc-iptables.h"
21 #include "stc-iptables-util.h"
22 #include "helper-iptables.h"
23 #include "helper-ip6tables.h"
25 #define BUF_SIZE_FOR_IP 64
27 #define RULE_CHAIN "chain"
28 #define RULE_DIRECTION "direction"
29 #define RULE_IFNAME "ifname"
30 #define RULE_CGROUP "cgroup"
31 #define RULE_NFACCT "nfacct"
32 #define RULE_PROTOCOL "protocol"
33 #define RULE_TARGET "target"
34 #define RULE_TARGETTYPE "target_type"
36 #define RULE_FAMILY "family"
37 #define RULE_SIPTYPE "s_ip_type"
38 #define RULE_SIP1 "s_ip1"
39 #define RULE_SIP2 "s_ip2"
40 #define RULE_DIPTYPE "d_ip_type"
41 #define RULE_DIP1 "d_ip1"
42 #define RULE_DIP2 "d_ip2"
43 #define RULE_SPORTTYPE "s_port_type"
44 #define RULE_SPORT1 "s_port1"
45 #define RULE_SPORT2 "s_port2"
46 #define RULE_DPORTTYPE "d_port_type"
47 #define RULE_DPORT1 "d_port1"
48 #define RULE_DPORT2 "d_port2"
50 #define RULE_LOG_LEVEL "log_level"
51 #define RULE_LOG_PREFIX "log_prefix"
52 #define RULE_NFLOG_GROUP "nflog_group"
53 #define RULE_NFLOG_PREFIX "nflog_prefix"
54 #define RULE_NFLOG_RANGE "nflog_range"
55 #define RULE_NFLOG_THRESHOLD "nflog_threshold"
57 #define STC_IPTABLES_DBUS_ERROR_NAME "net.stc.iptables.Error.Failed"
59 #define STC_IPTABLES_DBUS_REPLY(invocation, parameters) \
60 g_dbus_method_invocation_return_value((invocation), parameters);
62 #define STC_IPTABLES_DBUS_REPLY_ERROR(invocation, err_num) \
63 g_dbus_method_invocation_return_dbus_error((invocation), \
64 STC_IPTABLES_DBUS_ERROR_NAME, \
65 stc_iptables_err_strs[-(err_num)])
67 static const gchar *stc_iptables_err_strs[] = {
77 void __stc_extract_rule(const char *key, GVariant *value,
80 iptables_rule_s *rule = (iptables_rule_s *)user_data;
84 if (!g_strcmp0(key, RULE_CHAIN)) {
86 rule->chain = g_variant_dup_string(value, &len);
87 STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain);
89 } else if (!g_strcmp0(key, RULE_DIRECTION)) {
90 rule->direction = g_variant_get_uint16(value);
91 STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction);
93 } else if (!g_strcmp0(key, RULE_SIPTYPE)) {
94 rule->s_ip_type = g_variant_get_uint16(value);
95 STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type);
97 } else if (!g_strcmp0(key, RULE_DIPTYPE)) {
98 rule->d_ip_type = g_variant_get_uint16(value);
99 STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type);
101 } else if (!g_strcmp0(key, RULE_SPORTTYPE)) {
102 rule->s_port_type = g_variant_get_uint16(value);
103 STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type);
105 } else if (!g_strcmp0(key, RULE_DPORTTYPE)) {
106 rule->d_port_type = g_variant_get_uint16(value);
107 STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type);
109 } else if (!g_strcmp0(key, RULE_SIP1)) {
110 if (rule->s_ip_type != IPTABLES_IP_NONE) {
111 rule->s_ip1.s_addr = g_variant_get_uint32(value);
112 STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.s_addr);
115 } else if (!g_strcmp0(key, RULE_SIP2)) {
116 if (rule->s_ip_type != IPTABLES_IP_NONE) {
117 rule->s_ip2.s_addr = g_variant_get_uint32(value);
118 STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.s_addr);
121 } else if (!g_strcmp0(key, RULE_DIP1)) {
122 if (rule->d_ip_type != IPTABLES_IP_NONE) {
123 rule->d_ip1.s_addr = g_variant_get_uint32(value);
124 STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.s_addr);
127 } else if (!g_strcmp0(key, RULE_DIP2)) {
128 if (rule->d_ip_type != IPTABLES_IP_NONE) {
129 rule->d_ip2.s_addr = g_variant_get_uint32(value);
130 STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.s_addr);
133 } else if (!g_strcmp0(key, RULE_SPORT1)) {
134 if (rule->s_port_type != IPTABLES_PORT_NONE) {
135 rule->s_port1 = g_variant_get_uint32(value);
136 STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1);
139 } else if (!g_strcmp0(key, RULE_SPORT2)) {
140 if (rule->s_port_type != IPTABLES_PORT_NONE) {
141 rule->s_port2 = g_variant_get_uint32(value);
142 STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2);
145 } else if (!g_strcmp0(key, RULE_DPORT1)) {
146 if (rule->d_port_type != IPTABLES_PORT_NONE) {
147 rule->d_port1 = g_variant_get_uint32(value);
148 STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1);
