Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 0c3aded0b6d587b962be66b54bdc050d3b3cfdcb / . / extensions / libxt_udp.c
blob: 0c7a4bc221993140bb1fe7d7258727d4ab433881 [file] [log] [blame]
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]1#include <stdint.h>
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]2#include <stdio.h>
3#include <netdb.h>
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]4#include <arpa/inet.h>
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]5#include <xtables.h>
6#include <linux/netfilter/xt_tcpudp.h>
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]7
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]8enum {
9 O_SOURCE_PORT = 0,
10 O_DEST_PORT,
11};
12
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]13static void udp_help(void)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]14{
15 printf(
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]16"udp match options:\n"
Jan Engelhardt96727922008-08-13 14:42:41 +0200[diff] [blame]17"[!] --source-port port[:port]\n"
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]18" --sport ...\n"
19" match source port(s)\n"
Jan Engelhardt96727922008-08-13 14:42:41 +0200[diff] [blame]20"[!] --destination-port port[:port]\n"
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]21" --dport ...\n"
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]22" match destination port(s)\n");
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]23}
24
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]25#define s struct xt_udp
26static const struct xt_option_entry udp_opts[] = {
27 {.name = "source-port", .id = O_SOURCE_PORT, .type = XTTYPE_PORTRC,
28 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, spts)},
29 {.name = "sport", .id = O_SOURCE_PORT, .type = XTTYPE_PORTRC,
30 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, spts)},
31 {.name = "destination-port", .id = O_DEST_PORT, .type = XTTYPE_PORTRC,
32 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, dpts)},
33 {.name = "dport", .id = O_DEST_PORT, .type = XTTYPE_PORTRC,
34 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, dpts)},
35 XTOPT_TABLEEND,
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]36};
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]37#undef s
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]38
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]39static void udp_init(struct xt_entry_match *m)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]40{
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]41 struct xt_udp *udpinfo = (struct xt_udp *)m->data;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]42
43 udpinfo->spts[1] = udpinfo->dpts[1] = 0xFFFF;
44}
45
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]46static void udp_parse(struct xt_option_call *cb)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]47{
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]48 struct xt_udp *udpinfo = cb->data;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]49
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]50 xtables_option_parse(cb);
51 switch (cb->entry->id) {
52 case O_SOURCE_PORT:
53 if (cb->invert)
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]54 udpinfo->invflags |= XT_UDP_INV_SRCPT;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]55 break;
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]56 case O_DEST_PORT:
57 if (cb->invert)
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]58 udpinfo->invflags |= XT_UDP_INV_DSTPT;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]59 break;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]60 }
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]61}
62
Jan Engelhardtdd6e4b92011-05-07 00:05:24 +0200[diff] [blame]63static const char *
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]64port_to_service(int port)
65{
Jan Engelhardtdd6e4b92011-05-07 00:05:24 +0200[diff] [blame]66 const struct servent *service;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]67
68 if ((service = getservbyport(htons(port), "udp")))
69 return service->s_name;
70
71 return NULL;
72}
73
74static void
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]75print_port(uint16_t port, int numeric)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]76{
Jan Engelhardtdd6e4b92011-05-07 00:05:24 +0200[diff] [blame]77 const char *service;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]78
79 if (numeric || (service = port_to_service(port)) == NULL)
80 printf("%u", port);
81 else
82 printf("%s", service);
83}
84
85static void
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]86print_ports(const char *name, uint16_t min, uint16_t max,
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]87 int invert, int numeric)
88{
89 const char *inv = invert ? "!" : "";
90
91 if (min != 0 || max != 0xFFFF || invert) {
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]92 printf(" %s", name);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]93 if (min == max) {
94 printf(":%s", inv);
95 print_port(min, numeric);
96 } else {
97 printf("s:%s", inv);
98 print_port(min, numeric);
99 printf(":");
100 print_port(max, numeric);
101 }
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]102 }
103}
104
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]105static void
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]106udp_print(const void *ip, const struct xt_entry_match *match, int numeric)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]107{
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]108 const struct xt_udp *udp = (struct xt_udp *)match->data;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]109
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]110 printf(" udp");
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]111 print_ports("spt", udp->spts[0], udp->spts[1],
