Brad Bishop | 6e60e8b | 2018-02-01 10:27:11 -0500 | [diff] [blame] | 1 | From 06562244ac4a1a61e1a2c6b219a517658f7349bf Mon Sep 17 00:00:00 2001 |
| 2 | From: Khem Raj <raj.khem@gmail.com> |
| 3 | Date: Mon, 10 Apr 2017 12:09:41 -0700 |
| 4 | Subject: [PATCH] Declare the define visivility attribute together |
| 5 | |
| 6 | clang ignores the visibility attribute if its not |
| 7 | defined before the definition. As a result these |
| 8 | symbols become hidden and consumers of this library |
| 9 | fail to link due to these missing symbols |
| 10 | |
| 11 | Signed-off-by: Khem Raj <raj.khem@gmail.com> |
| 12 | --- |
| 13 | doxygen.cfg.in | 2 +- |
| 14 | src/extra/ipv4.c | 15 +++---- |
| 15 | src/extra/ipv6.c | 9 ++-- |
| 16 | src/extra/pktbuff.c | 42 ++++++------------ |
| 17 | src/extra/tcp.c | 21 +++------ |
| 18 | src/extra/udp.c | 21 +++------ |
| 19 | src/internal.h | 5 +-- |
| 20 | src/libnetfilter_queue.c | 108 ++++++++++++++++------------------------------- |
| 21 | src/nlmsg.c | 21 +++------ |
| 22 | 9 files changed, 82 insertions(+), 162 deletions(-) |
| 23 | |
| 24 | diff --git a/doxygen.cfg.in b/doxygen.cfg.in |
| 25 | index a7378ca..659abee 100644 |
| 26 | --- a/doxygen.cfg.in |
| 27 | +++ b/doxygen.cfg.in |
| 28 | @@ -72,7 +72,7 @@ RECURSIVE = YES |
| 29 | EXCLUDE = |
| 30 | EXCLUDE_SYMLINKS = NO |
| 31 | EXCLUDE_PATTERNS = |
| 32 | -EXCLUDE_SYMBOLS = EXPORT_SYMBOL |
| 33 | +EXCLUDE_SYMBOLS = |
| 34 | EXAMPLE_PATH = |
| 35 | EXAMPLE_PATTERNS = |
| 36 | EXAMPLE_RECURSIVE = NO |
| 37 | diff --git a/src/extra/ipv4.c b/src/extra/ipv4.c |
| 38 | index a93d113..56d5dc7 100644 |
| 39 | --- a/src/extra/ipv4.c |
| 40 | +++ b/src/extra/ipv4.c |
| 41 | @@ -32,7 +32,7 @@ |
| 42 | * This funcion returns NULL if the IPv4 is malformed or the protocol version |
| 43 | * is not 4. On success, it returns a valid pointer to the IPv4 header. |
| 44 | */ |
| 45 | -struct iphdr *nfq_ip_get_hdr(struct pkt_buff *pktb) |
| 46 | +struct iphdr __EXPORTED *nfq_ip_get_hdr(struct pkt_buff *pktb) |
| 47 | { |
| 48 | struct iphdr *iph; |
| 49 | unsigned int pktlen = pktb->tail - pktb->network_header; |
| 50 | @@ -53,14 +53,13 @@ struct iphdr *nfq_ip_get_hdr(struct pkt_buff *pktb) |
| 51 | |
| 52 | return iph; |
| 53 | } |
| 54 | -EXPORT_SYMBOL(nfq_ip_get_hdr); |
| 55 | |
| 56 | /** |
| 57 | * nfq_ip_set_transport_header - set transport header |
| 58 | * \param pktb: pointer to network packet buffer |
| 59 | * \param iph: pointer to the IPv4 header |
| 60 | */ |
| 61 | -int nfq_ip_set_transport_header(struct pkt_buff *pktb, struct iphdr *iph) |
| 62 | +int __EXPORTED nfq_ip_set_transport_header(struct pkt_buff *pktb, struct iphdr *iph) |
| 63 | { |
| 64 | int doff = iph->ihl * 4; |
| 65 | |
| 66 | @@ -71,7 +70,6 @@ int nfq_ip_set_transport_header(struct pkt_buff *pktb, struct iphdr *iph) |
| 67 | pktb->transport_header = pktb->network_header + doff; |
| 68 | return 0; |
| 69 | } |
| 70 | -EXPORT_SYMBOL(nfq_ip_set_transport_header); |
| 71 | |
| 72 | /** |
| 73 | * nfq_ip_set_checksum - set IPv4 checksum |
| 74 | @@ -80,14 +78,13 @@ EXPORT_SYMBOL(nfq_ip_set_transport_header); |
| 75 | * \note Call to this function if you modified the IPv4 header to update the |
| 76 | * checksum. |
| 77 | */ |
| 78 | -void nfq_ip_set_checksum(struct iphdr *iph) |
| 79 | +void __EXPORTED nfq_ip_set_checksum(struct iphdr *iph) |
| 80 | { |
| 81 | uint32_t iph_len = iph->ihl * 4; |
| 82 | |
| 83 | iph->check = 0; |
| 84 | iph->check = nfq_checksum(0, (uint16_t *)iph, iph_len); |
| 85 | } |
| 86 | -EXPORT_SYMBOL(nfq_ip_set_checksum); |
| 87 | |
| 88 | /** |
| 89 | * nfq_ip_mangle - mangle IPv4 packet buffer |
| 90 | @@ -100,7 +97,7 @@ EXPORT_SYMBOL(nfq_ip_set_checksum); |
| 91 | * |
| 92 | * \note This function recalculates the IPv4 checksum (if needed). |
| 93 | */ |
| 94 | -int nfq_ip_mangle(struct pkt_buff *pkt, unsigned int dataoff, |
| 95 | +int __EXPORTED nfq_ip_mangle(struct pkt_buff *pkt, unsigned int dataoff, |
| 96 | unsigned int match_offset, unsigned int match_len, |
| 97 | const char *rep_buffer, unsigned int rep_len) |
| 98 | { |
| 99 | @@ -116,7 +113,6 @@ int nfq_ip_mangle(struct pkt_buff *pkt, unsigned int dataoff, |
| 100 | |
| 101 | return 1; |
| 102 | } |
| 103 | -EXPORT_SYMBOL(nfq_ip_mangle); |
| 104 | |
| 105 | /** |
| 106 | * nfq_pkt_snprintf_ip - print IPv4 header into buffer in iptables LOG format |
| 107 | @@ -128,7 +124,7 @@ EXPORT_SYMBOL(nfq_ip_mangle); |
| 108 | * case that there is enough room in the buffer. Read snprintf manpage for more |
| 109 | * information to know more about this strange behaviour. |
| 110 | */ |
| 111 | -int nfq_ip_snprintf(char *buf, size_t size, const struct iphdr *iph) |
| 112 | +int __EXPORTED nfq_ip_snprintf(char *buf, size_t size, const struct iphdr *iph) |
| 113 | { |
| 114 | int ret; |
| 115 | struct in_addr src = { iph->saddr }; |
| 116 | @@ -147,7 +143,6 @@ int nfq_ip_snprintf(char *buf, size_t size, const struct iphdr *iph) |
| 117 | |
| 118 | return ret; |
| 119 | } |
| 120 | -EXPORT_SYMBOL(nfq_ip_snprintf); |
| 121 | |
| 122 | /** |
| 123 | * @} |
| 124 | diff --git a/src/extra/ipv6.c b/src/extra/ipv6.c |
| 125 | index 7c5dc9b..6641c6b 100644 |
| 126 | --- a/src/extra/ipv6.c |
| 127 | +++ b/src/extra/ipv6.c |
| 128 | @@ -33,7 +33,7 @@ |
| 129 | * This funcion returns NULL if an invalid header is found. On sucess, it |
| 130 | * returns a valid pointer to the header. |
| 131 | */ |
| 132 | -struct ip6_hdr *nfq_ip6_get_hdr(struct pkt_buff *pktb) |
| 133 | +struct ip6_hdr __EXPORTED *nfq_ip6_get_hdr(struct pkt_buff *pktb) |
| 134 | { |
| 135 | struct ip6_hdr *ip6h; |
| 136 | unsigned int pktlen = pktb->tail - pktb->network_header; |
| 137 | @@ -50,7 +50,6 @@ struct ip6_hdr *nfq_ip6_get_hdr(struct pkt_buff *pktb) |
| 138 | |
| 139 | return ip6h; |
| 140 | } |
| 141 | -EXPORT_SYMBOL(nfq_ip6_get_hdr); |
| 142 | |
| 143 | /** |
| 144 | * nfq_ip6_set_transport_header - set transport header pointer for IPv6 packet |
| 145 | @@ -61,7 +60,7 @@ EXPORT_SYMBOL(nfq_ip6_get_hdr); |
| 146 | * This function returns 1 if the protocol has been found and the transport |