151 } else if (!g_strcmp0(key, RULE_DPORT2)) {
152 if (rule->d_port_type != IPTABLES_PORT_NONE) {
153 rule->d_port2 = g_variant_get_uint32(value);
154 STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2);
157 } else if (!g_strcmp0(key, RULE_IFNAME)) {
158 if (rule->direction != IPTABLES_DIRECTION_NONE) {
160 rule->ifname = g_variant_dup_string(value, &len);
161 STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname);
164 } else if (!g_strcmp0(key, RULE_CGROUP)) {
165 rule->classid = g_variant_get_uint32(value);
166 STC_LOGD("%s: [%u]", RULE_CGROUP, rule->classid);
168 } else if (!g_strcmp0(key, RULE_NFACCT)) {
170 rule->nfacct_name = g_variant_dup_string(value, &len);
171 STC_LOGD("%s: [%s]", RULE_NFACCT, rule->nfacct_name);
173 } else if (!g_strcmp0(key, RULE_PROTOCOL)) {
174 rule->protocol = g_variant_get_uint16(value);
175 STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol);
177 } else if (!g_strcmp0(key, RULE_TARGET)) {
179 rule->target = g_variant_dup_string(value, &len);
180 STC_LOGD("%s: [%s]", RULE_TARGET, rule->target);
182 } else if (!g_strcmp0(key, RULE_TARGETTYPE)) {
183 rule->target_type = g_variant_get_uint16(value);
184 STC_LOGD("%s: [%u]", RULE_TARGETTYPE, rule->target_type);
186 } else if (!g_strcmp0(key, RULE_LOG_LEVEL)) {
187 if (rule->target_type == IPTABLES_ACTION_LOG) {
188 rule->log_level = g_variant_get_uint16(value);
189 STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level);
192 } else if (!g_strcmp0(key, RULE_LOG_PREFIX)) {
193 if (rule->target_type == IPTABLES_ACTION_LOG) {
195 rule->log_prefix = g_variant_dup_string(value, &len);
196 STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix);
199 } else if (!g_strcmp0(key, RULE_NFLOG_GROUP)) {
200 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
201 rule->nflog_group = g_variant_get_uint16(value);
202 STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group);
205 } else if (!g_strcmp0(key, RULE_NFLOG_PREFIX)) {
206 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
208 rule->nflog_prefix = g_variant_dup_string(value, &len);
209 STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix);
212 } else if (!g_strcmp0(key, RULE_NFLOG_RANGE)) {
213 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
214 rule->nflog_range = g_variant_get_uint16(value);
215 STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range);
218 } else if (!g_strcmp0(key, RULE_NFLOG_THRESHOLD)) {
219 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
220 rule->nflog_threshold = g_variant_get_uint16(value);
221 STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold);
225 STC_LOGD("Unknown rule [%s]", key); //LCOV_EXCL_LINE
229 void __stc_extract_6_rule(const char *key, GVariant *value,
232 ip6tables_rule_s *rule = (ip6tables_rule_s *)user_data;
236 if (!g_strcmp0(key, RULE_CHAIN)) {
238 rule->chain = g_variant_dup_string(value, &len);
239 STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain);
241 } else if (!g_strcmp0(key, RULE_DIRECTION)) {
242 rule->direction = g_variant_get_uint16(value);
243 STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction);
245 } else if (!g_strcmp0(key, RULE_SIPTYPE)) {
246 rule->s_ip_type = g_variant_get_uint16(value);
247 STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type);
249 } else if (!g_strcmp0(key, RULE_DIPTYPE)) {
250 rule->d_ip_type = g_variant_get_uint16(value);
251 STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type);
253 } else if (!g_strcmp0(key, RULE_SPORTTYPE)) {
254 rule->s_port_type = g_variant_get_uint16(value);
255 STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type);
257 } else if (!g_strcmp0(key, RULE_DPORTTYPE)) {
258 rule->d_port_type = g_variant_get_uint16(value);
259 STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type);
261 } else if (!g_strcmp0(key, RULE_SIP1)) {
262 if (rule->s_ip_type != IP6TABLES_IP_NONE) {
264 char *str = g_variant_dup_string(value, &len);
265 sscanf(str, "%08x:%08x:%08x:%08x",
266 &(rule->s_ip1.s6_addr32[0]), &(rule->s_ip1.s6_addr32[1]),
267 &(rule->s_ip1.s6_addr32[2]), &(rule->s_ip1.s6_addr32[3]));
