2 * Copyright (c) 2016 Samsung Electronics Co., Ltd.
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 #include "stc-iptables.h"
21 #include "stc-iptables-util.h"
22 #include "helper-iptables.h"
23 #include "helper-ip6tables.h"
24 #include "helper-log.h"
26 #define BUF_SIZE_FOR_IP 64
28 #define RULE_CHAIN "chain"
29 #define RULE_DIRECTION "direction"
30 #define RULE_IFNAME "ifname"
31 #define RULE_CGROUP "cgroup"
32 #define RULE_NFACCT "nfacct"
33 #define RULE_PROTOCOL "protocol"
34 #define RULE_TARGET "target"
35 #define RULE_TARGETTYPE "target_type"
37 #define RULE_FAMILY "family"
38 #define RULE_SIPTYPE "s_ip_type"
39 #define RULE_SIP1 "s_ip1"
40 #define RULE_SIP2 "s_ip2"
41 #define RULE_DIPTYPE "d_ip_type"
42 #define RULE_DIP1 "d_ip1"
43 #define RULE_DIP2 "d_ip2"
44 #define RULE_SPORTTYPE "s_port_type"
45 #define RULE_SPORT1 "s_port1"
46 #define RULE_SPORT2 "s_port2"
47 #define RULE_DPORTTYPE "d_port_type"
48 #define RULE_DPORT1 "d_port1"
49 #define RULE_DPORT2 "d_port2"
51 #define RULE_LOG_LEVEL "log_level"
52 #define RULE_LOG_PREFIX "log_prefix"
53 #define RULE_NFLOG_GROUP "nflog_group"
54 #define RULE_NFLOG_PREFIX "nflog_prefix"
55 #define RULE_NFLOG_RANGE "nflog_range"
56 #define RULE_NFLOG_THRESHOLD "nflog_threshold"
58 #define STC_IPTABLES_DBUS_ERROR_NAME "net.stc.iptables.Error.Failed"
60 #define STC_IPTABLES_DBUS_REPLY(invocation, parameters) \
61 g_dbus_method_invocation_return_value((invocation), parameters);
63 #define STC_IPTABLES_DBUS_REPLY_ERROR(invocation, err_num) \
64 g_dbus_method_invocation_return_dbus_error((invocation), \
65 STC_IPTABLES_DBUS_ERROR_NAME, \
66 stc_iptables_err_strs[-(err_num)])
68 static const gchar *stc_iptables_err_strs[] = {
78 void __stc_extract_rule(const char *key, GVariant *value,
81 iptables_rule_s *rule = (iptables_rule_s *)user_data;
85 if (!g_strcmp0(key, RULE_CHAIN)) {
87 rule->chain = g_variant_dup_string(value, &len);
88 STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain);
90 } else if (!g_strcmp0(key, RULE_DIRECTION)) {
91 rule->direction = g_variant_get_uint16(value);
92 STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction);
94 } else if (!g_strcmp0(key, RULE_SIPTYPE)) {
95 rule->s_ip_type = g_variant_get_uint16(value);
96 STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type);
98 } else if (!g_strcmp0(key, RULE_DIPTYPE)) {
99 rule->d_ip_type = g_variant_get_uint16(value);
100 STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type);
102 } else if (!g_strcmp0(key, RULE_SPORTTYPE)) {
103 rule->s_port_type = g_variant_get_uint16(value);
104 STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type);
106 } else if (!g_strcmp0(key, RULE_DPORTTYPE)) {
107 rule->d_port_type = g_variant_get_uint16(value);
108 STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type);
110 } else if (!g_strcmp0(key, RULE_SIP1)) {
111 if (rule->s_ip_type != IPTABLES_IP_NONE) {
112 rule->s_ip1.s_addr = g_variant_get_uint32(value);
113 STC_LOGD("%s: [%08x]", RULE_SIP1, rule->s_ip1.s_addr);
116 } else if (!g_strcmp0(key, RULE_SIP2)) {
117 if (rule->s_ip_type != IPTABLES_IP_NONE) {
118 rule->s_ip2.s_addr = g_variant_get_uint32(value);
119 STC_LOGD("%s: [%08x]", RULE_SIP2, rule->s_ip2.s_addr);
122 } else if (!g_strcmp0(key, RULE_DIP1)) {
123 if (rule->d_ip_type != IPTABLES_IP_NONE) {
124 rule->d_ip1.s_addr = g_variant_get_uint32(value);
125 STC_LOGD("%s: [%08x]", RULE_DIP1, rule->d_ip1.s_addr);
128 } else if (!g_strcmp0(key, RULE_DIP2)) {