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]112 udp->invflags & XT_UDP_INV_SRCPT,
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]113 numeric);
114 print_ports("dpt", udp->dpts[0], udp->dpts[1],
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]115 udp->invflags & XT_UDP_INV_DSTPT,
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]116 numeric);
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]117 if (udp->invflags & ~XT_UDP_INV_MASK)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]118 printf(" Unknown invflags: 0x%X",
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]119 udp->invflags & ~XT_UDP_INV_MASK);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]120}
121
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]122static void udp_save(const void *ip, const struct xt_entry_match *match)
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]123{
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]124 const struct xt_udp *udpinfo = (struct xt_udp *)match->data;
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]125
126 if (udpinfo->spts[0] != 0
Rusty Russell73f72f52000-07-03 10:17:57 +0000[diff] [blame]127 || udpinfo->spts[1] != 0xFFFF) {
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]128 if (udpinfo->invflags & XT_UDP_INV_SRCPT)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]129 printf(" !");
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]130 if (udpinfo->spts[0]
131 != udpinfo->spts[1])
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]132 printf(" --sport %u:%u",
Marc Boucher9f2009c2000-04-07 17:30:28 +0000[diff] [blame]133 udpinfo->spts[0],
Marc Boucher2382c8c2000-04-07 17:32:49 +0000[diff] [blame]134 udpinfo->spts[1]);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]135 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]136 printf(" --sport %u",
Marc Boucher9f2009c2000-04-07 17:30:28 +0000[diff] [blame]137 udpinfo->spts[0]);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]138 }
139
140 if (udpinfo->dpts[0] != 0
Rusty Russell73f72f52000-07-03 10:17:57 +0000[diff] [blame]141 || udpinfo->dpts[1] != 0xFFFF) {
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]142 if (udpinfo->invflags & XT_UDP_INV_DSTPT)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]143 printf(" !");
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]144 if (udpinfo->dpts[0]
145 != udpinfo->dpts[1])
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]146 printf(" --dport %u:%u",
Marc Boucher9f2009c2000-04-07 17:30:28 +0000[diff] [blame]147 udpinfo->dpts[0],
148 udpinfo->dpts[1]);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]149 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]150 printf(" --dport %u",
Marc Boucher9f2009c2000-04-07 17:30:28 +0000[diff] [blame]151 udpinfo->dpts[0]);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]152 }
153}
154
Pablo Neira Ayuso7a0992d2016-07-24 12:45:53 +0200[diff] [blame]155static int udp_xlate(struct xt_xlate *xl,
156 const struct xt_xlate_mt_params *params)
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]157{
Pablo Neira Ayuso7a0992d2016-07-24 12:45:53 +0200[diff] [blame]158 const struct xt_udp *udpinfo = (struct xt_udp *)params->match->data;
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]159 char *space= "";
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]160
161 if (udpinfo->spts[0] != 0 || udpinfo->spts[1] != 0xFFFF) {
162 if (udpinfo->spts[0] != udpinfo->spts[1]) {
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]163 xt_xlate_add(xl,"udp sport %s%u-%u",
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]164 udpinfo->invflags & XT_UDP_INV_SRCPT ?
165 "!= ": "",
166 udpinfo->spts[0], udpinfo->spts[1]);
167 } else {
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]168 xt_xlate_add(xl, "udp sport %s%u",
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]169 udpinfo->invflags & XT_UDP_INV_SRCPT ?
170 "!= ": "",
171 udpinfo->spts[0]);
172 }
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]173 space = " ";
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]174 }
175
176 if (udpinfo->dpts[0] != 0 || udpinfo->dpts[1] != 0xFFFF) {
177 if (udpinfo->dpts[0] != udpinfo->dpts[1]) {
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]178 xt_xlate_add(xl,"%sudp dport %s%u-%u", space,
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]179 udpinfo->invflags & XT_UDP_INV_SRCPT ?
180 "!= ": "",
181 udpinfo->dpts[0], udpinfo->dpts[1]);
182 } else {
Pablo M. Bermudo Garayf035be32016-07-09 12:27:51 +0200[diff] [blame]183 xt_xlate_add(xl,"%sudp dport %s%u", space,
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]184 udpinfo->invflags & XT_UDP_INV_SRCPT ?
185 "!= ": "",
186 udpinfo->dpts[0]);
187 }
188 }
189
190 return 1;
191}
192
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]193static struct xtables_match udp_match = {
Jan Engelhardtc5e85732009-06-12 20:55:44 +0200[diff] [blame]194 .family = NFPROTO_UNSPEC,
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]195 .name = "udp",
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]196 .version = XTABLES_VERSION,
Yasuyuki KOZAKAI17908e42007-07-24 06:56:21 +0000[diff] [blame]197 .size = XT_ALIGN(sizeof(struct xt_udp)),
198 .userspacesize = XT_ALIGN(sizeof(struct xt_udp)),
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]199 .help = udp_help,
200 .init = udp_init,
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]201 .print = udp_print,
202 .save = udp_save,
Jan Engelhardt2e73af92011-04-19 15:44:48 +0200[diff] [blame]203 .x6_parse = udp_parse,
204 .x6_options = udp_opts,
Ana Rey04f569d2014-04-16 09:19:40 +0200[diff] [blame]205 .xlate = udp_xlate,
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]206};
207
208void
209_init(void)
210{
Jan Engelhardt181dead2007-10-04 16:27:07 +0000[diff] [blame]211 xtables_register_match(&udp_match);
Marc Bouchere6869a82000-03-20 06:03:29 +0000[diff] [blame]212}