268 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1,
269 rule->s_ip1.s6_addr32[0], rule->s_ip1.s6_addr32[1],
270 rule->s_ip1.s6_addr32[2], rule->s_ip1.s6_addr32[3]);
274 } else if (!g_strcmp0(key, RULE_SIP2)) {
275 if (rule->s_ip_type != IP6TABLES_IP_NONE) {
277 char *str = g_variant_dup_string(value, &len);
278 sscanf(str, "%08x:%08x:%08x:%08x",
279 &(rule->s_ip2.s6_addr32[0]), &(rule->s_ip2.s6_addr32[1]),
280 &(rule->s_ip2.s6_addr32[2]), &(rule->s_ip2.s6_addr32[3]));
281 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2,
282 rule->s_ip2.s6_addr32[0], rule->s_ip2.s6_addr32[1],
283 rule->s_ip2.s6_addr32[2], rule->s_ip2.s6_addr32[3]);
287 } else if (!g_strcmp0(key, RULE_DIP1)) {
288 if (rule->d_ip_type != IP6TABLES_IP_NONE) {
290 char *str = g_variant_dup_string(value, &len);
291 sscanf(str, "%08x:%08x:%08x:%08x",
292 &(rule->d_ip1.s6_addr32[0]), &(rule->d_ip1.s6_addr32[1]),
293 &(rule->d_ip1.s6_addr32[2]), &(rule->d_ip1.s6_addr32[3]));
294 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1,
295 rule->d_ip1.s6_addr32[0], rule->d_ip1.s6_addr32[1],
296 rule->d_ip1.s6_addr32[2], rule->d_ip1.s6_addr32[3]);
300 } else if (!g_strcmp0(key, RULE_DIP2)) {
301 if (rule->d_ip_type != IP6TABLES_IP_NONE) {
303 char *str = g_variant_dup_string(value, &len);
304 sscanf(str, "%08x:%08x:%08x:%08x",
305 &(rule->d_ip2.s6_addr32[0]), &(rule->d_ip2.s6_addr32[1]),
306 &(rule->d_ip2.s6_addr32[2]), &(rule->d_ip2.s6_addr32[3]));
307 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2,
308 rule->d_ip2.s6_addr32[0], rule->d_ip2.s6_addr32[1],
309 rule->d_ip2.s6_addr32[2], rule->d_ip2.s6_addr32[3]);
313 } else if (!g_strcmp0(key, RULE_SPORT1)) {
314 if (rule->s_port_type != IP6TABLES_PORT_NONE) {
315 rule->s_port1 = g_variant_get_uint32(value);
316 STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1);
319 } else if (!g_strcmp0(key, RULE_SPORT2)) {
320 if (rule->s_port_type != IP6TABLES_PORT_NONE) {
321 rule->s_port2 = g_variant_get_uint32(value);
322 STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2);
325 } else if (!g_strcmp0(key, RULE_DPORT1)) {
326 if (rule->d_port_type != IP6TABLES_PORT_NONE) {
327 rule->d_port1 = g_variant_get_uint32(value);
328 STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1);
331 } else if (!g_strcmp0(key, RULE_DPORT2)) {
332 if (rule->d_port_type != IP6TABLES_PORT_NONE) {
333 rule->d_port2 = g_variant_get_uint32(value);
334 STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2);
337 } else if (!g_strcmp0(key, RULE_IFNAME)) {
338 if (rule->direction != IP6TABLES_DIRECTION_NONE) {
340 rule->ifname = g_variant_dup_string(value, &len);
341 STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname);
344 } else if (!g_strcmp0(key, RULE_CGROUP)) {
345 rule->classid = g_variant_get_uint32(value);
346 STC_LOGD("%s: [%u]", RULE_CGROUP, rule->classid);
348 } else if (!g_strcmp0(key, RULE_NFACCT)) {
350 rule->nfacct_name = g_variant_dup_string(value, &len);
351 STC_LOGD("%s: [%s]", RULE_NFACCT, rule->nfacct_name);
353 } else if (!g_strcmp0(key, RULE_PROTOCOL)) {
354 rule->protocol = g_variant_get_uint16(value);
355 STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol);
357 } else if (!g_strcmp0(key, RULE_TARGET)) {
359 rule->target = g_variant_dup_string(value, &len);
360 STC_LOGD("%s: [%s]", RULE_TARGET, rule->target);
362 } else if (!g_strcmp0(key, RULE_TARGETTYPE)) {
363 rule->target_type = g_variant_get_uint16(value);
364 STC_LOGD("%s: [%u]", RULE_TARGETTYPE, rule->target_type);
366 } else if (!g_strcmp0(key, RULE_LOG_LEVEL)) {
367 if (rule->target_type == IP6TABLES_ACTION_LOG) {
368 rule->log_level = g_variant_get_uint16(value);
369 STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level);
372 } else if (!g_strcmp0(key, RULE_LOG_PREFIX)) {
373 if (rule->target_type == IP6TABLES_ACTION_LOG) {
375 rule->log_prefix = g_variant_dup_string(value, &len);
376 STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix);
379 } else if (!g_strcmp0(key, RULE_NFLOG_GROUP)) {
380 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
381 rule->nflog_group = g_variant_get_uint16(value);
382 STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group);