| 147 | * header has been set. Otherwise, it returns 0. |
| 148 | */ |
| 149 | -int nfq_ip6_set_transport_header(struct pkt_buff *pktb, struct ip6_hdr *ip6h, |
| 150 | +int __EXPORTED nfq_ip6_set_transport_header(struct pkt_buff *pktb, struct ip6_hdr *ip6h, |
| 151 | uint8_t target) |
| 152 | { |
| 153 | uint8_t nexthdr = ip6h->ip6_nxt; |
| 154 | @@ -115,7 +114,6 @@ int nfq_ip6_set_transport_header(struct pkt_buff *pktb, struct ip6_hdr *ip6h, |
| 155 | pktb->transport_header = cur; |
| 156 | return cur ? 1 : 0; |
| 157 | } |
| 158 | -EXPORT_SYMBOL(nfq_ip6_set_transport_header); |
| 159 | |
| 160 | /** |
| 161 | * nfq_ip6_snprintf - print IPv6 header into one buffer in iptables LOG format |
| 162 | @@ -124,7 +122,7 @@ EXPORT_SYMBOL(nfq_ip6_set_transport_header); |
| 163 | * \param ip6_hdr: pointer to a valid IPv6 header. |
| 164 | * |
| 165 | */ |
| 166 | -int nfq_ip6_snprintf(char *buf, size_t size, const struct ip6_hdr *ip6h) |
| 167 | +int __EXPORTED nfq_ip6_snprintf(char *buf, size_t size, const struct ip6_hdr *ip6h) |
| 168 | { |
| 169 | int ret; |
| 170 | char src[INET6_ADDRSTRLEN]; |
| 171 | @@ -143,7 +141,6 @@ int nfq_ip6_snprintf(char *buf, size_t size, const struct ip6_hdr *ip6h) |
| 172 | |
| 173 | return ret; |
| 174 | } |
| 175 | -EXPORT_SYMBOL(nfq_ip6_snprintf); |
| 176 | |
| 177 | /** |
| 178 | * @} |
| 179 | diff --git a/src/extra/pktbuff.c b/src/extra/pktbuff.c |
| 180 | index 1c15a00..54d8244 100644 |
| 181 | --- a/src/extra/pktbuff.c |
| 182 | +++ b/src/extra/pktbuff.c |
| 183 | @@ -40,7 +40,7 @@ |
| 184 | * |
| 185 | * \return a pointer to a new queue handle or NULL on failure. |
| 186 | */ |
| 187 | -struct pkt_buff * |
| 188 | +struct pkt_buff __EXPORTED * |
| 189 | pktb_alloc(int family, void *data, size_t len, size_t extra) |
| 190 | { |
| 191 | struct pkt_buff *pktb; |
| 192 | @@ -84,120 +84,108 @@ pktb_alloc(int family, void *data, size_t len, size_t extra) |
| 193 | } |
| 194 | return pktb; |
| 195 | } |
| 196 | -EXPORT_SYMBOL(pktb_alloc); |
| 197 | |
| 198 | /** |
| 199 | * pktb_data - return pointer to the beginning of the packet buffer |
| 200 | * \param pktb Pointer to packet buffer |
| 201 | */ |
| 202 | -uint8_t *pktb_data(struct pkt_buff *pktb) |
| 203 | +uint8_t __EXPORTED *pktb_data(struct pkt_buff *pktb) |
| 204 | { |
| 205 | return pktb->data; |
| 206 | } |
| 207 | -EXPORT_SYMBOL(pktb_data); |
| 208 | |
| 209 | /** |
| 210 | * pktb_len - return length of the packet buffer |
| 211 | * \param pktb Pointer to packet buffer |
| 212 | */ |
| 213 | -uint32_t pktb_len(struct pkt_buff *pktb) |
| 214 | +uint32_t __EXPORTED pktb_len(struct pkt_buff *pktb) |
| 215 | { |
| 216 | return pktb->len; |
| 217 | } |
| 218 | -EXPORT_SYMBOL(pktb_len); |
| 219 | |
| 220 | /** |
| 221 | * pktb_free - release packet buffer |
| 222 | * \param pktb Pointer to packet buffer |
| 223 | */ |
| 224 | -void pktb_free(struct pkt_buff *pktb) |
| 225 | +void __EXPORTED pktb_free(struct pkt_buff *pktb) |
| 226 | { |
| 227 | free(pktb); |
| 228 | } |
| 229 | -EXPORT_SYMBOL(pktb_free); |
| 230 | |
| 231 | /** |
| 232 | * pktb_push - update pointer to the beginning of the packet buffer |
| 233 | * \param pktb Pointer to packet buffer |
| 234 | */ |
| 235 | -void pktb_push(struct pkt_buff *pktb, unsigned int len) |
| 236 | +void __EXPORTED pktb_push(struct pkt_buff *pktb, unsigned int len) |
| 237 | { |
| 238 | pktb->data -= len; |
| 239 | pktb->len += len; |
| 240 | } |
| 241 | -EXPORT_SYMBOL(pktb_push); |
| 242 | |
| 243 | /** |
| 244 | * pktb_pull - update pointer to the beginning of the packet buffer |
| 245 | * \param pktb Pointer to packet buffer |
| 246 | */ |
| 247 | -void pktb_pull(struct pkt_buff *pktb, unsigned int len) |
| 248 | +void __EXPORTED pktb_pull(struct pkt_buff *pktb, unsigned int len) |
| 249 | { |
| 250 | pktb->data += len; |
| 251 | pktb->len -= len; |
| 252 | } |
| 253 | -EXPORT_SYMBOL(pktb_pull); |
| 254 | |
| 255 | /** |
| 256 | * pktb_put - add extra bytes to the tail of the packet buffer |
| 257 | * \param pktb Pointer to packet buffer |
| 258 | */ |
| 259 | -void pktb_put(struct pkt_buff *pktb, unsigned int len) |
| 260 | +void __EXPORTED pktb_put(struct pkt_buff *pktb, unsigned int len) |
| 261 | { |
| 262 | pktb->tail += len; |
| 263 | pktb->len += len; |
| 264 | } |
| 265 | -EXPORT_SYMBOL(pktb_put); |
| 266 | |
| 267 | /** |
| 268 | * pktb_trim - set new length for this packet buffer |
| 269 | * \param pktb Pointer to packet buffer |
| 270 | */ |
| 271 | -void pktb_trim(struct pkt_buff *pktb, unsigned int len) |
| 272 | +void __EXPORTED pktb_trim(struct pkt_buff *pktb, unsigned int len) |
| 273 | { |
| 274 | pktb->len = len; |
| 275 | } |
| 276 | -EXPORT_SYMBOL(pktb_trim); |
| 277 | |
| 278 | /** |
| 279 | * pktb_tailroom - get room in bytes in the tail of the packet buffer |
| 280 | * \param pktb Pointer to packet buffer |
| 281 | */ |
| 282 | -unsigned int pktb_tailroom(struct pkt_buff *pktb) |
| 283 | +unsigned int __EXPORTED pktb_tailroom(struct pkt_buff *pktb) |
| 284 | { |
| 285 | return pktb->data_len - pktb->len; |
| 286 | } |
| 287 | -EXPORT_SYMBOL(pktb_tailroom); |
| 288 | |
| 289 | /** |
| 290 | * pktb_mac_header - return pointer to layer 2 header (if any) |
| 291 | * \param pktb Pointer to packet buffer |
| 292 | */ |
| 293 | -uint8_t *pktb_mac_header(struct pkt_buff *pktb) |
| 294 | +uint8_t __EXPORTED *pktb_mac_header(struct pkt_buff *pktb) |
| 295 | { |
| 296 | return pktb->mac_header; |
| 297 | } |
| 298 | -EXPORT_SYMBOL(pktb_mac_header); |
| 299 | |
| 300 | /** |
| 301 | * pktb_network_header - return pointer to layer 3 header |
| 302 | * \param pktb Pointer to packet buffer |
| 303 | */ |
| 304 | -uint8_t *pktb_network_header(struct pkt_buff *pktb) |
| 305 | +uint8_t __EXPORTED *pktb_network_header(struct pkt_buff *pktb) |
| 306 | { |
| 307 | return pktb->network_header; |
| 308 | } |
| 309 | -EXPORT_SYMBOL(pktb_network_header); |
| 310 | |
| 311 | /** |
| 312 | * pktb_transport_header - return pointer to layer 4 header (if any) |
| 313 | * \param pktb Pointer to packet buffer |
| 314 | */ |
| 315 | -uint8_t *pktb_transport_header(struct pkt_buff *pktb) |