129 if (rule->d_ip_type != IPTABLES_IP_NONE) {
130 rule->d_ip2.s_addr = g_variant_get_uint32(value);
131 STC_LOGD("%s: [%08x]", RULE_DIP2, rule->d_ip2.s_addr);
134 } else if (!g_strcmp0(key, RULE_SPORT1)) {
135 if (rule->s_port_type != IPTABLES_PORT_NONE) {
136 rule->s_port1 = g_variant_get_uint32(value);
137 STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1);
140 } else if (!g_strcmp0(key, RULE_SPORT2)) {
141 if (rule->s_port_type != IPTABLES_PORT_NONE) {
142 rule->s_port2 = g_variant_get_uint32(value);
143 STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2);
146 } else if (!g_strcmp0(key, RULE_DPORT1)) {
147 if (rule->d_port_type != IPTABLES_PORT_NONE) {
148 rule->d_port1 = g_variant_get_uint32(value);
149 STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1);
152 } else if (!g_strcmp0(key, RULE_DPORT2)) {
153 if (rule->d_port_type != IPTABLES_PORT_NONE) {
154 rule->d_port2 = g_variant_get_uint32(value);
155 STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2);
158 } else if (!g_strcmp0(key, RULE_IFNAME)) {
159 if (rule->direction != IPTABLES_DIRECTION_NONE) {
161 rule->ifname = g_variant_dup_string(value, &len);
162 STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname);
165 } else if (!g_strcmp0(key, RULE_CGROUP)) {
166 rule->classid = g_variant_get_uint32(value);
167 STC_LOGD("%s: [%u]", RULE_CGROUP, rule->classid);
169 } else if (!g_strcmp0(key, RULE_NFACCT)) {
171 rule->nfacct_name = g_variant_dup_string(value, &len);
172 STC_LOGD("%s: [%s]", RULE_NFACCT, rule->nfacct_name);
174 } else if (!g_strcmp0(key, RULE_PROTOCOL)) {
175 rule->protocol = g_variant_get_uint16(value);
176 STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol);
178 } else if (!g_strcmp0(key, RULE_TARGET)) {
180 rule->target = g_variant_dup_string(value, &len);
181 STC_LOGD("%s: [%s]", RULE_TARGET, rule->target);
183 } else if (!g_strcmp0(key, RULE_TARGETTYPE)) {
184 rule->target_type = g_variant_get_uint16(value);
185 STC_LOGD("%s: [%u]", RULE_TARGETTYPE, rule->target_type);
187 } else if (!g_strcmp0(key, RULE_LOG_LEVEL)) {
188 if (rule->target_type == IPTABLES_ACTION_LOG) {
189 rule->log_level = g_variant_get_uint16(value);
190 STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level);
193 } else if (!g_strcmp0(key, RULE_LOG_PREFIX)) {
194 if (rule->target_type == IPTABLES_ACTION_LOG) {
196 rule->log_prefix = g_variant_dup_string(value, &len);
197 STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix);
200 } else if (!g_strcmp0(key, RULE_NFLOG_GROUP)) {
201 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
202 rule->nflog_group = g_variant_get_uint16(value);
203 STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group);
206 } else if (!g_strcmp0(key, RULE_NFLOG_PREFIX)) {
207 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
209 rule->nflog_prefix = g_variant_dup_string(value, &len);
210 STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix);
213 } else if (!g_strcmp0(key, RULE_NFLOG_RANGE)) {
214 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
215 rule->nflog_range = g_variant_get_uint16(value);
216 STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range);
219 } else if (!g_strcmp0(key, RULE_NFLOG_THRESHOLD)) {
220 if (rule->target_type == IPTABLES_ACTION_NFLOG) {
221 rule->nflog_threshold = g_variant_get_uint16(value);
222 STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold);
226 STC_LOGD("Unknown rule [%s]", key); //LCOV_EXCL_LINE
230 void __stc_extract_6_rule(const char *key, GVariant *value,
