Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 1e01b0b82f70b0b11dcfbced485dbe7aeac4fb8c / . / extensions / libxt_CONNMARK.c
blob: e426e4f1fa2d12ae6afdd034dcbd42c49d00436c [file] [log] [blame]
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]1/* Shared library add-on to iptables to add CONNMARK target support.
2 *
3 * (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
4 * by Henrik Nordstrom <hno@marasystems.com>
5 *
6 * Version 1.1
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]22#include <stdio.h>
23#include <string.h>
24#include <stdlib.h>
25#include <getopt.h>
26
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]27#include <xtables.h>
28#include <linux/netfilter/x_tables.h>
29#include <linux/netfilter/xt_CONNMARK.h>
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]30
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]31enum {
32 F_MARK = 1 << 0,
33 F_SR_MARK = 1 << 1,
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]34};
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]35
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]36static void CONNMARK_help(void)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]37{
38 printf(
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]39"CONNMARK target options:\n"
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]40" --set-mark value[/mask] Set conntrack mark value\n"
41" --save-mark [--mask mask] Save the packet nfmark in the connection\n"
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]42" --restore-mark [--mask mask] Restore saved nfmark value\n");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]43}
44
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]45static const struct option CONNMARK_opts[] = {
Patrick McHardy500f4832007-09-08 15:59:04 +0000[diff] [blame]46 { "set-mark", 1, NULL, '1' },
47 { "save-mark", 0, NULL, '2' },
48 { "restore-mark", 0, NULL, '3' },
49 { "mask", 1, NULL, '4' },
Max Kellermann9ee386a2008-01-29 13:48:05 +0000[diff] [blame]50 { .name = NULL }
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]51};
52
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]53static const struct option connmark_tg_opts[] = {
54 {.name = "set-xmark", .has_arg = true, .val = '='},
55 {.name = "set-mark", .has_arg = true, .val = '-'},
56 {.name = "and-mark", .has_arg = true, .val = '&'},
57 {.name = "or-mark", .has_arg = true, .val = '|'},
58 {.name = "xor-mark", .has_arg = true, .val = '^'},
59 {.name = "save-mark", .has_arg = false, .val = 'S'},
60 {.name = "restore-mark", .has_arg = false, .val = 'R'},
61 {.name = "ctmask", .has_arg = true, .val = 'c'},
62 {.name = "nfmask", .has_arg = true, .val = 'n'},
63 {.name = "mask", .has_arg = true, .val = 'm'},
Max Kellermann9ee386a2008-01-29 13:48:05 +0000[diff] [blame]64 {.name = NULL},
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]65};
66
67static void connmark_tg_help(void)
68{
69 printf(
70"CONNMARK target options:\n"
71" --set-xmark value[/ctmask] Zero mask bits and XOR ctmark with value\n"
72" --save-mark [--ctmask mask] [--nfmask mask]\n"
73" Copy ctmark to nfmark using masks\n"
74" --restore-mark [--ctmask mask] [--nfmask mask]\n"
75" Copy nfmark to ctmark using masks\n"
76" --set-mark value[/mask] Set conntrack mark value\n"
77" --save-mark [--mask mask] Save the packet nfmark in the connection\n"
78" --restore-mark [--mask mask] Restore saved nfmark value\n"
79" --and-mark value Binary AND the ctmark with bits\n"
80" --or-mark value Binary OR the ctmark with bits\n"
81" --xor-mark value Binary XOR the ctmark with bits\n"
82);
83}
84
85static void connmark_tg_init(struct xt_entry_target *target)
86{
87 struct xt_connmark_tginfo1 *info = (void *)target->data;
88
89 /*
90 * Need these defaults for --save-mark/--restore-mark if no
91 * --ctmark or --nfmask is given.
