diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-02 18:53:29 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-02 18:53:29 +0200 |
| commit | 201677bb8b384306e09a84c90b7f18fbc879d626 (patch) | |
| tree | 5cc38d970fac454b56d2c4e200afcffb19526591 /plugin/firewall/iptables | |
| parent | 2754156ff156fbb200ce2b36444e2f315f42583c (diff) | |
| download | eurephia-201677bb8b384306e09a84c90b7f18fbc879d626.tar.gz eurephia-201677bb8b384306e09a84c90b7f18fbc879d626.tar.xz eurephia-201677bb8b384306e09a84c90b7f18fbc879d626.zip | |
Added doxygen comments
Diffstat (limited to 'plugin/firewall/iptables')
| -rw-r--r-- | plugin/firewall/iptables/efw-iptables.c | 50 |
1 files changed, 49 insertions, 1 deletions
diff --git a/plugin/firewall/iptables/efw-iptables.c b/plugin/firewall/iptables/efw-iptables.c index ea82e04..b686ca9 100644 --- a/plugin/firewall/iptables/efw-iptables.c +++ b/plugin/firewall/iptables/efw-iptables.c @@ -19,6 +19,16 @@ * */ +/** + * @file efw-iptables.c + * @author David Sommerseth <dazo@users.sourceforge.net> + * @date 2008-08-10 + * + * @brief Firewall driver for iptables. Understands how to update iptables, in other words. + * + */ + + #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -37,11 +47,21 @@ #define INTERFACEVER "1.0" #define INTERFACEAPIVER 1 - +/** + * Mandatory function, contains driver information. + * + * @return Retuns a static string, containing the version information. + */ const char *eFWinterfaceVersion() { return "eFW-iptables (v"INTERFACEVER") David Sommerseth 2008 (C) GPLv2"; } + +/** + * Mandatory function, contains driver information. + * + * @return Retuns an integer which correponds to the API level this driver corresponds to. + */ int eFWinterfaceAPIversion() { return INTERFACEAPIVER; } @@ -50,6 +70,12 @@ int eFWinterfaceAPIversion() { int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *msg); int call_iptables(eurephiaCTX *ctx, const char *fwcmd, char **ipt_args); + +/** + * The main routine of the firewall interface. This loops until it gets a shutdown message. + * + * @param fwargs efw_threaddata pointer, with needed information to communicate with the openvpn process. + */ void eFW_RunFirewall(void *fwargs) { efw_threaddata *cfg = (efw_threaddata *) fwargs; eurephiaCTX *ctx = (eurephiaCTX *) cfg->ctx; @@ -124,6 +150,16 @@ void eFW_RunFirewall(void *fwargs) { } +/** + * Internal function. Processes firewall update messages recieved via POSIX MQ. + * + * @param ctx eurephiaCTX - This is just a shadow context, to make logging possible + * @param fwcmd The command to be executed, can be 'A'-add, 'D'-delete, 'F'-flush, 'B'-blacklist, 'I'-init + * @param input Contains a string with information for the command. Format varies with command mode. + * + * @return Returns 1 on success, otherwise 0. If 0 is sent, it means the firewall process should shut down, + * and it should only be used in very critical situations. + */ int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *input) { char mode[3], *addr = NULL, *destchain = NULL, *jump = NULL; char *msg = NULL, *orig_msg = NULL; @@ -271,6 +307,18 @@ int process_input(eurephiaCTX *ctx, const char *fwcmd, const char *input) { return ret; } + +/** + * This function does the actual iptables call. It will fork out a process and do the + * assigned iptables command. + * + * @param ctx eurephiaCTX - shadow context, only with pointers to log files. + * @param fwcmd String containing full filename to the binary to execute + * @param ipt_args The iptables arguments + * + * @return Returns 1 on success, otherwise 0. When 0 is returned, the complete firewall process will be + * shut down. + */ int call_iptables(eurephiaCTX *ctx, const char *fwcmd, char **ipt_args) { pid_t pid; int cmdret = -1; |