tools/ip6tables-test.c

   1 /*
   2  *  Connection Manager
   3  *
   4  *  Copyright (C) 2007-2012  Intel Corporation. All rights reserved.
   5  *  Copyright (C) 2013  BMW Car IT GmbH.
   6  *  Copyright (C) 2018  Jolla Ltd. All rights reserved.
   7  *
   8  *  This program is free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License version 2 as
  10  *  published by the Free Software Foundation.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License
  18  *  along with this program; if not, write to the Free Software
  19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20  *
  21  */
  22
  23 #include <getopt.h>
  24 #include <stdio.h>
  25 #include <stdlib.h>
  26 #include <errno.h>
  27
  28 #include <glib.h>
  29
  30 #include "../src/connman.h"
  31
  32 enum iptables_command {
  33         IPTABLES_COMMAND_APPEND,
  34         IPTABLES_COMMAND_INSERT,
  35         IPTABLES_COMMAND_DELETE,
  36         IPTABLES_COMMAND_POLICY,
  37         IPTABLES_COMMAND_CHAIN_INSERT,
  38         IPTABLES_COMMAND_CHAIN_DELETE,
  39         IPTABLES_COMMAND_CHAIN_FLUSH,
  40         IPTABLES_COMMAND_DUMP,
  41         IPTABLES_COMMAND_UNKNOWN,
  42 };
  43
  44 int main(int argc, char *argv[])
  45 {
  46         enum iptables_command cmd = IPTABLES_COMMAND_UNKNOWN;
  47         char *table = NULL, *chain = NULL, *rule = NULL, *tmp;
  48         int err, c, i;
  49
  50         opterr = 0;
  51
  52         while ((c = getopt_long(argc, argv,
  53                                 "-A:I:D:P:N:X:F:Lt:", NULL, NULL)) != -1) {
  54                 switch (c) {
  55                 case 'A':
  56                         chain = optarg;
  57                         cmd = IPTABLES_COMMAND_APPEND;
  58                         break;
  59                 case 'I':
  60                         chain = optarg;
  61                         cmd = IPTABLES_COMMAND_INSERT;
  62                         break;
  63                 case 'D':
  64                         chain = optarg;
  65                         cmd = IPTABLES_COMMAND_DELETE;
  66                         break;
  67                 case 'P':
  68                         chain = optarg;
  69                         /* The policy will be stored in rule. */
  70                         cmd = IPTABLES_COMMAND_POLICY;
  71                         break;
  72                 case 'N':
  73                         chain = optarg;
  74                         cmd = IPTABLES_COMMAND_CHAIN_INSERT;
  75                         break;
  76                 case 'X':
  77                         chain = optarg;
  78                         cmd = IPTABLES_COMMAND_CHAIN_DELETE;
  79                         break;
  80                 case 'F':
  81                         chain = optarg;
  82                         cmd = IPTABLES_COMMAND_CHAIN_FLUSH;
  83                         break;
  84                 case 'L':
  85                         cmd = IPTABLES_COMMAND_DUMP;
  86                         break;
  87                 case 't':
  88                         table = optarg;
  89                         break;
  90                 default:
  91                         goto out;
  92                 }
  93         }
  94
  95 out:
  96         if (!table)
  97                 table = "filter";
  98
  99         for (i = optind - 1; i < argc; i++) {
 100                 if (rule) {
 101                         tmp = rule;
 102                         rule = g_strdup_printf("%s %s", rule,  argv[i]);
 103                         g_free(tmp);
 104                 } else
 105                         rule = g_strdup(argv[i]);
 106         }
 107
 108         __connman_iptables_init();
 109
 110         switch (cmd) {
 111         case IPTABLES_COMMAND_APPEND:
 112                 err = __connman_iptables_append(AF_INET6, table, chain, rule);
 113                 break;
 114         case IPTABLES_COMMAND_INSERT:
 115                 err = __connman_iptables_insert(AF_INET6, table, chain, rule);
 116                 break;
 117         case IPTABLES_COMMAND_DELETE:
 118                 err = __connman_iptables_delete(AF_INET6, table, chain, rule);
 119                 break;
 120         case IPTABLES_COMMAND_POLICY:
 121                 err = __connman_iptables_change_policy(AF_INET6, table, chain,
 122                                                 rule);
 123                 break;
 124         case IPTABLES_COMMAND_CHAIN_INSERT:
 125                 err = __connman_iptables_new_chain(AF_INET6, table, chain);
 126                 break;
 127         case IPTABLES_COMMAND_CHAIN_DELETE:
 128                 err = __connman_iptables_delete_chain(AF_INET6, table, chain);
 129                 break;
 130         case IPTABLES_COMMAND_CHAIN_FLUSH:
 131                 err = __connman_iptables_flush_chain(AF_INET6, table, chain);
 132                 break;
 133         case IPTABLES_COMMAND_DUMP:
 134                 __connman_log_init(argv[0], "*", false, false,
 135                         "ip6tables-test", "1");
 136                 err = __connman_iptables_dump(AF_INET6, table);
 137                 break;
 138         case IPTABLES_COMMAND_UNKNOWN:
 139                 printf("Missing command\n");
 140                 printf("usage: ip6tables-test [-t table] {-A|-I|-D} chain rule\n");
 141                 printf("       ip6tables-test [-t table] {-N|-X|-F} chain\n");
 142                 printf("       ip6tables-test [-t table] -L\n");
 143                 printf("       ip6tables-test [-t table] -P chain target\n");
 144                 exit(-EINVAL);
 145         }
 146
 147         if (err < 0) {
 148                 printf("Error: %s\n", strerror(-err));
 149                 exit(err);
 150         }
 151
 152         err = __connman_iptables_commit(AF_INET6, table);
 153         if (err < 0) {
 154                 printf("Failed to commit changes: %s\n", strerror(-err));
 155                 exit(err);
 156         }
 157
 158         g_free(rule);
 159
 160         __connman_iptables_cleanup();
 161
 162         return 0;
 163 }