385 } else if (!g_strcmp0(key, RULE_NFLOG_PREFIX)) {
386 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
388 rule->nflog_prefix = g_variant_dup_string(value, &len);
389 STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix);
392 } else if (!g_strcmp0(key, RULE_NFLOG_RANGE)) {
393 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
394 rule->nflog_range = g_variant_get_uint16(value);
395 STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range);
398 } else if (!g_strcmp0(key, RULE_NFLOG_THRESHOLD)) {
399 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
400 rule->nflog_threshold = g_variant_get_uint16(value);
401 STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold);
405 STC_LOGD("Unknown rule [%s]", key); //LCOV_EXCL_LINE
409 static void __free_rule(iptables_rule_s *rule)
413 FREE(rule->nfacct_name);
415 FREE(rule->log_prefix);
416 FREE(rule->nflog_prefix);
420 static void __free_6_rule(ip6tables_rule_s *rule)
424 FREE(rule->nfacct_name);
426 FREE(rule->log_prefix);
427 FREE(rule->nflog_prefix);
431 gboolean handle_iptables_stop(StcManager *object,
432 GDBusMethodInvocation *invocation)
434 __STC_LOG_FUNC_ENTER__;
435 GVariant *return_parameters = NULL;
437 STC_LOGI("stc manager stop");
439 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
441 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
442 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
446 __STC_LOG_FUNC_EXIT__;
450 gboolean handle_iptables_add_rule(StcRule *object,
451 GDBusMethodInvocation *invocation,
455 __STC_LOG_FUNC_ENTER__;
456 stc_error_e ret = STC_ERROR_NONE;
457 GVariant *return_parameters = NULL;
460 GVariantIter *iter = NULL;
462 g_variant_get(rules, "a{sv}", &iter);
464 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
466 memset(rule, 0, sizeof(iptables_rule_s));
468 stc_iptables_gdbus_dict_foreach(iter,
472 ret = iptables_add_rule(rule);
473 if (ret != STC_ERROR_NONE) {
475 STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
476 rule->direction, rule->ifname, rule->classid,
477 rule->nfacct_name, rule->target);
480 g_variant_iter_free(iter);
482 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
483 __STC_LOG_FUNC_EXIT__;
491 g_variant_iter_free(iter);
493 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
494 STC_ERROR_INVALID_PARAMETER);
495 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
496 return TRUE; //LCOV_EXCL_LINE
499 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
501 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
502 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
504 __STC_LOG_FUNC_EXIT__;
508 gboolean handle_iptables_insert_rule(StcRule *object,
509 GDBusMethodInvocation *invocation,
513 __STC_LOG_FUNC_ENTER__;
514 stc_error_e ret = STC_ERROR_NONE;
515 GVariant *return_parameters = NULL;
518 GVariantIter *iter = NULL;
520 g_variant_get(rules, "a{sv}", &iter);
522 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
524 memset(rule, 0, sizeof(iptables_rule_s));
526 stc_iptables_gdbus_dict_foreach(iter,
530 ret = iptables_insert_rule(rule);
531 if (ret != STC_ERROR_NONE) {
533 STC_LOGE("Failed insert rule [%s:%d:%s:%d:%s:%s]", rule->chain,
534 rule->direction, rule->ifname, rule->classid,
535 rule->nfacct_name, rule->target);
538 g_variant_iter_free(iter);
540 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
541 __STC_LOG_FUNC_EXIT__;
549 g_variant_iter_free(iter);
551 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
552 STC_ERROR_INVALID_PARAMETER);
553 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
554 return TRUE; //LCOV_EXCL_LINE
557 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
559 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
560 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
562 __STC_LOG_FUNC_EXIT__;
566 gboolean handle_iptables_remove_rule(StcRule *object,
567 GDBusMethodInvocation *invocation,
571 __STC_LOG_FUNC_ENTER__;
572 stc_error_e ret = STC_ERROR_NONE;
573 GVariant *return_parameters = NULL;
576 GVariantIter *iter = NULL;
577 g_variant_get(rules, "a{sv}", &iter);
579 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