| 316 | +uint8_t __EXPORTED *pktb_transport_header(struct pkt_buff *pktb) |
| 317 | { |
| 318 | return pktb->transport_header; |
| 319 | } |
| 320 | -EXPORT_SYMBOL(pktb_transport_header); |
| 321 | |
| 322 | static int pktb_expand_tail(struct pkt_buff *pkt, int extra) |
| 323 | { |
| 324 | @@ -224,7 +212,7 @@ static int enlarge_pkt(struct pkt_buff *pkt, unsigned int extra) |
| 325 | return 1; |
| 326 | } |
| 327 | |
| 328 | -int pktb_mangle(struct pkt_buff *pkt, |
| 329 | +int __EXPORTED pktb_mangle(struct pkt_buff *pkt, |
| 330 | unsigned int dataoff, |
| 331 | unsigned int match_offset, |
| 332 | unsigned int match_len, |
| 333 | @@ -258,17 +246,15 @@ int pktb_mangle(struct pkt_buff *pkt, |
| 334 | pkt->mangled = true; |
| 335 | return 1; |
| 336 | } |
| 337 | -EXPORT_SYMBOL(pktb_mangle); |
| 338 | |
| 339 | /** |
| 340 | * pktb_mangled - return true if packet has been mangled |
| 341 | * \param pktb Pointer to packet buffer |
| 342 | */ |
| 343 | -bool pktb_mangled(const struct pkt_buff *pkt) |
| 344 | +bool __EXPORTED pktb_mangled(const struct pkt_buff *pkt) |
| 345 | { |
| 346 | return pkt->mangled; |
| 347 | } |
| 348 | -EXPORT_SYMBOL(pktb_mangled); |
| 349 | |
| 350 | /** |
| 351 | * @} |
| 352 | diff --git a/src/extra/tcp.c b/src/extra/tcp.c |
| 353 | index d1cd79d..8038ce5 100644 |
| 354 | --- a/src/extra/tcp.c |
| 355 | +++ b/src/extra/tcp.c |
| 356 | @@ -40,7 +40,7 @@ |
| 357 | * \note You have to call nfq_ip_set_transport_header or |
| 358 | * nfq_ip6_set_transport_header first to access the TCP header. |
| 359 | */ |
| 360 | -struct tcphdr *nfq_tcp_get_hdr(struct pkt_buff *pktb) |
| 361 | +struct tcphdr __EXPORTED *nfq_tcp_get_hdr(struct pkt_buff *pktb) |
| 362 | { |
| 363 | if (pktb->transport_header == NULL) |
| 364 | return NULL; |
| 365 | @@ -51,14 +51,13 @@ struct tcphdr *nfq_tcp_get_hdr(struct pkt_buff *pktb) |
| 366 | |
| 367 | return (struct tcphdr *)pktb->transport_header; |
| 368 | } |
| 369 | -EXPORT_SYMBOL(nfq_tcp_get_hdr); |
| 370 | |
| 371 | /** |
| 372 | * nfq_tcp_get_payload - get the TCP packet payload |
| 373 | * \param tcph: pointer to the TCP header |
| 374 | * \param pktb: pointer to user-space network packet buffer |
| 375 | */ |
| 376 | -void *nfq_tcp_get_payload(struct tcphdr *tcph, struct pkt_buff *pktb) |
| 377 | +void __EXPORTED *nfq_tcp_get_payload(struct tcphdr *tcph, struct pkt_buff *pktb) |
| 378 | { |
| 379 | unsigned int len = tcph->doff * 4; |
| 380 | |
| 381 | @@ -72,47 +71,43 @@ void *nfq_tcp_get_payload(struct tcphdr *tcph, struct pkt_buff *pktb) |
| 382 | |
| 383 | return pktb->transport_header + len; |
| 384 | } |
| 385 | -EXPORT_SYMBOL(nfq_tcp_get_payload); |
| 386 | |
| 387 | /** |
| 388 | * nfq_tcp_get_payload_len - get the tcp packet payload |
| 389 | * \param tcph: pointer to the TCP header |
| 390 | * \param pktb: pointer to user-space network packet buffer |
| 391 | */ |
| 392 | -unsigned int |
| 393 | +unsigned int __EXPORTED |
| 394 | nfq_tcp_get_payload_len(struct tcphdr *tcph, struct pkt_buff *pktb) |
| 395 | { |
| 396 | return pktb->tail - pktb->transport_header; |
| 397 | } |
| 398 | -EXPORT_SYMBOL(nfq_tcp_get_payload_len); |
| 399 | |
| 400 | /** |
| 401 | * nfq_tcp_set_checksum_ipv4 - computes IPv4/TCP packet checksum |
| 402 | * \param tcph: pointer to the TCP header |
| 403 | * \param iph: pointer to the IPv4 header |
| 404 | */ |
| 405 | -void |
| 406 | +void __EXPORTED |
| 407 | nfq_tcp_compute_checksum_ipv4(struct tcphdr *tcph, struct iphdr *iph) |
| 408 | { |
| 409 | /* checksum field in header needs to be zero for calculation. */ |
| 410 | tcph->check = 0; |
| 411 | tcph->check = nfq_checksum_tcpudp_ipv4(iph); |
| 412 | } |
| 413 | -EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv4); |
| 414 | |
| 415 | /** |
| 416 | * nfq_tcp_set_checksum_ipv6 - computes IPv6/TCP packet checksum |
| 417 | * \param tcph: pointer to the TCP header |
| 418 | * \param iph: pointer to the IPv6 header |
| 419 | */ |
| 420 | -void |
| 421 | +void __EXPORTED |
| 422 | nfq_tcp_compute_checksum_ipv6(struct tcphdr *tcph, struct ip6_hdr *ip6h) |
| 423 | { |
| 424 | /* checksum field in header needs to be zero for calculation. */ |
| 425 | tcph->check = 0; |
| 426 | tcph->check = nfq_checksum_tcpudp_ipv6(ip6h, tcph); |
| 427 | } |
| 428 | -EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv6); |
| 429 | |
| 430 | /* |
| 431 | * The union cast uses a gcc extension to avoid aliasing problems |
| 432 | @@ -134,7 +129,7 @@ union tcp_word_hdr { |
| 433 | * \param tcp: pointer to a valid tcp header. |
| 434 | * |
| 435 | */ |
| 436 | -int nfq_tcp_snprintf(char *buf, size_t size, const struct tcphdr *tcph) |
| 437 | +int __EXPORTED nfq_tcp_snprintf(char *buf, size_t size, const struct tcphdr *tcph) |
| 438 | { |
| 439 | int ret, len = 0; |
| 440 | |
| 441 | @@ -177,7 +172,6 @@ int nfq_tcp_snprintf(char *buf, size_t size, const struct tcphdr *tcph) |
| 442 | |
| 443 | return ret; |
| 444 | } |
| 445 | -EXPORT_SYMBOL(nfq_tcp_snprintf); |
| 446 | |
| 447 | /** |
| 448 | * nfq_tcp_mangle_ipv4 - mangle TCP/IPv4 packet buffer |
| 449 | @@ -189,7 +183,7 @@ EXPORT_SYMBOL(nfq_tcp_snprintf); |
| 450 | * |
| 451 | * \note This function recalculates the IPv4 and TCP checksums for you. |
| 452 | */ |
| 453 | -int |
| 454 | +int __EXPORTED |
| 455 | nfq_tcp_mangle_ipv4(struct pkt_buff *pkt, |
| 456 | unsigned int match_offset, unsigned int match_len, |
| 457 | const char *rep_buffer, unsigned int rep_len) |
| 458 | @@ -208,7 +202,6 @@ nfq_tcp_mangle_ipv4(struct pkt_buff *pkt, |
| 459 | |
| 460 | return 1; |
| 461 | } |
| 462 | -EXPORT_SYMBOL(nfq_tcp_mangle_ipv4); |
| 463 | |
| 464 | /** |
| 465 | * @} |
| 466 | diff --git a/src/extra/udp.c b/src/extra/udp.c |
| 467 | index 8c44a66..99c8faa 100644 |
| 468 | --- a/src/extra/udp.c |
| 469 | +++ b/src/extra/udp.c |
| 470 | @@ -37,7 +37,7 @@ |
| 471 | * This function returns NULL if invalid UDP header is found. On success, |
| 472 | * it returns the UDP header. |
| 473 | */ |
| 474 | -struct udphdr *nfq_udp_get_hdr(struct pkt_buff *pktb) |
| 475 | +struct udphdr __EXPORTED *nfq_udp_get_hdr(struct pkt_buff *pktb) |