233 ip6tables_rule_s *rule = (ip6tables_rule_s *)user_data;
237 if (!g_strcmp0(key, RULE_CHAIN)) {
239 rule->chain = g_variant_dup_string(value, &len);
240 STC_LOGD("%s: [%s]", RULE_CHAIN, rule->chain);
242 } else if (!g_strcmp0(key, RULE_DIRECTION)) {
243 rule->direction = g_variant_get_uint16(value);
244 STC_LOGD("%s: [%u]", RULE_DIRECTION, rule->direction);
246 } else if (!g_strcmp0(key, RULE_SIPTYPE)) {
247 rule->s_ip_type = g_variant_get_uint16(value);
248 STC_LOGD("%s: [%u]", RULE_SIPTYPE, rule->s_ip_type);
250 } else if (!g_strcmp0(key, RULE_DIPTYPE)) {
251 rule->d_ip_type = g_variant_get_uint16(value);
252 STC_LOGD("%s: [%u]", RULE_DIPTYPE, rule->d_ip_type);
254 } else if (!g_strcmp0(key, RULE_SPORTTYPE)) {
255 rule->s_port_type = g_variant_get_uint16(value);
256 STC_LOGD("%s: [%u]", RULE_SPORTTYPE, rule->s_port_type);
258 } else if (!g_strcmp0(key, RULE_DPORTTYPE)) {
259 rule->d_port_type = g_variant_get_uint16(value);
260 STC_LOGD("%s: [%u]", RULE_DPORTTYPE, rule->d_port_type);
262 } else if (!g_strcmp0(key, RULE_SIP1)) {
263 if (rule->s_ip_type != IP6TABLES_IP_NONE) {
265 char *str = g_variant_dup_string(value, &len);
266 sscanf(str, "%08x:%08x:%08x:%08x",
267 &(rule->s_ip1.s6_addr32[0]), &(rule->s_ip1.s6_addr32[1]),
268 &(rule->s_ip1.s6_addr32[2]), &(rule->s_ip1.s6_addr32[3]));
269 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP1,
270 rule->s_ip1.s6_addr32[0], rule->s_ip1.s6_addr32[1],
271 rule->s_ip1.s6_addr32[2], rule->s_ip1.s6_addr32[3]);
275 } else if (!g_strcmp0(key, RULE_SIP2)) {
276 if (rule->s_ip_type != IP6TABLES_IP_NONE) {
278 char *str = g_variant_dup_string(value, &len);
279 sscanf(str, "%08x:%08x:%08x:%08x",
280 &(rule->s_ip2.s6_addr32[0]), &(rule->s_ip2.s6_addr32[1]),
281 &(rule->s_ip2.s6_addr32[2]), &(rule->s_ip2.s6_addr32[3]));
282 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_SIP2,
283 rule->s_ip2.s6_addr32[0], rule->s_ip2.s6_addr32[1],
284 rule->s_ip2.s6_addr32[2], rule->s_ip2.s6_addr32[3]);
288 } else if (!g_strcmp0(key, RULE_DIP1)) {
289 if (rule->d_ip_type != IP6TABLES_IP_NONE) {
291 char *str = g_variant_dup_string(value, &len);
292 sscanf(str, "%08x:%08x:%08x:%08x",
293 &(rule->d_ip1.s6_addr32[0]), &(rule->d_ip1.s6_addr32[1]),
294 &(rule->d_ip1.s6_addr32[2]), &(rule->d_ip1.s6_addr32[3]));
295 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP1,
296 rule->d_ip1.s6_addr32[0], rule->d_ip1.s6_addr32[1],
297 rule->d_ip1.s6_addr32[2], rule->d_ip1.s6_addr32[3]);
301 } else if (!g_strcmp0(key, RULE_DIP2)) {
302 if (rule->d_ip_type != IP6TABLES_IP_NONE) {
304 char *str = g_variant_dup_string(value, &len);
305 sscanf(str, "%08x:%08x:%08x:%08x",
306 &(rule->d_ip2.s6_addr32[0]), &(rule->d_ip2.s6_addr32[1]),
307 &(rule->d_ip2.s6_addr32[2]), &(rule->d_ip2.s6_addr32[3]));
308 STC_LOGD("%s: [%08x:%08x:%08x:%08x]", RULE_DIP2,
309 rule->d_ip2.s6_addr32[0], rule->d_ip2.s6_addr32[1],
310 rule->d_ip2.s6_addr32[2], rule->d_ip2.s6_addr32[3]);
314 } else if (!g_strcmp0(key, RULE_SPORT1)) {
315 if (rule->s_port_type != IP6TABLES_PORT_NONE) {
316 rule->s_port1 = g_variant_get_uint32(value);
317 STC_LOGD("%s: [%04x]", RULE_SPORT1, rule->s_port1);
320 } else if (!g_strcmp0(key, RULE_SPORT2)) {
321 if (rule->s_port_type != IP6TABLES_PORT_NONE) {
322 rule->s_port2 = g_variant_get_uint32(value);
323 STC_LOGD("%s: [%04x]", RULE_SPORT2, rule->s_port2);
326 } else if (!g_strcmp0(key, RULE_DPORT1)) {
327 if (rule->d_port_type != IP6TABLES_PORT_NONE) {
