Ejemplo n.º 1
0
void initialize_ephem_const ( void )
{
     int i;
     int size;

     oputs ( OUT_SYS, 30, "    ephemeral random constants.\n" );

     active_head = (ephem_const *)MALLOC ( sizeof ( ephem_const ) );
     active_head->refcount = 1;
     active_head->next = NULL;
     
     free_head = (ephem_const *)MALLOC ( sizeof ( ephem_const ) );
     free_head->refcount = 1;
     free_head->next = NULL;
     
     /** how many block >>pointers<< to allocate (not blocks). **/
     block_list_size = EPHEM_METABLOCKSIZE;
     block_list = (ephem_const **)MALLOC ( block_list_size *
					  sizeof ( ephem_const * ) );

     /* allocate the first block. */
     size = EPHEM_STARTSIZE;
     block_count = 1;
     block_list[0] = (ephem_const *)MALLOC ( size *
                                                  sizeof ( ephem_const ) );
     free_count = ercalloc = size;

     /* chain all the ERC records in the block together. */
     for ( i = 0; i < size-1; ++i )
          block_list[0][i].next = block_list[0]+i+1;
     block_list[0][size-1].next = NULL;

     /* add the chain to the free list. */
     free_head->next = block_list[0];
}
Ejemplo n.º 2
0
/* Rules which just flush the packet filter */
int flush_iptablesrestore(enum filtertype policy) {
  char *ostr;

  // FIXME: Should the nat table always have a default ACCEPT policy?
  oputs("*nat");
  oputs(":PREROUTING ACCEPT [0:0]");
  oputs(":POSTROUTING ACCEPT [0:0]");
  oputs(":OUTPUT ACCEPT [0:0]");
  oputs("COMMIT");

  // filter table
  oputs("*filter");

  switch (policy) {
  case T_ACCEPT:
    ostr = strdup("ACCEPT");
    break;
  case DROP:
    ostr = strdup("DROP");
    break;
  case T_REJECT:
    ostr = strdup("REJECT");
    break;
  default:
    fprintf(stderr, "invalid filtertype %d\n", policy);
    abort();
  }
  oprintf(":INPUT %s [0:0]\n", ostr);
  oprintf(":OUTPUT %s [0:0]\n", ostr);
  oprintf(":FORWARD %s [0:0]\n", ostr);
  oputs("COMMIT");

  return 0;
}
Ejemplo n.º 3
0
void error ( int severity, char *format, ... )
{
     va_list ap;

     va_start ( ap, format );
     vsprintf ( buffer, format, ap );
     va_end ( ap );
     strcat ( buffer, "\n" );

     oputs ( OUT_SYS, 0, error_type[severity] );
     oputs ( OUT_SYS, 0, buffer );

     if ( severity == E_FATAL_ERROR )
     {
          fprintf ( stderr, "exiting due to fatal error.\n" );
          exit(1);
     }

}
Ejemplo n.º 4
0
void twdone(void)
{
	if (!TROFF && t.twrest) {
		obufp = obuf;
		oputs(t.twrest);
		flusho();
		if (pipeflg) {
			pclose(ptid);
		}
		restore_tty();
	}
}
Ejemplo n.º 5
0
void oprintf ( int streamid, int detail, char *format, ... )
{
     va_list ap;

     if ( detail_level < detail )
          return;
     
     va_start ( ap, format );
     vsprintf ( buffer, format, ap );
     va_end ( ap );

     oputs ( streamid, detail, buffer );
}
Ejemplo n.º 6
0
twdone(){
	obufp = obuf;
	oputs(t.twrest);
	flusho();
	if(pipeflg){
		close(ptid);
		wait(&waitf);
	}
	if(ttysave != -1) {
		ttys.sg_flags = ttysave;
		stty(1, &ttys);
	}
}
Ejemplo n.º 7
0
void
outascii (	/* print i in best-guess ascii */
    tchar i
)
{
	int j = cbits(i);
	int f = fbits(i);
	int k;