| 476 | { |
| 477 | if (pktb->transport_header == NULL) |
| 478 | return NULL; |
| 479 | @@ -48,14 +48,13 @@ struct udphdr *nfq_udp_get_hdr(struct pkt_buff *pktb) |
| 480 | |
| 481 | return (struct udphdr *)pktb->transport_header; |
| 482 | } |
| 483 | -EXPORT_SYMBOL(nfq_udp_get_hdr); |
| 484 | |
| 485 | /** |
| 486 | * nfq_udp_get_payload - get the UDP packet payload. |
| 487 | * \param udph: the pointer to the UDP header. |
| 488 | * \param tail: pointer to the tail of the packet |
| 489 | */ |
| 490 | -void *nfq_udp_get_payload(struct udphdr *udph, struct pkt_buff *pktb) |
| 491 | +void __EXPORTED *nfq_udp_get_payload(struct udphdr *udph, struct pkt_buff *pktb) |
| 492 | { |
| 493 | uint16_t len = ntohs(udph->len); |
| 494 | |
| 495 | @@ -69,17 +68,15 @@ void *nfq_udp_get_payload(struct udphdr *udph, struct pkt_buff *pktb) |
| 496 | |
| 497 | return pktb->transport_header + sizeof(struct udphdr); |
| 498 | } |
| 499 | -EXPORT_SYMBOL(nfq_udp_get_payload); |
| 500 | |
| 501 | /** |
| 502 | * nfq_udp_get_payload_len - get the udp packet payload. |
| 503 | * \param udp: the pointer to the udp header. |
| 504 | */ |
| 505 | -unsigned int nfq_udp_get_payload_len(struct udphdr *udph, struct pkt_buff *pktb) |
| 506 | +unsigned int __EXPORTED nfq_udp_get_payload_len(struct udphdr *udph, struct pkt_buff *pktb) |
| 507 | { |
| 508 | return pktb->tail - pktb->transport_header; |
| 509 | } |
| 510 | -EXPORT_SYMBOL(nfq_udp_get_payload_len); |
| 511 | |
| 512 | /** |
| 513 | * nfq_udp_set_checksum_ipv4 - computes a IPv4/TCP packet's segment |
| 514 | @@ -91,14 +88,13 @@ EXPORT_SYMBOL(nfq_udp_get_payload_len); |
| 515 | * \see nfq_pkt_compute_ip_checksum |
| 516 | * \see nfq_pkt_compute_udp_checksum |
| 517 | */ |
| 518 | -void |
| 519 | +void __EXPORTED |
| 520 | nfq_udp_compute_checksum_ipv4(struct udphdr *udph, struct iphdr *iph) |
| 521 | { |
| 522 | /* checksum field in header needs to be zero for calculation. */ |
| 523 | udph->check = 0; |
| 524 | udph->check = nfq_checksum_tcpudp_ipv4(iph); |
| 525 | } |
| 526 | -EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv4); |
| 527 | |
| 528 | /** |
| 529 | * nfq_udp_set_checksum_ipv6 - computes a IPv6/TCP packet's segment |
| 530 | @@ -110,14 +106,13 @@ EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv4); |
| 531 | * \see nfq_pkt_compute_ip_checksum |
| 532 | * \see nfq_pkt_compute_udp_checksum |
| 533 | */ |
| 534 | -void |
| 535 | +void __EXPORTED |
| 536 | nfq_udp_compute_checksum_ipv6(struct udphdr *udph, struct ip6_hdr *ip6h) |
| 537 | { |
| 538 | /* checksum field in header needs to be zero for calculation. */ |
| 539 | udph->check = 0; |
| 540 | udph->check = nfq_checksum_tcpudp_ipv6(ip6h, udph); |
| 541 | } |
| 542 | -EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv6); |
| 543 | |
| 544 | /** |
| 545 | * nfq_tcp_mangle_ipv4 - mangle TCP/IPv4 packet buffer |
| 546 | @@ -129,7 +124,7 @@ EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv6); |
| 547 | * |
| 548 | * \note This function recalculates the IPv4 and TCP checksums for you. |
| 549 | */ |
| 550 | -int |
| 551 | +int __EXPORTED |
| 552 | nfq_udp_mangle_ipv4(struct pkt_buff *pkt, |
| 553 | unsigned int match_offset, unsigned int match_len, |
| 554 | const char *rep_buffer, unsigned int rep_len) |
| 555 | @@ -148,7 +143,6 @@ nfq_udp_mangle_ipv4(struct pkt_buff *pkt, |
| 556 | |
| 557 | return 1; |
| 558 | } |
| 559 | -EXPORT_SYMBOL(nfq_udp_mangle_ipv4); |
| 560 | |
| 561 | /** |
| 562 | * nfq_pkt_snprintf_udp_hdr - print udp header into one buffer in a humnan |
| 563 | @@ -158,12 +152,11 @@ EXPORT_SYMBOL(nfq_udp_mangle_ipv4); |
| 564 | * \param udp: pointer to a valid udp header. |
| 565 | * |
| 566 | */ |
| 567 | -int nfq_udp_snprintf(char *buf, size_t size, const struct udphdr *udph) |
| 568 | +int __EXPORTED nfq_udp_snprintf(char *buf, size_t size, const struct udphdr *udph) |
| 569 | { |
| 570 | return snprintf(buf, size, "SPT=%u DPT=%u ", |
| 571 | htons(udph->source), htons(udph->dest)); |
| 572 | } |
| 573 | -EXPORT_SYMBOL(nfq_udp_snprintf); |
| 574 | |
| 575 | /** |
| 576 | * @} |
| 577 | diff --git a/src/internal.h b/src/internal.h |
| 578 | index 558d267..79b0752 100644 |
| 579 | --- a/src/internal.h |
| 580 | +++ b/src/internal.h |
| 581 | @@ -5,10 +5,9 @@ |
| 582 | #include <stdint.h> |
| 583 | #include <stdbool.h> |
| 584 | #ifdef HAVE_VISIBILITY_HIDDEN |
| 585 | -# define __visible __attribute__((visibility("default"))) |
| 586 | -# define EXPORT_SYMBOL(x) typeof(x) (x) __visible |
| 587 | +# define __EXPORTED __attribute__((visibility("default"))) |
| 588 | #else |
| 589 | -# define EXPORT_SYMBOL |
| 590 | +# define __EXPORTED |
| 591 | #endif |
| 592 | |
| 593 | struct iphdr; |
| 594 | diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c |
| 595 | index 065d618..ab0b66b 100644 |
| 596 | --- a/src/libnetfilter_queue.c |
| 597 | +++ b/src/libnetfilter_queue.c |
| 598 | @@ -133,8 +133,7 @@ struct nfq_data { |
| 599 | struct nfattr **data; |
| 600 | }; |
| 601 | |
| 602 | -int nfq_errno; |
| 603 | -EXPORT_SYMBOL(nfq_errno); |
| 604 | +int __EXPORTED nfq_errno; |
| 605 | |
| 606 | /*********************************************************************** |
| 607 | * low level stuff |
| 608 | @@ -218,11 +217,10 @@ static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[], |
| 609 | |
| 610 | /* public interface */ |
| 611 | |
| 612 | -struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h) |
| 613 | +struct nfnl_handle __EXPORTED *nfq_nfnlh(struct nfq_handle *h) |
| 614 | { |
| 615 | return h->nfnlh; |
| 616 | } |
| 617 | -EXPORT_SYMBOL(nfq_nfnlh); |
| 618 | |
| 619 | /** |
| 620 | * |
| 621 | @@ -294,11 +292,10 @@ EXPORT_SYMBOL(nfq_nfnlh); |
| 622 | * over the netlink connection associated with the given queue connection |
| 623 | * handle. |
| 624 | */ |
| 625 | -int nfq_fd(struct nfq_handle *h) |
| 626 | +int __EXPORTED nfq_fd(struct nfq_handle *h) |
| 627 | { |
| 628 | return nfnl_fd(nfq_nfnlh(h)); |
| 629 | } |
| 630 | -EXPORT_SYMBOL(nfq_fd); |
| 631 | /** |
| 632 | * @} |
| 633 | */ |
| 634 | @@ -349,7 +346,7 @@ EXPORT_SYMBOL(nfq_fd); |