328 rule->d_port1 = g_variant_get_uint32(value);
329 STC_LOGD("%s: [%04x]", RULE_DPORT1, rule->d_port1);
332 } else if (!g_strcmp0(key, RULE_DPORT2)) {
333 if (rule->d_port_type != IP6TABLES_PORT_NONE) {
334 rule->d_port2 = g_variant_get_uint32(value);
335 STC_LOGD("%s: [%04x]", RULE_DPORT2, rule->d_port2);
338 } else if (!g_strcmp0(key, RULE_IFNAME)) {
339 if (rule->direction != IP6TABLES_DIRECTION_NONE) {
341 rule->ifname = g_variant_dup_string(value, &len);
342 STC_LOGD("%s: [%s]", RULE_IFNAME, rule->ifname);
345 } else if (!g_strcmp0(key, RULE_CGROUP)) {
346 rule->classid = g_variant_get_uint32(value);
347 STC_LOGD("%s: [%u]", RULE_CGROUP, rule->classid);
349 } else if (!g_strcmp0(key, RULE_NFACCT)) {
351 rule->nfacct_name = g_variant_dup_string(value, &len);
352 STC_LOGD("%s: [%s]", RULE_NFACCT, rule->nfacct_name);
354 } else if (!g_strcmp0(key, RULE_PROTOCOL)) {
355 rule->protocol = g_variant_get_uint16(value);
356 STC_LOGD("%s: [%u]", RULE_PROTOCOL, rule->protocol);
358 } else if (!g_strcmp0(key, RULE_TARGET)) {
360 rule->target = g_variant_dup_string(value, &len);
361 STC_LOGD("%s: [%s]", RULE_TARGET, rule->target);
363 } else if (!g_strcmp0(key, RULE_TARGETTYPE)) {
364 rule->target_type = g_variant_get_uint16(value);
365 STC_LOGD("%s: [%u]", RULE_TARGETTYPE, rule->target_type);
367 } else if (!g_strcmp0(key, RULE_LOG_LEVEL)) {
368 if (rule->target_type == IP6TABLES_ACTION_LOG) {
369 rule->log_level = g_variant_get_uint16(value);
370 STC_LOGD("%s: [%u]", RULE_LOG_LEVEL, rule->log_level);
373 } else if (!g_strcmp0(key, RULE_LOG_PREFIX)) {
374 if (rule->target_type == IP6TABLES_ACTION_LOG) {
376 rule->log_prefix = g_variant_dup_string(value, &len);
377 STC_LOGD("%s: [%s]", RULE_LOG_PREFIX, rule->log_prefix);
380 } else if (!g_strcmp0(key, RULE_NFLOG_GROUP)) {
381 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
382 rule->nflog_group = g_variant_get_uint16(value);
383 STC_LOGD("%s: [%u]", RULE_NFLOG_GROUP, rule->nflog_group);
386 } else if (!g_strcmp0(key, RULE_NFLOG_PREFIX)) {
387 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
389 rule->nflog_prefix = g_variant_dup_string(value, &len);
390 STC_LOGD("%s: [%s]", RULE_NFLOG_PREFIX, rule->nflog_prefix);
393 } else if (!g_strcmp0(key, RULE_NFLOG_RANGE)) {
394 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
395 rule->nflog_range = g_variant_get_uint16(value);
396 STC_LOGD("%s: [%u]", RULE_NFLOG_RANGE, rule->nflog_range);
399 } else if (!g_strcmp0(key, RULE_NFLOG_THRESHOLD)) {
400 if (rule->target_type == IP6TABLES_ACTION_NFLOG) {
401 rule->nflog_threshold = g_variant_get_uint16(value);
402 STC_LOGD("%s: [%u]", RULE_NFLOG_THRESHOLD, rule->nflog_threshold);
406 STC_LOGD("Unknown rule [%s]", key); //LCOV_EXCL_LINE
410 static void __free_rule(iptables_rule_s *rule)
414 FREE(rule->nfacct_name);
416 FREE(rule->log_prefix);
417 FREE(rule->nflog_prefix);
421 static void __free_6_rule(ip6tables_rule_s *rule)
425 FREE(rule->nfacct_name);
427 FREE(rule->log_prefix);
428 FREE(rule->nflog_prefix);
432 gboolean handle_iptables_stop(StcManager *object,
433 GDBusMethodInvocation *invocation)
436 GVariant *return_parameters = NULL;
438 STC_LOGI("stc manager stop");
439 stc_set_keep_alive(TRUE);
441 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
443 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
444 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
452 gboolean handle_iptables_add_rule(StcRule *object,
453 GDBusMethodInvocation *invocation,
458 stc_error_e ret = STC_ERROR_NONE;
