11 typedef struct sFirewallMod tFirewallMod;
12 typedef struct sModuleRule tModuleRule;
13 typedef struct sRule tRule;
14 typedef struct sChain tChain;
29 int PacketCount; // Number of packets seen
30 int ByteCount; // Number of bytes seen (IP Payload bytes)
42 char Action[]; // Target rule name
56 int IPTables_TestChain(
58 const int AddressType,
59 const void *Src, const void *Dest,
60 Uint8 Type, Uint32 Flags,
61 size_t Length, const void *Data
65 tChain *gapFirewall_Chains[10];
66 tChain gFirewall_DROP = {.Name="DROP"};
67 tChain gFirewall_ACCEPT = {.Name="ACCEPT"};
68 tChain gFirewall_RETURN = {.Name="RETURN"};
72 tRule *Rule, int AddrType,
73 const void *Src, const void *Dest,
74 Uint8 Type, Uint32 Flags,
75 size_t Length, const void *Data)
81 * \brief Tests an IPv4 chain on a packet
82 * \return Boolean Disallow (0: Packet Allowed, 1: Drop, 2: Reject, 3: Continue)
84 int IPTables_TestChain(
86 const int AddressType,
87 const void *Src, const void *Dest,
88 Uint8 Type, Uint32 Flags,
89 size_t Length, const void *Data
96 for( chain = gapFirewall_Chains[AddressType]; chain; chain = chain->Next )
98 if( strcmp(chain->Name, RuleName) == 0 )
101 if( !chain ) return -1; // Bad rule name
104 for( rule = chain->FirstRule; rule; rule = rule->Next )
106 rv = IPTables_DoRule(rule, AddressType, Src, Dest, Type, Flags, Length, Data);
114 return 0; // Accept all for now