| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | /* |
| 2 | * IPv6 raw table, a port of the IPv4 raw table to IPv6 |
| 3 | * |
| 4 | * Copyright (C) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> |
| 5 | */ |
| 6 | #include <linux/module.h> |
| 7 | #include <linux/netfilter_ipv6/ip6_tables.h> |
| 8 | |
| 9 | #define RAW_VALID_HOOKS ((1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_OUT)) |
| 10 | |
| 11 | #if 0 |
| 12 | #define DEBUGP(x, args...) printk(KERN_DEBUG x, ## args) |
| 13 | #else |
| 14 | #define DEBUGP(x, args...) |
| 15 | #endif |
| 16 | |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 17 | static struct |
| 18 | { |
| 19 | struct ip6t_replace repl; |
| 20 | struct ip6t_standard entries[2]; |
| 21 | struct ip6t_error term; |
| 22 | } initial_table __initdata = { |
| 23 | .repl = { |
| 24 | .name = "raw", |
| 25 | .valid_hooks = RAW_VALID_HOOKS, |
| 26 | .num_entries = 3, |
| 27 | .size = sizeof(struct ip6t_standard) * 2 + sizeof(struct ip6t_error), |
| 28 | .hook_entry = { |
| 29 | [NF_IP6_PRE_ROUTING] = 0, |
| 30 | [NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard) |
| 31 | }, |
| 32 | .underflow = { |
| 33 | [NF_IP6_PRE_ROUTING] = 0, |
| 34 | [NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard) |
| 35 | }, |
| 36 | }, |
| 37 | .entries = { |
| Patrick McHardy | 3c2ad46 | 2007-05-10 14:14:16 -0700 | [diff] [blame^] | 38 | IP6T_STANDARD_INIT(NF_ACCEPT), /* PRE_ROUTING */ |
| 39 | IP6T_STANDARD_INIT(NF_ACCEPT), /* LOCAL_OUT */ |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 40 | }, |
| Patrick McHardy | 3c2ad46 | 2007-05-10 14:14:16 -0700 | [diff] [blame^] | 41 | .term = IP6T_ERROR_INIT, /* ERROR */ |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 42 | }; |
| 43 | |
| YOSHIFUJI Hideaki | 1ab1457 | 2007-02-09 23:24:49 +0900 | [diff] [blame] | 44 | static struct xt_table packet_raw = { |
| 45 | .name = "raw", |
| 46 | .valid_hooks = RAW_VALID_HOOKS, |
| 47 | .lock = RW_LOCK_UNLOCKED, |
| Harald Welte | 2e4e6a1 | 2006-01-12 13:30:04 -0800 | [diff] [blame] | 48 | .me = THIS_MODULE, |
| 49 | .af = AF_INET6, |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 50 | }; |
| 51 | |
| 52 | /* The work comes in here from netfilter.c. */ |
| 53 | static unsigned int |
| 54 | ip6t_hook(unsigned int hook, |
| 55 | struct sk_buff **pskb, |
| 56 | const struct net_device *in, |
| 57 | const struct net_device *out, |
| 58 | int (*okfn)(struct sk_buff *)) |
| 59 | { |
| Patrick McHardy | fe1cb10 | 2006-08-22 00:35:47 -0700 | [diff] [blame] | 60 | return ip6t_do_table(pskb, hook, in, out, &packet_raw); |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 61 | } |
| 62 | |
| YOSHIFUJI Hideaki | 1ab1457 | 2007-02-09 23:24:49 +0900 | [diff] [blame] | 63 | static struct nf_hook_ops ip6t_ops[] = { |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 64 | { |
| YOSHIFUJI Hideaki | 1ab1457 | 2007-02-09 23:24:49 +0900 | [diff] [blame] | 65 | .hook = ip6t_hook, |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 66 | .pf = PF_INET6, |
| 67 | .hooknum = NF_IP6_PRE_ROUTING, |
| Patrick McHardy | 97216c7 | 2005-06-21 14:03:01 -0700 | [diff] [blame] | 68 | .priority = NF_IP6_PRI_FIRST, |
| 69 | .owner = THIS_MODULE, |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 70 | }, |
| 71 | { |
| YOSHIFUJI Hideaki | 1ab1457 | 2007-02-09 23:24:49 +0900 | [diff] [blame] | 72 | .hook = ip6t_hook, |
| 73 | .pf = PF_INET6, |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 74 | .hooknum = NF_IP6_LOCAL_OUT, |
| Patrick McHardy | 97216c7 | 2005-06-21 14:03:01 -0700 | [diff] [blame] | 75 | .priority = NF_IP6_PRI_FIRST, |
| 76 | .owner = THIS_MODULE, |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 77 | }, |
| 78 | }; |
| 79 | |
| Andrew Morton | 65b4b4e | 2006-03-28 16:37:06 -0800 | [diff] [blame] | 80 | static int __init ip6table_raw_init(void) |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 81 | { |
| 82 | int ret; |
| 83 | |
| 84 | /* Register table */ |
| 85 | ret = ip6t_register_table(&packet_raw, &initial_table.repl); |
| 86 | if (ret < 0) |
| 87 | return ret; |
| 88 | |
| 89 | /* Register hooks */ |
| Patrick McHardy | 964ddaa | 2006-04-06 14:09:49 -0700 | [diff] [blame] | 90 | ret = nf_register_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops)); |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 91 | if (ret < 0) |
| 92 | goto cleanup_table; |
| 93 | |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 94 | return ret; |
| 95 | |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 96 | cleanup_table: |
| 97 | ip6t_unregister_table(&packet_raw); |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 98 | return ret; |
| 99 | } |
| 100 | |
| Andrew Morton | 65b4b4e | 2006-03-28 16:37:06 -0800 | [diff] [blame] | 101 | static void __exit ip6table_raw_fini(void) |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 102 | { |
| Patrick McHardy | 964ddaa | 2006-04-06 14:09:49 -0700 | [diff] [blame] | 103 | nf_unregister_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops)); |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 104 | ip6t_unregister_table(&packet_raw); |
| 105 | } |
| 106 | |
| Andrew Morton | 65b4b4e | 2006-03-28 16:37:06 -0800 | [diff] [blame] | 107 | module_init(ip6table_raw_init); |
| 108 | module_exit(ip6table_raw_fini); |
| Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 109 | MODULE_LICENSE("GPL"); |