459 GVariant *return_parameters = NULL;
461 stc_set_keep_alive(TRUE);
464 GVariantIter *iter = NULL;
466 g_variant_get(rules, "a{sv}", &iter);
468 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
470 memset(rule, 0, sizeof(iptables_rule_s));
472 stc_iptables_gdbus_dict_foreach(iter,
476 ret = iptables_add_rule(rule);
477 if (ret != STC_ERROR_NONE) {
479 STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
480 rule->direction, rule->ifname, rule->classid,
481 rule->nfacct_name, rule->target);
484 g_variant_iter_free(iter);
486 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
495 g_variant_iter_free(iter);
497 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
498 STC_ERROR_INVALID_PARAMETER);
499 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
500 return TRUE; //LCOV_EXCL_LINE
503 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
505 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
506 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
512 gboolean handle_iptables_insert_rule(StcRule *object,
513 GDBusMethodInvocation *invocation,
518 stc_error_e ret = STC_ERROR_NONE;
519 GVariant *return_parameters = NULL;
521 stc_set_keep_alive(TRUE);
524 GVariantIter *iter = NULL;
526 g_variant_get(rules, "a{sv}", &iter);
528 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
530 memset(rule, 0, sizeof(iptables_rule_s));
532 stc_iptables_gdbus_dict_foreach(iter,
536 ret = iptables_insert_rule(rule);
537 if (ret != STC_ERROR_NONE) {
539 STC_LOGE("Failed insert rule [%s:%d:%s:%d:%s:%s]", rule->chain,
540 rule->direction, rule->ifname, rule->classid,
541 rule->nfacct_name, rule->target);
544 g_variant_iter_free(iter);
546 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
555 g_variant_iter_free(iter);
557 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
558 STC_ERROR_INVALID_PARAMETER);
559 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
560 return TRUE; //LCOV_EXCL_LINE
563 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
565 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
566 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
572 gboolean handle_iptables_remove_rule(StcRule *object,
573 GDBusMethodInvocation *invocation,
578 stc_error_e ret = STC_ERROR_NONE;
579 GVariant *return_parameters = NULL;
581 stc_set_keep_alive(TRUE);
584 GVariantIter *iter = NULL;
585 g_variant_get(rules, "a{sv}", &iter);
587 iptables_rule_s *rule = MALLOC0(iptables_rule_s, 1);
589 memset(rule, 0, sizeof(iptables_rule_s));
591 stc_iptables_gdbus_dict_foreach(iter,
595 ret = iptables_remove_rule(rule);
596 if (ret != STC_ERROR_NONE) {
598 STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
599 rule->direction, rule->ifname, rule->classid,
600 rule->nfacct_name, rule->target);
603 g_variant_iter_free(iter);
605 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
614 g_variant_iter_free(iter);
616 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
617 STC_ERROR_INVALID_PARAMETER);
618 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
619 return TRUE; //LCOV_EXCL_LINE
622 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
624 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
625 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
631 gboolean handle_iptables_add_chain(StcChain *object,
632 GDBusMethodInvocation *invocation,
637 stc_error_e ret = STC_ERROR_NONE;
638 GVariant *return_parameters = NULL;
640 stc_set_keep_alive(TRUE);
642 ret = iptables_add_chain(chain);
