tools/iptables-test.c

   1 /*
   2  *  Connection Manager
   3  *
   4  *  Copyright (C) 2007-2012  Intel Corporation. All rights reserved.
   5  *  Copyright (C) 2013  BMW Car IT GmbH.
   6  *
   7  *  This program is free software; you can redistribute it and/or modify
   8  *  it under the terms of the GNU General Public License version 2 as
   9  *  published by the Free Software Foundation.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU General Public License
  17  *  along with this program; if not, write to the Free Software
  18  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  19  *
  20  */
  21
  22 #include <getopt.h>
  23 #include <stdio.h>
  24 #include <stdlib.h>
  25 #include <errno.h>
  26
  27 #include <glib.h>
  28
  29 #include "../src/connman.h"
  30
  31 enum iptables_command {
  32         IPTABLES_COMMAND_APPEND,
  33         IPTABLES_COMMAND_DELETE,
  34         IPTABLES_COMMAND_POLICY,
  35         IPTABLES_COMMAND_CHAIN_INSERT,
  36         IPTABLES_COMMAND_CHAIN_DELETE,
  37         IPTABLES_COMMAND_CHAIN_FLUSH,
  38         IPTABLES_COMMAND_DUMP,
  39         IPTABLES_COMMAND_UNKNOWN,
  40 };
  41
  42 int main(int argc, char *argv[])
  43 {
  44         enum iptables_command cmd = IPTABLES_COMMAND_UNKNOWN;
  45         char *table = NULL, *chain = NULL, *rule = NULL, *tmp;
  46         int err, c, i;
  47
  48         opterr = 0;
  49
  50         while ((c = getopt_long(argc, argv,
  51                                "-A:D:P:N:X:F:Lt:", NULL, NULL)) != -1) {
  52                 switch (c) {
  53                 case 'A':
  54                         chain = optarg;
  55                         cmd = IPTABLES_COMMAND_APPEND;
  56                         break;
  57                 case 'D':
  58                         chain = optarg;
  59                         cmd = IPTABLES_COMMAND_DELETE;
  60                         break;
  61                 case 'P':
  62                         chain = optarg;
  63                         /* The policy will be stored in rule. */
  64                         cmd = IPTABLES_COMMAND_POLICY;
  65                         break;
  66                 case 'N':
  67                         chain = optarg;
  68                         cmd = IPTABLES_COMMAND_CHAIN_INSERT;
  69                         break;
  70                 case 'X':
  71                         chain = optarg;
  72                         cmd = IPTABLES_COMMAND_CHAIN_DELETE;
  73                         break;
  74                 case 'F':
  75                         chain = optarg;
  76                         cmd = IPTABLES_COMMAND_CHAIN_FLUSH;
  77                         break;
  78                 case 'L':
  79                         cmd = IPTABLES_COMMAND_DUMP;
  80                         break;
  81                 case 't':
  82                         table = optarg;
  83                         break;
  84                 default:
  85                         goto out;
  86                 }
  87         }
  88
  89 out:
  90         if (table == NULL)
  91                 table = "filter";
  92
  93         for (i = optind - 1; i < argc; i++) {
  94                 if (rule != NULL) {
  95                         tmp = rule;
  96                         rule = g_strdup_printf("%s %s", rule,  argv[i]);
  97                         g_free(tmp);
  98                 } else
  99                         rule = g_strdup(argv[i]);
 100         }
 101
 102         __connman_iptables_init();
 103
 104         switch (cmd) {
 105         case IPTABLES_COMMAND_APPEND:
 106                 err = __connman_iptables_append(table, chain, rule);
 107                 break;
 108         case IPTABLES_COMMAND_DELETE:
 109                 err = __connman_iptables_delete(table, chain, rule);
 110                 break;
 111         case IPTABLES_COMMAND_POLICY:
 112                 err = __connman_iptables_change_policy(table, chain, rule);
 113                 break;
 114         case IPTABLES_COMMAND_CHAIN_INSERT:
 115                 err = __connman_iptables_new_chain(table, chain);
 116                 break;
 117         case IPTABLES_COMMAND_CHAIN_DELETE:
 118                 err = __connman_iptables_delete_chain(table, chain);
 119                 break;
 120         case IPTABLES_COMMAND_CHAIN_FLUSH:
 121                 err = __connman_iptables_flush_chain(table, chain);
 122                 break;
 123         case IPTABLES_COMMAND_DUMP:
 124                 __connman_log_init(argv[0], "*", FALSE, FALSE,
 125                         "iptables-test", "1");
 126                 err = __connman_iptables_dump(table);
 127                 break;
 128         case IPTABLES_COMMAND_UNKNOWN:
 129                 printf("Missing command\n");
 130                 printf("usage: iptables-test [-t table] {-A|-D} chain rule\n");
 131                 printf("       iptables-test [-t table] {-N|-X|-F} chain\n");
 132                 printf("       iptables-test [-t table] -L\n");
 133                 printf("       iptables-test [-t table] -P chain target\n");
 134                 exit(-EINVAL);
 135         }
 136
 137         if (err < 0) {
 138                 printf("Error: %s\n", strerror(-err));
 139                 exit(err);
 140         }
 141
 142         err = __connman_iptables_commit(table);
 143         if (err < 0) {
 144                 printf("Failed to commit changes: %s\n", strerror(-err));
 145                 exit(err);
 146         }
 147
 148         g_free(rule);
 149
 150         __connman_iptables_cleanup();
 151
 152         return 0;
 153 }