92 */
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]93 info->ctmask = UINT32_MAX;
94 info->nfmask = UINT32_MAX;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]95}
96
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]97static int
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]98CONNMARK_parse(int c, char **argv, int invert, unsigned int *flags,
99 const void *entry, struct xt_entry_target **target)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]100{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]101 struct xt_connmark_target_info *markinfo
102 = (struct xt_connmark_target_info *)(*target)->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]103
104 switch (c) {
105 char *end;
106 case '1':
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]107 markinfo->mode = XT_CONNMARK_SET;
Deti Fliegl361bac22005-11-03 18:43:14 +0000[diff] [blame]108
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]109 markinfo->mark = strtoul(optarg, &end, 0);
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]110 if (*end == '/' && end[1] != '\0')
111 markinfo->mask = strtoul(end+1, &end, 0);
Deti Fliegl361bac22005-11-03 18:43:14 +0000[diff] [blame]112
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]113 if (*end != '\0' || end == optarg)
114 exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
115 if (*flags)
116 exit_error(PARAMETER_PROBLEM,
117 "CONNMARK target: Can't specify --set-mark twice");
118 *flags = 1;
119 break;
120 case '2':
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]121 markinfo->mode = XT_CONNMARK_SAVE;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]122 if (*flags)
123 exit_error(PARAMETER_PROBLEM,
124 "CONNMARK target: Can't specify --save-mark twice");
125 *flags = 1;
126 break;
127 case '3':
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]128 markinfo->mode = XT_CONNMARK_RESTORE;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]129 if (*flags)
130 exit_error(PARAMETER_PROBLEM,
131 "CONNMARK target: Can't specify --restore-mark twice");
132 *flags = 1;
133 break;
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]134 case '4':
135 if (!*flags)
136 exit_error(PARAMETER_PROBLEM,
137 "CONNMARK target: Can't specify --mask without a operation");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]138 markinfo->mask = strtoul(optarg, &end, 0);
Deti Fliegl361bac22005-11-03 18:43:14 +0000[diff] [blame]139
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]140 if (*end != '\0' || end == optarg)
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]141 exit_error(PARAMETER_PROBLEM, "Bad MASK value `%s'", optarg);
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]142 break;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]143 default:
144 return 0;
145 }
146
147 return 1;
148}
149
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]150static int connmark_tg_parse(int c, char **argv, int invert,
151 unsigned int *flags, const void *entry,
152 struct xt_entry_target **target)
153{
154 struct xt_connmark_tginfo1 *info = (void *)(*target)->data;
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]155 unsigned int value, mask = UINT32_MAX;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]156 char *end;
157
158 switch (c) {
159 case '=': /* --set-xmark */
160 case '-': /* --set-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]161 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]162 if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]163 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]164 if (*end == '/')
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]165 if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]166 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]167 if (*end != '\0')
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]168 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]169 info->mode = XT_CONNMARK_SET;
170 info->ctmark = value;
171 info->ctmask = mask;
172 if (c == '-')
173 info->ctmask |= value;
174 *flags |= F_MARK;
175 return true;
176
177 case '&': /* --and-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]178 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]179 if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]180 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--and-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]181 info->mode = XT_CONNMARK_SET;
182 info->ctmark = 0;
183 info->ctmask = ~mask;
184 *flags |= F_MARK;
185 return true;
186
187 case '|': /* --or-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]188 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]189 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]190 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--or-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]191 info->mode = XT_CONNMARK_SET;
192 info->ctmark = value;
193 info->ctmask = value;
194 *flags |= F_MARK;
195 return true;
196
197 case '^': /* --xor-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]198 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]199 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]200 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--xor-mark", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]201 info->mode = XT_CONNMARK_SET;
202 info->ctmark = value;
203 info->ctmask = 0;
204 *flags |= F_MARK;
205 return true;
206
207 case 'S': /* --save-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]208 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]209 info->mode = XT_CONNMARK_SAVE;
210 *flags |= F_MARK | F_SR_MARK;
211 return true;
212
213 case 'R': /* --restore-mark */
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]214 xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]215 info->mode = XT_CONNMARK_RESTORE;
216 *flags |= F_MARK | F_SR_MARK;
217 return true;
218
219 case 'n': /* --nfmask */