643 if (ret < STC_ERROR_NONE) {
644 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
645 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
646 return TRUE; //LCOV_EXCL_LINE
649 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
651 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
652 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
658 gboolean handle_iptables_remove_chain(StcChain *object,
659 GDBusMethodInvocation *invocation,
664 stc_error_e ret = STC_ERROR_NONE;
665 GVariant *return_parameters = NULL;
667 stc_set_keep_alive(TRUE);
669 ret = iptables_remove_chain(chain);
670 if (ret < STC_ERROR_NONE) {
671 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
672 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
673 return TRUE; //LCOV_EXCL_LINE
676 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
678 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
679 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
685 gboolean handle_iptables_flush_chain(StcChain *object,
686 GDBusMethodInvocation *invocation,
691 stc_error_e ret = STC_ERROR_NONE;
692 GVariant *return_parameters = NULL;
694 stc_set_keep_alive(TRUE);
696 ret = iptables_flush_chain(chain);
697 if (ret < STC_ERROR_NONE) {
698 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
699 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
700 return TRUE; //LCOV_EXCL_LINE
703 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
705 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
706 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
712 gboolean handle_ip6tables_add_rule(StcRule *object,
713 GDBusMethodInvocation *invocation,
718 stc_error_e ret = STC_ERROR_NONE;
719 GVariant *return_parameters = NULL;
721 stc_set_keep_alive(TRUE);
724 GVariantIter *iter = NULL;
726 g_variant_get(rules, "a{sv}", &iter);
728 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
730 memset(rule, 0, sizeof(ip6tables_rule_s));
732 stc_iptables_gdbus_dict_foreach(iter,
733 __stc_extract_6_rule,
736 ret = ip6tables_add_rule(rule);
737 if (ret != STC_ERROR_NONE) {
739 STC_LOGE("Failed add rule [%s:%d:%s:%d:%s:%s]", rule->chain,
740 rule->direction, rule->ifname, rule->classid,
741 rule->nfacct_name, rule->target);
744 g_variant_iter_free(iter);
746 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
755 g_variant_iter_free(iter);
757 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
758 STC_ERROR_INVALID_PARAMETER);
759 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
760 return TRUE; //LCOV_EXCL_LINE
763 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
765 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
766 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
772 gboolean handle_ip6tables_insert_rule(StcRule *object,
773 GDBusMethodInvocation *invocation,
778 stc_error_e ret = STC_ERROR_NONE;
779 GVariant *return_parameters = NULL;
781 stc_set_keep_alive(TRUE);
784 GVariantIter *iter = NULL;
786 g_variant_get(rules, "a{sv}", &iter);
788 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
790 memset(rule, 0, sizeof(ip6tables_rule_s));
792 stc_iptables_gdbus_dict_foreach(iter,
793 __stc_extract_6_rule,
796 ret = ip6tables_insert_rule(rule);
797 if (ret != STC_ERROR_NONE) {
799 STC_LOGE("Failed insert rule [%s:%d:%s:%d:%s:%s]", rule->chain,
800 rule->direction, rule->ifname, rule->classid,
801 rule->nfacct_name, rule->target);
804 g_variant_iter_free(iter);
806 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