581 memset(rule, 0, sizeof(iptables_rule_s));
583 stc_iptables_gdbus_dict_foreach(iter,
587 ret = iptables_remove_rule(rule);
588 if (ret != STC_ERROR_NONE) {
590 STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
591 rule->direction, rule->ifname, rule->classid,
592 rule->nfacct_name, rule->target);
595 g_variant_iter_free(iter);
597 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
598 __STC_LOG_FUNC_EXIT__;
606 g_variant_iter_free(iter);
608 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
609 STC_ERROR_INVALID_PARAMETER);
610 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
611 return TRUE; //LCOV_EXCL_LINE
614 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
616 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
617 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
619 __STC_LOG_FUNC_EXIT__;
623 gboolean handle_iptables_add_chain(StcChain *object,
624 GDBusMethodInvocation *invocation,
628 __STC_LOG_FUNC_ENTER__;
629 stc_error_e ret = STC_ERROR_NONE;
630 GVariant *return_parameters = NULL;
632 ret = iptables_add_chain(chain);
633 if (ret < STC_ERROR_NONE) {
634 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
635 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
636 return TRUE; //LCOV_EXCL_LINE
639 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
641 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
642 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
644 __STC_LOG_FUNC_EXIT__;
648 gboolean handle_iptables_remove_chain(StcChain *object,
649 GDBusMethodInvocation *invocation,
653 __STC_LOG_FUNC_ENTER__;
654 stc_error_e ret = STC_ERROR_NONE;
655 GVariant *return_parameters = NULL;
657 ret = iptables_remove_chain(chain);
658 if (ret < STC_ERROR_NONE) {
659 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
660 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
661 return TRUE; //LCOV_EXCL_LINE
664 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
666 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
667 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
669 __STC_LOG_FUNC_EXIT__;
673 gboolean handle_iptables_flush_chain(StcChain *object,
674 GDBusMethodInvocation *invocation,
678 __STC_LOG_FUNC_ENTER__;
679 stc_error_e ret = STC_ERROR_NONE;
680 GVariant *return_parameters = NULL;
682 ret = iptables_flush_chain(chain);
683 if (ret < STC_ERROR_NONE) {
684 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
685 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
686 return TRUE; //LCOV_EXCL_LINE
689 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
691 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
692 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
694 __STC_LOG_FUNC_EXIT__;
698 gboolean handle_ip6tables_add_rule(StcRule *object,
699 GDBusMethodInvocation *invocation,
703 __STC_LOG_FUNC_ENTER__;
704 stc_error_e ret = STC_ERROR_NONE;
705 GVariant *return_parameters = NULL;
708 GVariantIter *iter = NULL;
710 g_variant_get(rules, "a{sv}", &iter);
712 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
714 memset(rule, 0, sizeof(ip6tables_rule_s));
716 stc_iptables_gdbus_dict_foreach(iter,
717 __stc_extract_6_rule,
720 ret = ip6tables_add_rule(rule);
721 if (ret != STC_ERROR_NONE) {
723 STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
724 rule->direction, rule->ifname, rule->classid,
725 rule->nfacct_name, rule->target);
728 g_variant_iter_free(iter);
730 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
731 __STC_LOG_FUNC_EXIT__;
739 g_variant_iter_free(iter);
741 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
742 STC_ERROR_INVALID_PARAMETER);
743 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
744 return TRUE; //LCOV_EXCL_LINE
747 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
749 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
750 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
752 __STC_LOG_FUNC_EXIT__;
756 gboolean handle_ip6tables_insert_rule(StcRule *object,
757 GDBusMethodInvocation *invocation,
761 __STC_LOG_FUNC_ENTER__;
762 stc_error_e ret = STC_ERROR_NONE;
763 GVariant *return_parameters = NULL;
766 GVariantIter *iter = NULL;
