Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / refs/tags/FP3-REL-Q-3.A.0107 / . / net / ipv4 / netfilter / arpt_mangle.c
blob: a5e52a9f0a124e3dd84c164cb5159f120b33071c [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/* module that allows mangling of the arp payload */
2#include <linux/module.h>
Herbert Xu2ca7b0a2007-10-14 00:39:55 -0700[diff] [blame]3#include <linux/netfilter.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]4#include <linux/netfilter_arp/arpt_mangle.h>
5#include <net/sock.h>
6
7MODULE_LICENSE("GPL");
8MODULE_AUTHOR("Bart De Schuymer <bdschuym@pandora.be>");
9MODULE_DESCRIPTION("arptables arp payload mangle target");
10
11static unsigned int
Jan Engelhardt4b560b42009-07-05 19:43:26 +0200[diff] [blame]12target(struct sk_buff *skb, const struct xt_action_param *par)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]13{
Jan Engelhardt7eb35582008-10-08 11:35:19 +0200[diff] [blame]14 const struct arpt_mangle *mangle = par->targinfo;
Jan Engelhardt5452e422008-04-14 11:15:35 +0200[diff] [blame]15 const struct arphdr *arp;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]16 unsigned char *arpptr;
17 int pln, hln;
18
Joonwoo Parkeb1197b2008-02-19 17:18:47 -0800[diff] [blame]19 if (!skb_make_writable(skb, skb->len))
Herbert Xu2ca7b0a2007-10-14 00:39:55 -0700[diff] [blame]20 return NF_DROP;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]21
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]22 arp = arp_hdr(skb);
23 arpptr = skb_network_header(skb) + sizeof(*arp);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]24 pln = arp->ar_pln;
25 hln = arp->ar_hln;
26 /* We assume that pln and hln were checked in the match */
27 if (mangle->flags & ARPT_MANGLE_SDEV) {
28 if (ARPT_DEV_ADDR_LEN_MAX < hln ||
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]29 (arpptr + hln > skb_tail_pointer(skb)))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]30 return NF_DROP;
31 memcpy(arpptr, mangle->src_devaddr, hln);
32 }
33 arpptr += hln;
34 if (mangle->flags & ARPT_MANGLE_SIP) {
35 if (ARPT_MANGLE_ADDR_LEN_MAX < pln ||
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]36 (arpptr + pln > skb_tail_pointer(skb)))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]37 return NF_DROP;
38 memcpy(arpptr, &mangle->u_s.src_ip, pln);
39 }
40 arpptr += pln;
41 if (mangle->flags & ARPT_MANGLE_TDEV) {
42 if (ARPT_DEV_ADDR_LEN_MAX < hln ||
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]43 (arpptr + hln > skb_tail_pointer(skb)))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]44 return NF_DROP;
45 memcpy(arpptr, mangle->tgt_devaddr, hln);
46 }
47 arpptr += hln;
48 if (mangle->flags & ARPT_MANGLE_TIP) {
49 if (ARPT_MANGLE_ADDR_LEN_MAX < pln ||
Herbert Xu3db05fe2007-10-15 00:53:15 -0700[diff] [blame]50 (arpptr + pln > skb_tail_pointer(skb)))
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]51 return NF_DROP;
52 memcpy(arpptr, &mangle->u_t.tgt_ip, pln);
53 }
54 return mangle->target;
55}
56
Jan Engelhardt135367b2010-03-19 17:16:42 +0100[diff] [blame]57static int checkentry(const struct xt_tgchk_param *par)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]58{
Jan Engelhardtaf5d6dc2008-10-08 11:35:19 +0200[diff] [blame]59 const struct arpt_mangle *mangle = par->targinfo;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]60
61 if (mangle->flags & ~ARPT_MANGLE_MASK ||
62 !(mangle->flags & ARPT_MANGLE_MASK))
Pablo Neira Ayuso9d0db8b2011-02-01 16:03:46 +0100[diff] [blame]63 return -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]64
65 if (mangle->target != NF_DROP && mangle->target != NF_ACCEPT &&
Jan Engelhardt243bf6e2010-10-13 16:28:00 +0200[diff] [blame]66 mangle->target != XT_CONTINUE)
Pablo Neira Ayuso9d0db8b2011-02-01 16:03:46 +0100[diff] [blame]67 return -EINVAL;
68 return 0;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]69}
70
Jan Engelhardt95eea852008-04-14 11:15:43 +0200[diff] [blame]71static struct xt_target arpt_mangle_reg __read_mostly = {
Patrick McHardyaa83c1a2006-03-20 18:01:28 -0800[diff] [blame]72 .name = "mangle",
Jan Engelhardtee999d82008-10-08 11:35:01 +0200[diff] [blame]73 .family = NFPROTO_ARP,
Patrick McHardyaa83c1a2006-03-20 18:01:28 -0800[diff] [blame]74 .target = target,
75 .targetsize = sizeof(struct arpt_mangle),
76 .checkentry = checkentry,
77 .me = THIS_MODULE,
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]78};
79
Andrew Morton65b4b4e2006-03-28 16:37:06 -0800[diff] [blame]80static int __init arpt_mangle_init(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]81{
Jan Engelhardt3bb03622008-04-14 11:15:44 +0200[diff] [blame]82 return xt_register_target(&arpt_mangle_reg);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]83}
84
Andrew Morton65b4b4e2006-03-28 16:37:06 -0800[diff] [blame]85static void __exit arpt_mangle_fini(void)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]86{
Jan Engelhardt3bb03622008-04-14 11:15:44 +0200[diff] [blame]87 xt_unregister_target(&arpt_mangle_reg);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]88}
89
Andrew Morton65b4b4e2006-03-28 16:37:06 -0800[diff] [blame]90module_init(arpt_mangle_init);
91module_exit(arpt_mangle_fini);