C++ (Cpp) handle_iptable_rule_to_NA Beispiele

Programmiersprache: C++ (Cpp)

Methode / Funktion: handle_iptable_rule_to_NA

Beispiele auf hotexamples.com: 2

C++ (Cpp) handle_iptable_rule_to_NA - 2 Beispiele gefunden. Dies sind die am besten bewerteten C++ (Cpp) Beispiele für die handle_iptable_rule_to_NA, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: vrrp_ipaddress.c Projekt: F191919/keepalived

/* add/remove iptable drop rule to VIP */
static void
handle_iptable_rule_to_vip(ip_address_t *ipaddress, int cmd, char *ifname, void *unused)
{
	char  *argv[10];
	unsigned int i = 0;
	int if_specifier = -1;
	char *addr_str;

	if (global_data->vrrp_iptables_inchain[0] == '\0')
		return;

	if (IP_IS6(ipaddress)) {
		handle_iptable_rule_to_NA(ipaddress, cmd, ifname);
		argv[i++] = "ip6tables";
	} else {
		argv[i++] = "iptables";
	}

	addr_str = ipaddresstos(NULL, ipaddress);

	argv[i++] = cmd ? "-A" : "-D";
	argv[i++] = global_data->vrrp_iptables_inchain;
	argv[i++] = "-d";
	argv[i++] = addr_str;
	if (IP_IS6(ipaddress) && IN6_IS_ADDR_LINKLOCAL(&ipaddress->u.sin6_addr)) {
		if_specifier = i;
		argv[i++] = "-i";
		argv[i++] = ifname;
	}
	argv[i++] = "-j";
	argv[i++] = "DROP";
	argv[i] = NULL;

	if (fork_exec(argv) < 0)
		log_message(LOG_ERR, "Failed to %s iptable drop rule"
				     " to vip %s", (cmd) ? "set" : "remove", addr_str);
	else
		ipaddress->iptable_rule_set = (cmd != IPADDRESS_DEL);

	if (global_data->vrrp_iptables_outchain[0] == '\0')
		return;

	argv[2] = global_data->vrrp_iptables_outchain ;
	argv[3] = "-s";
	if (if_specifier >= 0)
		argv[if_specifier] = "-o";

	if (fork_exec(argv) < 0)
		log_message(LOG_ERR, "Failed to %s iptable drop rule"
				     " from vip %s", (cmd) ? "set" : "remove", addr_str);
}

Beispiel #2

Datei anzeigen

Datei: vrrp_iptables.c Projekt: saravsars/keepalived

void
handle_iptable_rule_to_vip(ip_address_t *ipaddress, int cmd, char *ifname, struct ipt_handle *h)
{
	char *my_ifname = NULL;

	if (!use_iptables)
		return;

	if (global_data->vrrp_iptables_inchain[0] == '\0')
		return;

#ifdef _HAVE_LIBIPSET_
	if (global_data->using_ipsets)
	{
		if (!h->session)
			h->session = ipset_session_start();

		ipset_entry(h->session, cmd, ipaddress, ifname);
		ipaddress->iptable_rule_set = (cmd != IPADDRESS_DEL);

		return;
	}
#endif

	if (IP_IS6(ipaddress)) {
		if (IN6_IS_ADDR_LINKLOCAL(&ipaddress->u.sin6_addr))
			my_ifname = ifname;

		handle_iptable_rule_to_NA(ipaddress, cmd, my_ifname, h);
	}

	iptables_entry(h, global_data->vrrp_iptables_inchain, -1,
			XTC_LABEL_DROP, NULL, ipaddress,
			my_ifname, NULL,
			IPPROTO_NONE, 0, cmd);

	ipaddress->iptable_rule_set = (cmd != IPADDRESS_DEL);

	if (global_data->vrrp_iptables_outchain[0] == '\0')
		return;

	iptables_entry(h, global_data->vrrp_iptables_outchain, -1,
			XTC_LABEL_DROP, ipaddress, NULL,
			NULL, my_ifname,
			IPPROTO_NONE, 0, cmd);
}