	if (j == FILLER)
		return;
	if (isadjspc(i))
		return;
	if (ismot(i)) {
		oput(' ');
		return;
	}
	if ((j < 0177 && j >= ' ') || j == '\n') {
		oput(j);
		return;
	}
	if (f == 0)
		f = xfont;
	if (j == DRAWFCN)
		oputs("\\D");
	else if (j == HYPHEN || j == MINUS)
		oput('-');
	else if (j == XON)
		oputs("\\X");
	else if (islig(i) && lgrevtab && lgrevtab[f] && lgrevtab[f][j]) {
		for (k = 0; lgrevtab[f][j][k]; k++)
			outmb(sfmask(i) | lgrevtab[f][j][k]);
	} else if (j == WORDSP)
		;	/* nothing at all */
	else if (j > 0177)
		outmb(i);
}
Ejemplo n.º 8
0
char *plot(char *x)
{
	int	i;
	char	*j, *k;

	oputs(t.ploton);
	k = x;
	if ((*k & 0377) == 0200)
		k++;
	for (; *k; k++) {
		if (*k == '%') {	/* quote char within plot mode */
			oput(*++k);
		} else if (*k & 0200) {
			if (*k & 0100) {
				if (*k & 040)
					j = t.up; 
				else 
					j = t.down;
			} else {
				if (*k & 040)
					j = t.left; 
				else 
					j = t.right;
			}
			if ((i = *k & 037) == 0) {	/* 2nd 0200 turns it off */
				++k;
				break;
			}
			while (i--)
				oputs(j);
		} else 
			oput(*k);
	}
	oputs(t.plotoff);
	return(k);
}
Ejemplo n.º 9
0
void n_ptout(Tchar i)
{
	*olinep++ = i;
	if (olinep >= &oline[LNSIZE])
		olinep--;
	if (cbits(i) != '\n')
		return;
	olinep--;
	lead += dip->blss + lss - t.Newline;
	dip->blss = 0;
	esct = esc = 0;
	if (olinep > oline) {
		move();
		ptout1();
		oputs(t.twnl);
	} else {
		lead += t.Newline;
		move();
	}
	lead += dip->alss;
	dip->alss = 0;
	olinep = oline;
}
Ejemplo n.º 10
0
static void
outmb(tchar i)
{
	extern int nchtab;
	int j = cbits(i);
#ifdef	EUC
	wchar_t	wc;
	char	mb[MB_LEN_MAX+1];
	int	n;
	int	f;
#endif	/* EUC */

	if (j < 0177) {
		oput(j);
		return;
	}
#ifdef	EUC
	if (iscopy(i))
		wc = cbits(i);
	else {
		if ((f = fbits(i)) == 0)
			f = font;
		wc = tr2un(j, f);
	}
	if (wc != -1 && (n = wctomb(mb, wc)) > 0) {
		mb[n] = 0;
		oputs(mb);
	} else
#endif	/* EUC */
	if (j < 128 + nchtab) {
		oput('\\');
		oput('(');
		oput(chname[chtab[j-128]]);
		oput(chname[chtab[j-128]+1]);
	}
}
Ejemplo n.º 11
0
static int fg_iptables_common(struct filter *filter, int flags, sa_family_t family, const char *iptables)
{
    long feat = 0;
    int r = 0;
    struct fg_misc misc = { flags, &feat };
    fg_callback cb_iptables = {
rule:
        family == AF_INET ? cb_iptables_rule : cb_ip6tables_rule,
        group:	family == AF_INET ? cb_iptables_group : cb_ip6tables_group,
    };
    const int nchains = 3;

    filter_unroll(&filter);
    filter_apply_flags(filter, flags);

    if(!(flags & FF_NOSKEL)) {
        oputs("CHAINS=\"INPUT OUTPUT FORWARD\"");
        oputs("");

        oputs("# Flush/remove rules, set policy");
        oprintf("for f in $CHAINS; do %s -P $f DROP; done\n", iptables);
        oprintf("%s -F; %s -X\n", iptables, iptables);
        if (family == AF_INET)
            oprintf("%s -t nat -F; %s -t nat -X\n", iptables, iptables);
        oputs("");

        oputs("# Create FORW_OUT chain");
        oprintf("%s -N FORW_OUT\n", iptables);
        oputs("");

