WEB开发网
开发学院网络安全防火墙 iptables 源码分析 阅读

iptables 源码分析

 2007-03-07 12:42:27 来源:WEB开发网   
核心提示: 然后就进入核心处理模块:do_command(argc, argv, &table, &handle);do_command 函数是整个系统的核心,负责处理整个用户的输入命令,iptables 源码分析(2),函数首先对一些结构、变量进行初始化,初始化完毕后,设置相关的标志变量,然后根据相

然后就进入核心处理模块:

do_command(argc, argv, &table, &handle);

do_command 函数是整个系统的核心,负责处理整个用户的输入命令。函数首先对一些结构、变量进行初始化,初始化完毕后,进入while循环,分析用户输入的命令,设置相关的标志变量,然后根据相应标志,调用对应的处理函数。

  struct ipt_entry fw, *e = NULL;
  int invert = 0;
  unsigned int nsaddrs = 0, ndaddrs = 0;
  struct in_addr *saddrs = NULL, *daddrs = NULL;
  int c, verbose = 0;
  const char *chain = NULL;
  const char *shostnetworkmask = NULL, *dhostnetworkmask = NULL;
  const char *policy = NULL, *newname = NULL;
  unsigned int rulenum = 0, options = 0, command = 0;
  const char *pcnt = NULL, *bcnt = NULL;
  int ret = 1;
  struct iptables_match *m;
  struct iptables_target *target = NULL;
  struct iptables_target *t;
  const char *jumpto = "";
  char *protocol = NULL;
  const char *modprobe = NULL;
  /*初始化变量*/
  memset(&fw, 0, sizeof(fw));
  opts = original_opts;
  global_option_offset = 0;
  /* re-set optind to 0 in case do_command gets called
  * a second time */
  optind = 0;
  /*初始化两个全局变量*/
  /* clear mflags in case do_command gets called a second time
  * (we clear the global list of all matches for security)*/
  for (m = iptables_matches; m; m = m->next) {
  m->mflags = 0;
  m->used = 0;
  }
  for (t = iptables_targets; t; t = t->next) {
  t->tflags = 0;
  t->used = 0;
  }

上一页  1 2 3 4 5 6 7  下一页

Tags:iptables 源码 分析

编辑录入:爽爽 [复制链接] [打 印]
赞助商链接