| 635 | * |
| 636 | * \return a pointer to a new queue handle or NULL on failure. |
| 637 | */ |
| 638 | -struct nfq_handle *nfq_open(void) |
| 639 | +struct nfq_handle __EXPORTED *nfq_open(void) |
| 640 | { |
| 641 | struct nfnl_handle *nfnlh = nfnl_open(); |
| 642 | struct nfq_handle *qh; |
| 643 | @@ -366,7 +363,6 @@ struct nfq_handle *nfq_open(void) |
| 644 | |
| 645 | return qh; |
| 646 | } |
| 647 | -EXPORT_SYMBOL(nfq_open); |
| 648 | |
| 649 | /** |
| 650 | * @} |
| 651 | @@ -382,7 +378,7 @@ EXPORT_SYMBOL(nfq_open); |
| 652 | * |
| 653 | * \return a pointer to a new queue handle or NULL on failure. |
| 654 | */ |
| 655 | -struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) |
| 656 | +struct nfq_handle __EXPORTED *nfq_open_nfnl(struct nfnl_handle *nfnlh) |
| 657 | { |
| 658 | struct nfnl_callback pkt_cb = { |
| 659 | .call = __nfq_rcv_pkt, |
| 660 | @@ -419,7 +415,6 @@ out_free: |
| 661 | free(h); |
| 662 | return NULL; |
| 663 | } |
| 664 | -EXPORT_SYMBOL(nfq_open_nfnl); |
| 665 | |
| 666 | /** |
| 667 | * \addtogroup LibrarySetup |
| 668 | @@ -438,7 +433,7 @@ EXPORT_SYMBOL(nfq_open_nfnl); |
| 669 | * |
| 670 | * \return 0 on success, non-zero on failure. |
| 671 | */ |
| 672 | -int nfq_close(struct nfq_handle *h) |
| 673 | +int __EXPORTED nfq_close(struct nfq_handle *h) |
| 674 | { |
| 675 | int ret; |
| 676 | |
| 677 | @@ -447,7 +442,6 @@ int nfq_close(struct nfq_handle *h) |
| 678 | free(h); |
| 679 | return ret; |
| 680 | } |
| 681 | -EXPORT_SYMBOL(nfq_close); |
| 682 | |
| 683 | /** |
| 684 | * nfq_bind_pf - bind a nfqueue handler to a given protocol family |
| 685 | @@ -460,11 +454,10 @@ EXPORT_SYMBOL(nfq_close); |
| 686 | * |
| 687 | * \return integer inferior to 0 in case of failure |
| 688 | */ |
| 689 | -int nfq_bind_pf(struct nfq_handle *h, uint16_t pf) |
| 690 | +int __EXPORTED nfq_bind_pf(struct nfq_handle *h, uint16_t pf) |
| 691 | { |
| 692 | return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_BIND, 0, pf); |
| 693 | } |
| 694 | -EXPORT_SYMBOL(nfq_bind_pf); |
| 695 | |
| 696 | /** |
| 697 | * nfq_unbind_pf - unbind nfqueue handler from a protocol family |
| 698 | @@ -476,11 +469,10 @@ EXPORT_SYMBOL(nfq_bind_pf); |
| 699 | * |
| 700 | * This call is obsolete, Linux kernels from 3.8 onwards ignore it. |
| 701 | */ |
| 702 | -int nfq_unbind_pf(struct nfq_handle *h, uint16_t pf) |
| 703 | +int __EXPORTED nfq_unbind_pf(struct nfq_handle *h, uint16_t pf) |
| 704 | { |
| 705 | return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_UNBIND, 0, pf); |
| 706 | } |
| 707 | -EXPORT_SYMBOL(nfq_unbind_pf); |
| 708 | |
| 709 | |
| 710 | /** |
| 711 | @@ -524,7 +516,7 @@ typedef int nfq_callback(struct nfq_q_handle *qh, |
| 712 | * The callback should return < 0 to stop processing. |
| 713 | */ |
| 714 | |
| 715 | -struct nfq_q_handle *nfq_create_queue(struct nfq_handle *h, |
| 716 | +struct nfq_q_handle __EXPORTED *nfq_create_queue(struct nfq_handle *h, |
| 717 | uint16_t num, |
| 718 | nfq_callback *cb, |
| 719 | void *data) |
| 720 | @@ -555,7 +547,6 @@ struct nfq_q_handle *nfq_create_queue(struct nfq_handle *h, |
| 721 | add_qh(qh); |
| 722 | return qh; |
| 723 | } |
| 724 | -EXPORT_SYMBOL(nfq_create_queue); |
| 725 | |
| 726 | /** |
| 727 | * @} |
| 728 | @@ -573,7 +564,7 @@ EXPORT_SYMBOL(nfq_create_queue); |
| 729 | * Removes the binding for the specified queue handle. This call also unbind |
| 730 | * from the nfqueue handler, so you don't have to call nfq_unbind_pf. |
| 731 | */ |
| 732 | -int nfq_destroy_queue(struct nfq_q_handle *qh) |
| 733 | +int __EXPORTED nfq_destroy_queue(struct nfq_q_handle *qh) |
| 734 | { |
| 735 | int ret = __build_send_cfg_msg(qh->h, NFQNL_CFG_CMD_UNBIND, qh->id, 0); |
| 736 | if (ret == 0) { |
| 737 | @@ -583,7 +574,6 @@ int nfq_destroy_queue(struct nfq_q_handle *qh) |
| 738 | |
| 739 | return ret; |
| 740 | } |
| 741 | -EXPORT_SYMBOL(nfq_destroy_queue); |
| 742 | |
| 743 | /** |
| 744 | * nfq_handle_packet - handle a packet received from the nfqueue subsystem |
| 745 | @@ -597,11 +587,10 @@ EXPORT_SYMBOL(nfq_destroy_queue); |
| 746 | * |
| 747 | * \return 0 on success, non-zero on failure. |
| 748 | */ |
| 749 | -int nfq_handle_packet(struct nfq_handle *h, char *buf, int len) |
| 750 | +int __EXPORTED nfq_handle_packet(struct nfq_handle *h, char *buf, int len) |
| 751 | { |
| 752 | return nfnl_handle_packet(h->nfnlh, buf, len); |
| 753 | } |
| 754 | -EXPORT_SYMBOL(nfq_handle_packet); |
| 755 | |
| 756 | /** |
| 757 | * nfq_set_mode - set the amount of packet data that nfqueue copies to userspace |
| 758 | @@ -618,7 +607,7 @@ EXPORT_SYMBOL(nfq_handle_packet); |
| 759 | * |
| 760 | * \return -1 on error; >=0 otherwise. |
| 761 | */ |
| 762 | -int nfq_set_mode(struct nfq_q_handle *qh, |
| 763 | +int __EXPORTED nfq_set_mode(struct nfq_q_handle *qh, |
| 764 | uint8_t mode, uint32_t range) |
| 765 | { |
| 766 | union { |
| 767 | @@ -638,7 +627,6 @@ int nfq_set_mode(struct nfq_q_handle *qh, |
| 768 | |
| 769 | return nfnl_query(qh->h->nfnlh, &u.nmh); |
| 770 | } |
| 771 | -EXPORT_SYMBOL(nfq_set_mode); |
| 772 | |
| 773 | /** |
| 774 | * nfq_set_queue_flags - set flags (options) for the kernel queue |
| 775 | @@ -690,7 +678,7 @@ EXPORT_SYMBOL(nfq_set_mode); |
| 776 | * |
| 777 | * \return -1 on error with errno set appropriately; =0 otherwise. |
| 778 | */ |
| 779 | -int nfq_set_queue_flags(struct nfq_q_handle *qh, |
| 780 | +int __EXPORTED nfq_set_queue_flags(struct nfq_q_handle *qh, |
| 781 | uint32_t mask, uint32_t flags) |
| 782 | { |
| 783 | union { |
| 784 | @@ -711,7 +699,6 @@ int nfq_set_queue_flags(struct nfq_q_handle *qh, |
| 785 | |
| 786 | return nfnl_query(qh->h->nfnlh, &u.nmh); |
| 787 | } |
| 788 | -EXPORT_SYMBOL(nfq_set_queue_flags); |
| 789 | |
| 790 | /** |
| 791 | * nfq_set_queue_maxlen - Set kernel queue maximum length parameter |
| 792 | @@ -724,7 +711,7 @@ EXPORT_SYMBOL(nfq_set_queue_flags); |
| 793 | * |
| 794 | * \return -1 on error; >=0 otherwise. |
| 795 | */ |
| 796 | -int nfq_set_queue_maxlen(struct nfq_q_handle *qh, |
| 797 | +int __EXPORTED nfq_set_queue_maxlen(struct nfq_q_handle *qh, |