        oputs("# Setup INVALID chain");
        oprintf("%s -N INVALID\n", iptables);
#if 0
        oprintf("%s -A INVALID -j LOG --log-prefix \"invalid \"\n", iptables);
#endif
        oprintf("%s -A INVALID -j DROP\n", iptables);
        oprintf("for f in $CHAINS; do\n"
                "\t%s -I $f -m state --state INVALID -j INVALID;\n"
                "done\n", iptables);
        oputs("");
        r += nchains;
    }
    if((r = filtergen_cprod(filter, &cb_iptables, &misc)) < 0)
        return r;
    if(!(flags & FF_NOSKEL)) {
        if((flags & FF_LSTATE) && (feat & (A_TCP|A_UDP))) {
            oputs("for f in $CHAINS; do");
            if(feat & A_TCP) {
                r += nchains;
                oprintf("\t%s -I $f -p tcp ! --syn -m state --state ESTABLISHED -j ACCEPT;\n", iptables);
            }
            if(feat & A_UDP) {
                r += nchains;
                oprintf("\t%s -I $f -p udp -m state --state ESTABLISHED -j ACCEPT;\n", iptables);
            }
            oputs("done");
        }
#if 0
        oprintf("for f in $CHAINS; do %s -A $f -j LOG; done\n", iptables);
        r += nchains;
#endif
    }
    return r;
}

int fg_iptables(struct filter *filter, int flags)
{
    return fg_iptables_common(filter, flags, AF_INET, IPTABLES);
}

int fg_ip6tables(struct filter *filter, int flags)
{
    return fg_iptables_common(filter, flags, AF_INET6, IP6TABLES);
}

/* Rules which just flush the packet filter */
static int flush_iptables_common(enum filtertype policy, sa_family_t family, const char *iptables) {
    char * ostr;

    oputs("CHAINS=\"INPUT OUTPUT FORWARD\"");
    oputs("");

    switch (policy) {
    case T_ACCEPT:
        ostr = strdup("ACCEPT");
        break;
    case DROP:
        ostr = strdup("DROP");
        break;
    case T_REJECT:
        ostr = strdup("REJECT");
        break;
    default:
        fprintf(stderr, "invalid filtertype %d\n", policy);
        abort();
    }
    oprintf("for f in $CHAINS; do %s -P $f %s; done\n", iptables, ostr);
    oprintf("%s -F; %s -X\n", iptables, iptables);
    if (family == AF_INET)
        oprintf("%s -t nat -F; %s -t nat -X\n", iptables, iptables);

    return 0;
}
Ejemplo n.º 12
0
void move(void)
{
	int k;
	char *i, *j;
	char *p, *q;
	int iesct, dt;

	iesct = esct;
	if (esct += esc)
		i = "\0"; 
	else 
		i = "\n\0";
	j = t.hlf;
	p = t.right;
	q = t.down;
	if (lead) {
		if (lead < 0) {
			lead = -lead;
			i = t.flr;
			/*	if(!esct)i = t.flr; else i = "\0";*/
			j = t.hlr;
			q = t.up;
		}
		if (*i & 0377) {
			k = lead / t.Newline;
			lead = lead % t.Newline;
			while (k--)
				oputs(i);
		}
		if (*j & 0377) {
			k = lead / t.Halfline;
			lead = lead % t.Halfline;
			while (k--)
				oputs(j);
		} else { /* no half-line forward, not at line begining */
			k = lead / t.Newline;
			lead = lead % t.Newline;
			if (k > 0) 
				esc = esct;
			i = "\n";
			while (k--) 
				oputs(i);
		}
	}
	if (esc) {
		if (esc < 0) {
			esc = -esc;
			j = "\b";
			p = t.left;
		} else {
			j = " ";
			if (hflg)
				while ((dt = dtab - (iesct % dtab)) <= esc) {
					if (dt % t.Em)
						break;
					oput(TAB);
					esc -= dt;
					iesct += dt;
				}
		}
		k = esc / t.Em;
		esc = esc % t.Em;
		while (k--)
			oputs(j);
	}
	if ((*t.ploton & 0377) && (esc || lead)) {
		oputs(t.ploton);
		esc /= t.Hor;
		lead /= t.Vert;
		while (esc--)
			oputs(p);
		while (lead--)
			oputs(q);
		oputs(t.plotoff);
	}
	esc = lead = 0;
}
Ejemplo n.º 13
0
void ptout1(void)
{
	int k;
	char *codep;
	int w, j, phyw;
	Tchar *q, i;
	static int oxfont = FT;	/* start off in roman */

