diff --git a/src/iptables.c b/src/iptables.c
index 6f1030fb374549c04983ced5a65aae51db2aa9e5..aa53074a641aae4acf9b8d98e0f6907591f04904 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
#include <sys/socket.h>
#if OWN_LIBIPTC
-# include "libiptc/libiptc.h"
-# include "libiptc/libip6tc.h"
-#else
+# include "owniptc/libiptc.h"
+# include "owniptc/libip6tc.h"
+
+# define HAVE_IPTC_HANDLE_T 1
+# define HAVE_IP6TC_HANDLE_T 1
+
+#else /* if !OWN_LIBIPTC */
# include <libiptc/libiptc.h>
# include <libiptc/libip6tc.h>
-#endif
+
+/*
+ * iptc_handle_t was available before libiptc was officially available as a
+ * shared library. Note, that when the shared lib was introduced, the API and
+ * ABI have changed slightly:
+ * 'iptc_handle_t' used to be 'struct iptc_handle *' and most functions used
+ * 'iptc_handle_t *' as an argument. Now, most functions use 'struct
+ * iptc_handle *' (thus removing one level of pointer indirection).
+ *
+ * HAVE_IPTC_HANDLE_T is used to determine which API ought to be used. While
+ * this is somewhat hacky, I didn't find better way to solve that :-/
+ * -tokkee
+ */
+# ifndef HAVE_IPTC_HANDLE_T
+typedef struct iptc_handle iptc_handle_t;
+# endif
+# ifndef HAVE_IP6TC_HANDLE_T
+typedef struct ip6tc_handle ip6tc_handle_t;
+# endif
+#endif /* !OWN_LIBIPTC */
/*
* (Module-)Global variables
if ( chain->ip_version == IPV4 )
{
- iptc_handle_t handle;
+#ifdef HAVE_IPTC_HANDLE_T
+ iptc_handle_t _handle;
+ iptc_handle_t *handle = &_handle;
+
+ *handle = iptc_init (chain->table);
+#else
+ iptc_handle_t *handle;
handle = iptc_init (chain->table);
+#endif
if (!handle)
{
continue;
}
- submit_chain (&handle, chain);
- iptc_free (&handle);
+ submit_chain (handle, chain);
+ iptc_free (handle);
}
else if ( chain->ip_version == IPV6 )
{
- ip6tc_handle_t handle;
+#ifdef HAVE_IP6TC_HANDLE_T
+ ip6tc_handle_t _handle;
+ ip6tc_handle_t *handle = &_handle;
+
+ *handle = ip6tc_init (chain->table);
+#else
+ ip6tc_handle_t *handle;
handle = ip6tc_init (chain->table);
+#endif
if (!handle)
{
continue;
}
- submit6_chain (&handle, chain);
- ip6tc_free (&handle);
+ submit6_chain (handle, chain);
+ ip6tc_free (handle);
}
else num_failures++;