768 g_variant_get(rules, "a{sv}", &iter);
770 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
772 memset(rule, 0, sizeof(ip6tables_rule_s));
774 stc_iptables_gdbus_dict_foreach(iter,
775 __stc_extract_6_rule,
778 ret = ip6tables_insert_rule(rule);
779 if (ret != STC_ERROR_NONE) {
781 STC_LOGE("Failed insert rule [%s:%d:%s:%d:%s:%s]", rule->chain,
782 rule->direction, rule->ifname, rule->classid,
783 rule->nfacct_name, rule->target);
786 g_variant_iter_free(iter);
788 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
789 __STC_LOG_FUNC_EXIT__;
797 g_variant_iter_free(iter);
799 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
800 STC_ERROR_INVALID_PARAMETER);
801 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
802 return TRUE; //LCOV_EXCL_LINE
805 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
807 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
808 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
810 __STC_LOG_FUNC_EXIT__;
814 gboolean handle_ip6tables_remove_rule(StcRule *object,
815 GDBusMethodInvocation *invocation,
819 __STC_LOG_FUNC_ENTER__;
820 stc_error_e ret = STC_ERROR_NONE;
821 GVariant *return_parameters = NULL;
824 GVariantIter *iter = NULL;
825 g_variant_get(rules, "a{sv}", &iter);
827 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
829 memset(rule, 0, sizeof(ip6tables_rule_s));
831 stc_iptables_gdbus_dict_foreach(iter,
832 __stc_extract_6_rule,
835 ret = ip6tables_remove_rule(rule);
836 if (ret != STC_ERROR_NONE) {
838 STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
839 rule->direction, rule->ifname, rule->classid,
840 rule->nfacct_name, rule->target);
843 g_variant_iter_free(iter);
845 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
846 __STC_LOG_FUNC_EXIT__;
854 g_variant_iter_free(iter);
856 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
857 STC_ERROR_INVALID_PARAMETER);
858 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
859 return TRUE; //LCOV_EXCL_LINE
862 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
864 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
865 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
867 __STC_LOG_FUNC_EXIT__;
871 gboolean handle_ip6tables_add_chain(StcChain *object,
872 GDBusMethodInvocation *invocation,
876 __STC_LOG_FUNC_ENTER__;
877 stc_error_e ret = STC_ERROR_NONE;
878 GVariant *return_parameters = NULL;
880 ret = ip6tables_add_chain(chain);
881 if (ret < STC_ERROR_NONE) {
882 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
883 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
884 return TRUE; //LCOV_EXCL_LINE
887 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
889 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
890 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
892 __STC_LOG_FUNC_EXIT__;
896 gboolean handle_ip6tables_remove_chain(StcChain *object,
897 GDBusMethodInvocation *invocation,
901 __STC_LOG_FUNC_ENTER__;
902 stc_error_e ret = STC_ERROR_NONE;
903 GVariant *return_parameters = NULL;
905 ret = ip6tables_remove_chain(chain);
906 if (ret < STC_ERROR_NONE) {
907 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
908 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
909 return TRUE; //LCOV_EXCL_LINE
912 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
914 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
915 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
917 __STC_LOG_FUNC_EXIT__;
921 gboolean handle_ip6tables_flush_chain(StcChain *object,
922 GDBusMethodInvocation *invocation,
926 __STC_LOG_FUNC_ENTER__;
927 stc_error_e ret = STC_ERROR_NONE;
928 GVariant *return_parameters = NULL;
930 ret = ip6tables_flush_chain(chain);
931 if (ret < STC_ERROR_NONE) {
932 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
933 __STC_LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
934 return TRUE; //LCOV_EXCL_LINE
937 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
939 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
940 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
942 __STC_LOG_FUNC_EXIT__;
projects / platform / core / connectivity / stc-iptables.git / blob