	for (q = oline; q < olinep; q++) {
		i = *q;
		if (ismot(i)) {
			j = absmot(i);
			if (isnmot(i))
				j = -j;
			if (isvmot(i))
				lead += j;
			else 
				esc += j;
			continue;
		}
		if ((k = cbits(i)) <= ' ') {
			switch (k) {
			case ' ': /*space*/
				esc += t.Char;
				break;
			case '\033':
			case '\007':
			case '\016':
			case '\017':
				oput(k);
				break;
			}
			continue;
		}
		phyw = w = t.Char * t.tfont.wp[k].wid;
		if (iszbit(i))
			w = 0;
		if (esc || lead)
			move();
		esct += w;
		xfont = fbits(i);
		if (xfont != oxfont) {
			switch (oxfont) {
			case ULFONT:	oputs(t.itoff); break;
			case BDFONT:	oputs(t.bdoff); break;
			case BIFONT:	oputs(t.itoff); oputs(t.bdoff); break;
			}
			switch (xfont) {
			case ULFONT:
				if (*t.iton & 0377) oputs(t.iton); break;
			case BDFONT:
				if (*t.bdon & 0377) oputs(t.bdon); break;
			case BIFONT:
				if (*t.bdon & 0377) oputs(t.bdon);
				if (*t.iton & 0377) oputs(t.iton);
				break;
			}
			oxfont = xfont;
		}
		if ((xfont == ulfont || xfont == BIFONT) && !(*t.iton & 0377)) {
			for (j = w / t.Char; j > 0; j--)
				oput('_');
			for (j = w / t.Char; j > 0; j--)
				oput('\b');
		}
		if (!(*t.bdon & 0377) && ((j = bdtab[xfont]) || xfont == BDFONT || xfont == BIFONT))
			j++;
		else
			j = 1;	/* number of overstrikes for bold */
		if (k < ALPHABET) {	/* ordinary ascii */
			oput(k);
			while (--j > 0) {
				oput('\b');
				oput(k);
			}
		} else if (k >= t.tfont.nchars) {	/* BUG -- not really understood */
/* fprintf(stderr, "big char %d, name %s\n", k, chname(k)); /* */
			oputs(chname(k)+1);	/* BUG: should separate Troffchar and MBchar... */
		} else if (t.tfont.wp[k].str == 0) {
/* fprintf(stderr, "nostr char %d, name %s\n", k, chname(k)); /* */
			oputs(chname(k)+1);	/* BUG: should separate Troffchar and MBchar... */
		} else if (t.tfont.wp[k].str[0] == MBchar) {	/* parse() puts this on */
/* fprintf(stderr, "MBstr char %d, name %s\n", k, chname(k)); /* */
			oputs(t.tfont.wp[k].str+1);
		} else {
			int oj = j;
/* fprintf(stderr, "str char %d, name %s\n", k, chname(k)); /* */
			codep = t.tfont.wp[k].str+1;	/* Troffchar by default */
			while (*codep != 0) {
				if (*codep & 0200) {
					codep = plot(codep);
					oput(' ');
				} else {
					if (*codep == '%')	/* escape */
						codep++;
					oput(*codep);
					if (*codep == '\033')
						oput(*++codep);
					else if (*codep != '\b')
						for (j = oj; --j > 0; ) {
							oput('\b');
							oput(*codep);
						}
					codep++;
				}
			}
		}
		if (!w)
			for (j = phyw / t.Char; j > 0; j--)
				oput('\b');
	}
}
Ejemplo n.º 14
0
void run_gp(multipop *mpop, int startgen, event *t_eval, event *t_breed,
		int startfromcheckpoint) {
	char *param;
	int gen;
	int maxgen;
	int exch_gen;
	int i, j;
	int checkinterval;
	char *checkfileformat;
	char *checkfilename = NULL;
	event start, end, diff;
	int term = 0;
	termination_override =0;
	int stt_interval;
	int bestn;

	if (!startfromcheckpoint) {

		/* get the number of top individuals to track. */
		bestn = atoi(get_parameter("output.bestn"));
		if (bestn < 1) {
			error( E_WARNING,
					"\"output.bestn\" must be at least 1.  defaulting to 1.");
			bestn = 1;
		}

		/* allocate statistics for overall run. */
		run_stats = (popstats *) MALLOC((mpop->size + 1) * sizeof(popstats));
		for (i = 0; i < mpop->size + 1; ++i) {
			run_stats[i].bestn = bestn;
			run_stats[i].size = -1;
		}

		/* initialize the linked list of saved individuals. */
		saved_head = (saved_ind *) MALLOC(sizeof(saved_ind));
		saved_head->ind = NULL;
		saved_head->refcount = 0;
		saved_head->next = NULL;
		saved_tail = saved_head;
	}