| 798 | uint32_t queuelen) |
| 799 | { |
| 800 | union { |
| 801 | @@ -742,7 +729,6 @@ int nfq_set_queue_maxlen(struct nfq_q_handle *qh, |
| 802 | |
| 803 | return nfnl_query(qh->h->nfnlh, &u.nmh); |
| 804 | } |
| 805 | -EXPORT_SYMBOL(nfq_set_queue_maxlen); |
| 806 | |
| 807 | /** |
| 808 | * @} |
| 809 | @@ -829,14 +815,13 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, |
| 810 | * |
| 811 | * \return -1 on error; >= 0 otherwise. |
| 812 | */ |
| 813 | -int nfq_set_verdict(struct nfq_q_handle *qh, uint32_t id, |
| 814 | +int __EXPORTED nfq_set_verdict(struct nfq_q_handle *qh, uint32_t id, |
| 815 | uint32_t verdict, uint32_t data_len, |
| 816 | const unsigned char *buf) |
| 817 | { |
| 818 | return __set_verdict(qh, id, verdict, 0, 0, data_len, buf, |
| 819 | NFQNL_MSG_VERDICT); |
| 820 | } |
| 821 | -EXPORT_SYMBOL(nfq_set_verdict); |
| 822 | |
| 823 | /** |
| 824 | * nfq_set_verdict2 - like nfq_set_verdict, but you can set the mark. |
| 825 | @@ -847,14 +832,13 @@ EXPORT_SYMBOL(nfq_set_verdict); |
| 826 | * \param data_len number of bytes of data pointed to by #buf |
| 827 | * \param buf the buffer that contains the packet data |
| 828 | */ |
| 829 | -int nfq_set_verdict2(struct nfq_q_handle *qh, uint32_t id, |
| 830 | +int __EXPORTED nfq_set_verdict2(struct nfq_q_handle *qh, uint32_t id, |
| 831 | uint32_t verdict, uint32_t mark, |
| 832 | uint32_t data_len, const unsigned char *buf) |
| 833 | { |
| 834 | return __set_verdict(qh, id, verdict, htonl(mark), 1, data_len, |
| 835 | buf, NFQNL_MSG_VERDICT); |
| 836 | } |
| 837 | -EXPORT_SYMBOL(nfq_set_verdict2); |
| 838 | |
| 839 | /** |
| 840 | * nfq_set_verdict_batch - issue verdicts on several packets at once |
| 841 | @@ -868,13 +852,12 @@ EXPORT_SYMBOL(nfq_set_verdict2); |
| 842 | * batch support was added in Linux 3.1. |
| 843 | * These functions will fail silently on older kernels. |
| 844 | */ |
| 845 | -int nfq_set_verdict_batch(struct nfq_q_handle *qh, uint32_t id, |
| 846 | +int __EXPORTED nfq_set_verdict_batch(struct nfq_q_handle *qh, uint32_t id, |
| 847 | uint32_t verdict) |
| 848 | { |
| 849 | return __set_verdict(qh, id, verdict, 0, 0, 0, NULL, |
| 850 | NFQNL_MSG_VERDICT_BATCH); |
| 851 | } |
| 852 | -EXPORT_SYMBOL(nfq_set_verdict_batch); |
| 853 | |
| 854 | /** |
| 855 | * nfq_set_verdict_batch2 - like nfq_set_verdict_batch, but you can set a mark. |
| 856 | @@ -883,13 +866,12 @@ EXPORT_SYMBOL(nfq_set_verdict_batch); |
| 857 | * \param verdict verdict to return to netfilter (NF_ACCEPT, NF_DROP) |
| 858 | * \param mark mark to put on packet |
| 859 | */ |
| 860 | -int nfq_set_verdict_batch2(struct nfq_q_handle *qh, uint32_t id, |
| 861 | +int __EXPORTED nfq_set_verdict_batch2(struct nfq_q_handle *qh, uint32_t id, |
| 862 | uint32_t verdict, uint32_t mark) |
| 863 | { |
| 864 | return __set_verdict(qh, id, verdict, htonl(mark), 1, 0, |
| 865 | NULL, NFQNL_MSG_VERDICT_BATCH); |
| 866 | } |
| 867 | -EXPORT_SYMBOL(nfq_set_verdict_batch2); |
| 868 | |
| 869 | /** |
| 870 | * nfq_set_verdict_mark - like nfq_set_verdict, but you can set the mark. |
| 871 | @@ -905,14 +887,13 @@ EXPORT_SYMBOL(nfq_set_verdict_batch2); |
| 872 | * This function is deprecated since it is broken, its use is highly |
| 873 | * discouraged. Please, use nfq_set_verdict2 instead. |
| 874 | */ |
| 875 | -int nfq_set_verdict_mark(struct nfq_q_handle *qh, uint32_t id, |
| 876 | +int __EXPORTED nfq_set_verdict_mark(struct nfq_q_handle *qh, uint32_t id, |
| 877 | uint32_t verdict, uint32_t mark, |
| 878 | uint32_t data_len, const unsigned char *buf) |
| 879 | { |
| 880 | return __set_verdict(qh, id, verdict, mark, 1, data_len, buf, |
| 881 | NFQNL_MSG_VERDICT); |
| 882 | } |
| 883 | -EXPORT_SYMBOL(nfq_set_verdict_mark); |
| 884 | |
| 885 | /** |
| 886 | * @} |
| 887 | @@ -947,12 +928,11 @@ EXPORT_SYMBOL(nfq_set_verdict_mark); |
| 888 | } __attribute__ ((packed)); |
| 889 | \endverbatim |
| 890 | */ |
| 891 | -struct nfqnl_msg_packet_hdr *nfq_get_msg_packet_hdr(struct nfq_data *nfad) |
| 892 | +struct nfqnl_msg_packet_hdr __EXPORTED *nfq_get_msg_packet_hdr(struct nfq_data *nfad) |
| 893 | { |
| 894 | return nfnl_get_pointer_to_data(nfad->data, NFQA_PACKET_HDR, |
| 895 | struct nfqnl_msg_packet_hdr); |
| 896 | } |
| 897 | -EXPORT_SYMBOL(nfq_get_msg_packet_hdr); |
| 898 | |
| 899 | /** |
| 900 | * nfq_get_nfmark - get the packet mark |
| 901 | @@ -960,11 +940,10 @@ EXPORT_SYMBOL(nfq_get_msg_packet_hdr); |
| 902 | * |
| 903 | * \return the netfilter mark currently assigned to the given queued packet. |
| 904 | */ |
| 905 | -uint32_t nfq_get_nfmark(struct nfq_data *nfad) |
| 906 | +uint32_t __EXPORTED nfq_get_nfmark(struct nfq_data *nfad) |
| 907 | { |
| 908 | return ntohl(nfnl_get_data(nfad->data, NFQA_MARK, uint32_t)); |
| 909 | } |
| 910 | -EXPORT_SYMBOL(nfq_get_nfmark); |
| 911 | |
| 912 | /** |
| 913 | * nfq_get_timestamp - get the packet timestamp |
| 914 | @@ -975,7 +954,7 @@ EXPORT_SYMBOL(nfq_get_nfmark); |
| 915 | * |
| 916 | * \return 0 on success, non-zero on failure. |
| 917 | */ |
| 918 | -int nfq_get_timestamp(struct nfq_data *nfad, struct timeval *tv) |
| 919 | +int __EXPORTED nfq_get_timestamp(struct nfq_data *nfad, struct timeval *tv) |
| 920 | { |
| 921 | struct nfqnl_msg_packet_timestamp *qpt; |
| 922 | qpt = nfnl_get_pointer_to_data(nfad->data, NFQA_TIMESTAMP, |
| 923 | @@ -988,7 +967,6 @@ int nfq_get_timestamp(struct nfq_data *nfad, struct timeval *tv) |
| 924 | |
| 925 | return 0; |
| 926 | } |
| 927 | -EXPORT_SYMBOL(nfq_get_timestamp); |
| 928 | |
| 929 | /** |
| 930 | * nfq_get_indev - get the interface that the packet was received through |
| 931 | @@ -1001,11 +979,10 @@ EXPORT_SYMBOL(nfq_get_timestamp); |
| 932 | * \warning all nfq_get_dev() functions return 0 if not set, since linux |
| 933 | * only allows ifindex >= 1, see net/core/dev.c:2600 (in 2.6.13.1) |
| 934 | */ |
| 935 | -uint32_t nfq_get_indev(struct nfq_data *nfad) |
| 936 | +uint32_t __EXPORTED nfq_get_indev(struct nfq_data *nfad) |
| 937 | { |
| 938 | return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_INDEV, uint32_t)); |
| 939 | } |
| 940 | -EXPORT_SYMBOL(nfq_get_indev); |