815 g_variant_iter_free(iter);
817 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
818 STC_ERROR_INVALID_PARAMETER);
819 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
820 return TRUE; //LCOV_EXCL_LINE
823 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
825 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
826 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
832 gboolean handle_ip6tables_remove_rule(StcRule *object,
833 GDBusMethodInvocation *invocation,
838 stc_error_e ret = STC_ERROR_NONE;
839 GVariant *return_parameters = NULL;
841 stc_set_keep_alive(TRUE);
844 GVariantIter *iter = NULL;
845 g_variant_get(rules, "a{sv}", &iter);
847 ip6tables_rule_s *rule = MALLOC0(ip6tables_rule_s, 1);
849 memset(rule, 0, sizeof(ip6tables_rule_s));
851 stc_iptables_gdbus_dict_foreach(iter,
852 __stc_extract_6_rule,
855 ret = ip6tables_remove_rule(rule);
856 if (ret != STC_ERROR_NONE) {
858 STC_LOGE("Failed remove rule [%s:%d:%s:%d:%s:%s]", rule->chain,
859 rule->direction, rule->ifname, rule->classid,
860 rule->nfacct_name, rule->target);
863 g_variant_iter_free(iter);
865 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret);
874 g_variant_iter_free(iter);
876 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, //LCOV_EXCL_LINE
877 STC_ERROR_INVALID_PARAMETER);
878 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
879 return TRUE; //LCOV_EXCL_LINE
882 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
884 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
885 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
891 gboolean handle_ip6tables_add_chain(StcChain *object,
892 GDBusMethodInvocation *invocation,
897 stc_error_e ret = STC_ERROR_NONE;
898 GVariant *return_parameters = NULL;
900 stc_set_keep_alive(TRUE);
902 ret = ip6tables_add_chain(chain);
903 if (ret < STC_ERROR_NONE) {
904 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
905 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
906 return TRUE; //LCOV_EXCL_LINE
909 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
911 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
912 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
918 gboolean handle_ip6tables_remove_chain(StcChain *object,
919 GDBusMethodInvocation *invocation,
924 stc_error_e ret = STC_ERROR_NONE;
925 GVariant *return_parameters = NULL;
927 stc_set_keep_alive(TRUE);
929 ret = ip6tables_remove_chain(chain);
930 if (ret < STC_ERROR_NONE) {
931 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
932 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
933 return TRUE; //LCOV_EXCL_LINE
936 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
938 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
939 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
945 gboolean handle_ip6tables_flush_chain(StcChain *object,
946 GDBusMethodInvocation *invocation,
951 stc_error_e ret = STC_ERROR_NONE;
952 GVariant *return_parameters = NULL;
954 stc_set_keep_alive(TRUE);
956 ret = ip6tables_flush_chain(chain);
957 if (ret < STC_ERROR_NONE) {
958 STC_IPTABLES_DBUS_REPLY_ERROR(invocation, ret); //LCOV_EXCL_LINE
959 __LOG_FUNC_EXIT__; //LCOV_EXCL_LINE
960 return TRUE; //LCOV_EXCL_LINE
963 return_parameters = g_variant_new("(i)", STC_ERROR_NONE);
965 STC_DEBUG_GDBUS_VARIANT("Return parameters: ", return_parameters);
966 STC_IPTABLES_DBUS_REPLY(invocation, return_parameters);
projects / platform / core / connectivity / stc-iptables.git / blob