	/* get the maximum number of generations. */
	param = get_parameter("max_generations");
	if (param == NULL)
		error( E_FATAL_ERROR, "no value specified for \"max_generations\".");
	maxgen = atoi(param);
	if (maxgen <= 0)
		error( E_FATAL_ERROR, "\"max_generations\" must be greater than zero.");

	/* get the interval for subpopulation exchanges, if there is more than
	 one subpopulation. */
	if (mpop->size > 1) {
		param = get_parameter("multiple.exch_gen");
		if (param == NULL)
			error( E_FATAL_ERROR,
					"no value specified for \"multiple.exch_gen\".");
		exch_gen = atoi(param);
		if (exch_gen <= 0)
			error( E_FATAL_ERROR,
					"\"multiple.exch_gen\" must be greater than zero.");
	}

	/* get the interval for doing checkpointing. */
	param = get_parameter("checkpoint.interval");
	if (param == NULL)
		/* checkpointing disabled. */
		checkinterval = -1;
	else
		checkinterval = atoi(param);

	/* get the format string for the checkpoint filenames. */
	checkfileformat = get_parameter("checkpoint.filename");
	checkfilename = (char *) MALLOC(strlen(checkfileformat) + 50);

	/* get the interval for writing information to the .stt file. */
	stt_interval = atoi(get_parameter("output.stt_interval"));
	if (stt_interval < 1)
		error( E_FATAL_ERROR,
				"\"output.stt_interval\" must be greater than zero.");

	oputs( OUT_SYS, 10, "\n\nstarting evolution.\n");

	/* print out how often we'll be doing checkpointing. */
	if (checkinterval > 0)
		oprintf( OUT_SYS, 20,
				"checkpointing will be done every %d generations and "
						"after the last generation.\n", checkinterval);
	else if (checkinterval == 0)
		oprintf( OUT_SYS, 20, "checkpointing will be done only after the last "
				"generation.\n");
	else
		oprintf( OUT_SYS, 20, "no checkpointing will be done.\n");

	/* the big loop. */
	for (gen = startgen; gen < maxgen && !term; ++gen) {
		oprintf( OUT_SYS, 20, "=== generation %d.\n", gen);
		generation_No = gen;
		/* unless this is the first generation after loading a checkpoint
		 file... */
		if (!(startfromcheckpoint && gen == startgen)) {

			/* evaluate the population. */
			event_mark(&start);
			for (i = 0; i < mpop->size; ++i) { //generation_No = i;
				evaluate_pop(mpop->pop[i]);
			}
			event_mark(&end);
			event_diff(&diff, &start, &end);

#ifdef TIMING_AVAILABLE
			oprintf( OUT_SYS, 40, "    evaluation complete.  (%s)\n",
					event_string(&diff));
#else
			oprintf ( OUT_SYS, 40, "    evaluation complete.\n" );
#endif

			event_accum(t_eval, &diff);

			/* calculate and print statistics.  returns 1 if user termination
			 criterion was met, 0 otherwise. */
			term = generation_information(gen, mpop, stt_interval,
					run_stats[0].bestn);
			if (term) {
				//oprintf( OUT_SYS, 30, "user termination criterion met.\n");
				/*extern float *optimal_in_generation;
				extern int *optimal_index_in_generation;
				extern int same_optimal_count;
				int i;
				for (i = 0; i < generationSIZE; i++) {
					if ((int) optimal_in_generation[i] == -1) {
						printf("tried to Break");
						break;
					}
					printf("Index: %d ERR : %f -Index %d Same : %i\n", i,
							optimal_in_generation[i],
							optimal_index_in_generation[i], same_optimal_count);
				}*/
			}
			flush_output_streams();

		}

		/** write a checkpoint file if checkinterval is non-negative and:
		 we've reached the last generation, or
		 the user termination criterion has been met, or
		 we've reached the specified checkpoint interval. **/
		if (checkinterval >= 0
				&& (gen == maxgen || term
						|| (checkinterval > 0 && gen > startgen
								&& (gen % checkinterval) == 0))) {
			sprintf(checkfilename, checkfileformat, gen);
			write_checkpoint(gen, mpop, checkfilename);
		}

		/** if this is not the last generation and the user criterion hasn't
		 been met, then do breeding. **/
		if (gen != maxgen && !term) {