| 941 | |
| 942 | /** |
| 943 | * nfq_get_physindev - get the physical interface that the packet was received |
| 944 | @@ -1015,11 +992,10 @@ EXPORT_SYMBOL(nfq_get_indev); |
| 945 | * If the returned index is 0, the packet was locally generated or the |
| 946 | * physical input interface is no longer known (ie. POSTROUTING?). |
| 947 | */ |
| 948 | -uint32_t nfq_get_physindev(struct nfq_data *nfad) |
| 949 | +uint32_t __EXPORTED nfq_get_physindev(struct nfq_data *nfad) |
| 950 | { |
| 951 | return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_PHYSINDEV, uint32_t)); |
| 952 | } |
| 953 | -EXPORT_SYMBOL(nfq_get_physindev); |
| 954 | |
| 955 | /** |
| 956 | * nfq_get_outdev - gets the interface that the packet will be routed out |
| 957 | @@ -1029,11 +1005,10 @@ EXPORT_SYMBOL(nfq_get_physindev); |
| 958 | * returned index is 0, the packet is destined for localhost or the output |
| 959 | * interface is not yet known (ie. PREROUTING?). |
| 960 | */ |
| 961 | -uint32_t nfq_get_outdev(struct nfq_data *nfad) |
| 962 | +uint32_t __EXPORTED nfq_get_outdev(struct nfq_data *nfad) |
| 963 | { |
| 964 | return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_OUTDEV, uint32_t)); |
| 965 | } |
| 966 | -EXPORT_SYMBOL(nfq_get_outdev); |
| 967 | |
| 968 | /** |
| 969 | * nfq_get_physoutdev - get the physical interface that the packet output |
| 970 | @@ -1045,11 +1020,10 @@ EXPORT_SYMBOL(nfq_get_outdev); |
| 971 | * |
| 972 | * \return The index of physical interface that the packet output will be routed out. |
| 973 | */ |
| 974 | -uint32_t nfq_get_physoutdev(struct nfq_data *nfad) |
| 975 | +uint32_t __EXPORTED nfq_get_physoutdev(struct nfq_data *nfad) |
| 976 | { |
| 977 | return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_PHYSOUTDEV, uint32_t)); |
| 978 | } |
| 979 | -EXPORT_SYMBOL(nfq_get_physoutdev); |
| 980 | |
| 981 | /** |
| 982 | * nfq_get_indev_name - get the name of the interface the packet |
| 983 | @@ -1089,13 +1063,12 @@ EXPORT_SYMBOL(nfq_get_physoutdev); |
| 984 | \endverbatim |
| 985 | * |
| 986 | */ |
| 987 | -int nfq_get_indev_name(struct nlif_handle *nlif_handle, |
| 988 | +int __EXPORTED nfq_get_indev_name(struct nlif_handle *nlif_handle, |
| 989 | struct nfq_data *nfad, char *name) |
| 990 | { |
| 991 | uint32_t ifindex = nfq_get_indev(nfad); |
| 992 | return nlif_index2name(nlif_handle, ifindex, name); |
| 993 | } |
| 994 | -EXPORT_SYMBOL(nfq_get_indev_name); |
| 995 | |
| 996 | /** |
| 997 | * nfq_get_physindev_name - get the name of the physical interface the |
| 998 | @@ -1109,13 +1082,12 @@ EXPORT_SYMBOL(nfq_get_indev_name); |
| 999 | * |
| 1000 | * \return -1 in case of error, > 0 if it succeed. |
| 1001 | */ |
| 1002 | -int nfq_get_physindev_name(struct nlif_handle *nlif_handle, |
| 1003 | +int __EXPORTED nfq_get_physindev_name(struct nlif_handle *nlif_handle, |
| 1004 | struct nfq_data *nfad, char *name) |
| 1005 | { |
| 1006 | uint32_t ifindex = nfq_get_physindev(nfad); |
| 1007 | return nlif_index2name(nlif_handle, ifindex, name); |
| 1008 | } |
| 1009 | -EXPORT_SYMBOL(nfq_get_physindev_name); |
| 1010 | |
| 1011 | /** |
| 1012 | * nfq_get_outdev_name - get the name of the physical interface the |
| 1013 | @@ -1129,13 +1101,12 @@ EXPORT_SYMBOL(nfq_get_physindev_name); |
| 1014 | * |
| 1015 | * \return -1 in case of error, > 0 if it succeed. |
| 1016 | */ |
| 1017 | -int nfq_get_outdev_name(struct nlif_handle *nlif_handle, |
| 1018 | +int __EXPORTED nfq_get_outdev_name(struct nlif_handle *nlif_handle, |
| 1019 | struct nfq_data *nfad, char *name) |
| 1020 | { |
| 1021 | uint32_t ifindex = nfq_get_outdev(nfad); |
| 1022 | return nlif_index2name(nlif_handle, ifindex, name); |
| 1023 | } |
| 1024 | -EXPORT_SYMBOL(nfq_get_outdev_name); |
| 1025 | |
| 1026 | /** |
| 1027 | * nfq_get_physoutdev_name - get the name of the interface the |
| 1028 | @@ -1150,13 +1121,12 @@ EXPORT_SYMBOL(nfq_get_outdev_name); |
| 1029 | * \return -1 in case of error, > 0 if it succeed. |
| 1030 | */ |
| 1031 | |
| 1032 | -int nfq_get_physoutdev_name(struct nlif_handle *nlif_handle, |
| 1033 | +int __EXPORTED nfq_get_physoutdev_name(struct nlif_handle *nlif_handle, |
| 1034 | struct nfq_data *nfad, char *name) |
| 1035 | { |
| 1036 | uint32_t ifindex = nfq_get_physoutdev(nfad); |
| 1037 | return nlif_index2name(nlif_handle, ifindex, name); |
| 1038 | } |
| 1039 | -EXPORT_SYMBOL(nfq_get_physoutdev_name); |
| 1040 | |
| 1041 | /** |
| 1042 | * nfq_get_packet_hw |
| 1043 | @@ -1180,12 +1150,11 @@ EXPORT_SYMBOL(nfq_get_physoutdev_name); |
| 1044 | } __attribute__ ((packed)); |
| 1045 | \endverbatim |
| 1046 | */ |
| 1047 | -struct nfqnl_msg_packet_hw *nfq_get_packet_hw(struct nfq_data *nfad) |
| 1048 | +struct nfqnl_msg_packet_hw __EXPORTED *nfq_get_packet_hw(struct nfq_data *nfad) |
| 1049 | { |
| 1050 | return nfnl_get_pointer_to_data(nfad->data, NFQA_HWADDR, |
| 1051 | struct nfqnl_msg_packet_hw); |
| 1052 | } |
| 1053 | -EXPORT_SYMBOL(nfq_get_packet_hw); |
| 1054 | |
| 1055 | /** |
| 1056 | * nfq_get_uid - get the UID of the user the packet belongs to |
| 1057 | @@ -1193,7 +1162,7 @@ EXPORT_SYMBOL(nfq_get_packet_hw); |
| 1058 | * |
| 1059 | * \return 1 if there is a UID available, 0 otherwise. |
| 1060 | */ |
| 1061 | -int nfq_get_uid(struct nfq_data *nfad, uint32_t *uid) |
| 1062 | +int __EXPORTED nfq_get_uid(struct nfq_data *nfad, uint32_t *uid) |
| 1063 | { |
| 1064 | if (!nfnl_attr_present(nfad->data, NFQA_UID)) |
| 1065 | return 0; |
| 1066 | @@ -1201,7 +1170,6 @@ int nfq_get_uid(struct nfq_data *nfad, uint32_t *uid) |
| 1067 | *uid = ntohl(nfnl_get_data(nfad->data, NFQA_UID, uint32_t)); |
| 1068 | return 1; |
| 1069 | } |
| 1070 | -EXPORT_SYMBOL(nfq_get_uid); |
| 1071 | |
| 1072 | /** |
| 1073 | * nfq_get_gid - get the GID of the user the packet belongs to |
| 1074 | @@ -1209,7 +1177,7 @@ EXPORT_SYMBOL(nfq_get_uid); |
| 1075 | * |
| 1076 | * \return 1 if there is a GID available, 0 otherwise. |
| 1077 | */ |
| 1078 | -int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) |
| 1079 | +int __EXPORTED nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) |
| 1080 | { |
| 1081 | if (!nfnl_attr_present(nfad->data, NFQA_GID)) |
| 1082 | return 0; |
| 1083 | @@ -1217,7 +1185,6 @@ int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) |
| 1084 | *gid = ntohl(nfnl_get_data(nfad->data, NFQA_GID, uint32_t)); |
| 1085 | return 1; |
| 1086 | } |
| 1087 | -EXPORT_SYMBOL(nfq_get_gid); |
| 1088 | |
| 1089 | |
| 1090 | /** |
| 1091 | @@ -1227,7 +1194,7 @@ EXPORT_SYMBOL(nfq_get_gid); |
| 1092 | * |
| 1093 | * \return -1 on error, otherwise > 0 |
| 1094 | */ |
| 1095 | -int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) |
| 1096 | +int __EXPORTED nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) |
| 1097 | { |
| 1098 | if (!nfnl_attr_present(nfad->data, NFQA_SECCTX)) |
| 1099 | return -1; |
| 1100 | @@ -1240,7 +1207,6 @@ int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) |
| 1101 | |
| 1102 | return 0; |
| 1103 | } |
| 1104 | -EXPORT_SYMBOL(nfq_get_secctx); |
| 1105 | |
| 1106 | /** |
| 1107 | * nfq_get_payload - get payload |
| 1108 | @@ -1253,7 +1219,7 @@ EXPORT_SYMBOL(nfq_get_secctx); |
| 1109 | * |
| 1110 | * \return -1 on error, otherwise > 0. |
| 1111 | */ |
| 1112 | -int nfq_get_payload(struct nfq_data *nfad, unsigned char **data) |
| 1113 | +int __EXPORTED nfq_get_payload(struct nfq_data *nfad, unsigned char **data) |
| 1114 | { |
| 1115 | *data = (unsigned char *) |
| 1116 | nfnl_get_pointer_to_data(nfad->data, NFQA_PAYLOAD, char); |
| 1117 | @@ -1262,7 +1228,6 @@ int nfq_get_payload(struct nfq_data *nfad, unsigned char **data) |
| 1118 | |
| 1119 | return -1; |
| 1120 | } |
| 1121 | -EXPORT_SYMBOL(nfq_get_payload); |
| 1122 | |
| 1123 | /** |
| 1124 | * @} |
| 1125 | @@ -1307,7 +1272,7 @@ do { \ |
| 1126 | * would have been printed into the buffer (in case that there is enough |
| 1127 | * room in it). See snprintf() return value for more information. |
| 1128 | */ |
| 1129 | -int nfq_snprintf_xml(char *buf, size_t rem, struct nfq_data *tb, int flags) |
| 1130 | +int __EXPORTED nfq_snprintf_xml(char *buf, size_t rem, struct nfq_data *tb, int flags) |
| 1131 | { |
| 1132 | struct nfqnl_msg_packet_hdr *ph; |
| 1133 | struct nfqnl_msg_packet_hw *hwph; |
| 1134 | @@ -1460,7 +1425,6 @@ int nfq_snprintf_xml(char *buf, size_t rem, struct nfq_data *tb, int flags) |
| 1135 | |
| 1136 | return len; |
| 1137 | } |
| 1138 | -EXPORT_SYMBOL(nfq_snprintf_xml); |
| 1139 | |
| 1140 | /** |
| 1141 | * @} |
| 1142 | diff --git a/src/nlmsg.c b/src/nlmsg.c |
| 1143 | index ba28c77..5582407 100644 |
| 1144 | --- a/src/nlmsg.c |
| 1145 | +++ b/src/nlmsg.c |
| 1146 | @@ -30,7 +30,7 @@ |
| 1147 | * @{ |
| 1148 | */ |
| 1149 | |
| 1150 | -void nfq_nlmsg_verdict_put(struct nlmsghdr *nlh, int id, int verdict) |
| 1151 | +void __EXPORTED nfq_nlmsg_verdict_put(struct nlmsghdr *nlh, int id, int verdict) |
| 1152 | { |
| 1153 | struct nfqnl_msg_verdict_hdr vh = { |
| 1154 | .verdict = htonl(verdict), |
| 1155 | @@ -38,20 +38,17 @@ void nfq_nlmsg_verdict_put(struct nlmsghdr *nlh, int id, int verdict) |
| 1156 | }; |
| 1157 | mnl_attr_put(nlh, NFQA_VERDICT_HDR, sizeof(vh), &vh); |
| 1158 | } |
| 1159 | -EXPORT_SYMBOL(nfq_nlmsg_verdict_put); |
| 1160 | |
| 1161 | -void nfq_nlmsg_verdict_put_mark(struct nlmsghdr *nlh, uint32_t mark) |
| 1162 | +void __EXPORTED nfq_nlmsg_verdict_put_mark(struct nlmsghdr *nlh, uint32_t mark) |
| 1163 | { |
| 1164 | mnl_attr_put_u32(nlh, NFQA_MARK, htonl(mark)); |
| 1165 | } |
| 1166 | -EXPORT_SYMBOL(nfq_nlmsg_verdict_put_mark); |
| 1167 | |
| 1168 | -void |
| 1169 | +void __EXPORTED |
| 1170 | nfq_nlmsg_verdict_put_pkt(struct nlmsghdr *nlh, const void *pkt, uint32_t plen) |
| 1171 | { |
| 1172 | mnl_attr_put(nlh, NFQA_PAYLOAD, plen, pkt); |
| 1173 | } |
| 1174 | -EXPORT_SYMBOL(nfq_nlmsg_verdict_put_pkt); |
| 1175 | |
| 1176 | /** |
| 1177 | * @} |
| 1178 | @@ -85,7 +82,7 @@ EXPORT_SYMBOL(nfq_nlmsg_verdict_put_pkt); |
| 1179 | * given protocol family. Both commands are ignored by Linux kernel 3.8 and |
| 1180 | * later versions. |
| 1181 | */ |
| 1182 | -void nfq_nlmsg_cfg_put_cmd(struct nlmsghdr *nlh, uint16_t pf, uint8_t cmd) |
| 1183 | +void __EXPORTED nfq_nlmsg_cfg_put_cmd(struct nlmsghdr *nlh, uint16_t pf, uint8_t cmd) |
| 1184 | { |
| 1185 | struct nfqnl_msg_config_cmd command = { |
| 1186 | .command = cmd, |
| 1187 | @@ -93,9 +90,8 @@ void nfq_nlmsg_cfg_put_cmd(struct nlmsghdr *nlh, uint16_t pf, uint8_t cmd) |
| 1188 | }; |
| 1189 | mnl_attr_put(nlh, NFQA_CFG_CMD, sizeof(command), &command); |
| 1190 | } |
| 1191 | -EXPORT_SYMBOL(nfq_nlmsg_cfg_put_cmd); |
| 1192 | |
| 1193 | -void nfq_nlmsg_cfg_put_params(struct nlmsghdr *nlh, uint8_t mode, int range) |
| 1194 | +void __EXPORTED nfq_nlmsg_cfg_put_params(struct nlmsghdr *nlh, uint8_t mode, int range) |
| 1195 | { |
| 1196 | struct nfqnl_msg_config_params params = { |
| 1197 | .copy_range = htonl(range), |
| 1198 | @@ -103,13 +99,11 @@ void nfq_nlmsg_cfg_put_params(struct nlmsghdr *nlh, uint8_t mode, int range) |
| 1199 | }; |
| 1200 | mnl_attr_put(nlh, NFQA_CFG_PARAMS, sizeof(params), ¶ms); |
| 1201 | } |
| 1202 | -EXPORT_SYMBOL(nfq_nlmsg_cfg_put_params); |
| 1203 | |
| 1204 | -void nfq_nlmsg_cfg_put_qmaxlen(struct nlmsghdr *nlh, uint32_t queue_maxlen) |
| 1205 | +void __EXPORTED nfq_nlmsg_cfg_put_qmaxlen(struct nlmsghdr *nlh, uint32_t queue_maxlen) |
| 1206 | { |
| 1207 | mnl_attr_put_u32(nlh, NFQA_CFG_QUEUE_MAXLEN, htonl(queue_maxlen)); |
| 1208 | } |
| 1209 | -EXPORT_SYMBOL(nfq_nlmsg_cfg_put_qmaxlen); |
| 1210 | |
| 1211 | /** |
| 1212 | * @} |
| 1213 | @@ -179,12 +173,11 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) |
| 1214 | * This function returns MNL_CB_ERROR if any error occurs, or MNL_CB_OK on |
| 1215 | * success. |
| 1216 | */ |
| 1217 | -int nfq_nlmsg_parse(const struct nlmsghdr *nlh, struct nlattr **attr) |
| 1218 | +int __EXPORTED nfq_nlmsg_parse(const struct nlmsghdr *nlh, struct nlattr **attr) |
| 1219 | { |
| 1220 | return mnl_attr_parse(nlh, sizeof(struct nfgenmsg), |
| 1221 | nfq_pkt_parse_attr_cb, attr); |
| 1222 | } |
| 1223 | -EXPORT_SYMBOL(nfq_nlmsg_parse); |
| 1224 | |
| 1225 | /** |
| 1226 | * @} |
| 1227 | -- |
| 1228 | 2.12.2 |
| 1229 | |