			/** exchange subpops if it's time. **/
			if (mpop->size > 1 && gen && (gen % exch_gen) == 0) {
				exchange_subpopulations(mpop);
				oprintf( OUT_SYS, 10, "    subpopulation exchange complete.\n");
			}

			/* breed the new population. */
			event_mark(&start);
			for (i = 0; i < mpop->size; ++i)
				mpop->pop[i] = change_population(mpop->pop[i], mpop->bpt[i]);
			event_mark(&end);
			event_diff(&diff, &start, &end);

			/* call the application end-of-breeding callback. */
			app_end_of_breeding(gen, mpop);

#ifdef TIMING_AVAILABLE
			oprintf( OUT_SYS, 30, "    breeding complete.    (%s)\n",
					event_string(&diff));
#else
			oprintf ( OUT_SYS, 30, "    breeding complete.\n" );
#endif

			event_accum(t_breed, &diff);

		}

		/* free unused ERCs. */
		ephem_const_gc();

		flush_output_streams();

	}

	/** free up a lot of stuff before returning. */

	if (checkfilename)
		FREE(checkfilename);

	ephem_const_gc();

	for (i = 0; i < mpop->size + 1; ++i) {
		for (j = 0; j < run_stats[i].bestn; ++j)
			--run_stats[i].best[j]->refcount;
		FREE(run_stats[i].best);
	}
	FREE(run_stats);

	saved_individual_gc();
	FREE(saved_head);
}
Ejemplo n.º 15
0
int fg_iptablesrestore(struct filter *filter, int flags) {
  long feat = 0;
  int r = 0;
  struct fg_misc misc = {flags, &feat};
  fg_callback cb_iptablesrestore = {
    .rule = cb_iptablesrestore_rule,
    .group = cb_iptablesrestore_group,
  };
  const int nchains = 3;

  filter_unroll(&filter);

  if (!(flags & FF_NOSKEL)) {
    /* Add the nat table headers to the llist, to be
     * followed up by optional real rules
     */
    addnode("*nat");
    addnode(":PREROUTING ACCEPT [0:0]");
    addnode(":POSTROUTING ACCEPT [0:0]");
    addnode(":OUTPUT ACCEPT [0:0]");
    /* No COMMIT, that is done after rule output */

    oputs("*filter");
    oputs(":FORW_OUT - [0:0]");
    oputs(":INPUT DROP [0:0]");
    oputs(":FORWARD DROP [0:0]");
    oputs(":INVALID - [0:0]");
    oputs(":OUTPUT DROP [0:0]");

#if 0
	oputs("-A INVALID -j LOG --log-prefix \"invalid \"");
#endif
    oputs("-A INVALID -j DROP");
    oputs("-A INPUT -m state --state INVALID -j INVALID");
    oputs("-A OUTPUT -m state --state INVALID -j INVALID");
    oputs("-A FORWARD -m state --state INVALID -j INVALID");
    r += nchains;
  }
  if ((r = filtergen_cprod(filter, &cb_iptablesrestore, &misc)) < 0)
    return r;
  if (!(flags & FF_NOSKEL)) {
    if ((flags & FF_LSTATE) && (feat & (A_TCP | A_UDP))) {
      if (feat & A_TCP) {
        r += nchains;
        oputs("-I INPUT -p tcp ! --syn -m state --state ESTABLISHED -j ACCEPT");
        oputs(
            "-I OUTPUT -p tcp ! --syn -m state --state ESTABLISHED -j ACCEPT");
        oputs(
            "-I FORWARD -p tcp ! --syn -m state --state ESTABLISHED -j ACCEPT");
      }
      if (feat & A_UDP) {
        r += nchains;
        oputs("-I INPUT -p udp -m state --state ESTABLISHED -j ACCEPT");
        oputs("-I OUTPUT -p udp -m state --state ESTABLISHED -j ACCEPT");
        oputs("-I FORWARD -p udp -m state --state ESTABLISHED -j ACCEPT");
      }
    }
#if 0
	oputs("-A INPUT -j LOG");
	oputs("-A OUTPUT -j LOG");
	oputs("-A FORWARD -j LOG");
	r += nchains;
#endif
  }
  oputs("COMMIT");

  /* Dump contents of the llist which contains the NAT tabl rules */
  for (curr = head; curr != NULL; curr = curr->next)
    oputs(curr->data);

  oputs("COMMIT");
  freelist();

  return r;
}