220 if (!(*flags & F_SR_MARK))
221 exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
222 "or --restore-mark is required for "
223 "--nfmask");
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]224 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]225 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--nfmask", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]226 info->nfmask = value;
227 return true;
228
229 case 'c': /* --ctmask */
230 if (!(*flags & F_SR_MARK))
231 exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
232 "or --restore-mark is required for "
233 "--ctmask");
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]234 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]235 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--ctmask", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]236 info->ctmask = value;
237 return true;
238
239 case 'm': /* --mask */
240 if (!(*flags & F_SR_MARK))
241 exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
242 "or --restore-mark is required for "
243 "--mask");
Jan Engelhardt5f2922c2009-01-27 18:43:01 +0100[diff] [blame]244 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
Jan Engelhardta41545c2009-01-27 21:27:19 +0100[diff] [blame]245 xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--mask", optarg);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]246 info->nfmask = info->ctmask = value;
247 return true;
248 }
249
250 return false;
251}
252
253static void connmark_tg_check(unsigned int flags)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]254{
255 if (!flags)
256 exit_error(PARAMETER_PROBLEM,
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]257 "CONNMARK target: No operation specified");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]258}
259
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]260static void
261print_mark(unsigned long mark)
262{
263 printf("0x%lx", mark);
264}
265
266static void
267print_mask(const char *text, unsigned long mask)
268{
Deti Fliegl361bac22005-11-03 18:43:14 +0000[diff] [blame]269 if (mask != 0xffffffffUL)
Tom Eastepf3aa4912005-06-11 16:17:45 +0000[diff] [blame]270 printf("%s0x%lx", text, mask);
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]271}
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]272
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]273static void CONNMARK_print(const void *ip,
274 const struct xt_entry_target *target, int numeric)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]275{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]276 const struct xt_connmark_target_info *markinfo =
277 (const struct xt_connmark_target_info *)target->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]278 switch (markinfo->mode) {
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]279 case XT_CONNMARK_SET:
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]280 printf("CONNMARK set ");
281 print_mark(markinfo->mark);
282 print_mask("/", markinfo->mask);
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]283 printf(" ");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]284 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]285 case XT_CONNMARK_SAVE:
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]286 printf("CONNMARK save ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]287 print_mask("mask ", markinfo->mask);
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]288 printf(" ");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]289 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]290 case XT_CONNMARK_RESTORE:
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]291 printf("CONNMARK restore ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]292 print_mask("mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]293 break;
294 default:
295 printf("ERROR: UNKNOWN CONNMARK MODE ");
296 break;
297 }
298}
299
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]300static void
301connmark_tg_print(const void *ip, const struct xt_entry_target *target,
302 int numeric)
303{
304 const struct xt_connmark_tginfo1 *info = (const void *)target->data;
305
306 switch (info->mode) {
307 case XT_CONNMARK_SET:
308 if (info->ctmark == 0)
309 printf("CONNMARK and 0x%x ",
310 (unsigned int)(u_int32_t)~info->ctmask);
311 else if (info->ctmark == info->ctmask)
312 printf("CONNMARK or 0x%x ", info->ctmark);
313 else if (info->ctmask == 0)
314 printf("CONNMARK xor 0x%x ", info->ctmark);
315 else
316 printf("CONNMARK xset 0x%x/0x%x ",
317 info->ctmark, info->ctmask);
318 break;
319 case XT_CONNMARK_SAVE:
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]320 if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]321 printf("CONNMARK save ");
322 else if (info->nfmask == info->ctmask)
323 printf("CONNMARK save mask 0x%x ", info->nfmask);
324 else
325 printf("CONNMARK save nfmask 0x%x ctmask ~0x%x ",
326 info->nfmask, info->ctmask);
327 break;
328 case XT_CONNMARK_RESTORE:
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]329 if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX)
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]330 printf("CONNMARK restore ");
331 else if (info->ctmask == info->nfmask)
332 printf("CONNMARK restore mask 0x%x ", info->ctmask);
333 else
334 printf("CONNMARK restore ctmask 0x%x nfmask ~0x%x ",
335 info->ctmask, info->nfmask);
336 break;
337
338 default:
339 printf("ERROR: UNKNOWN CONNMARK MODE");
340 break;
341 }
342}
343
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]344static void CONNMARK_save(const void *ip, const struct xt_entry_target *target)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]345{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]346 const struct xt_connmark_target_info *markinfo =
347 (const struct xt_connmark_target_info *)target->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]348
349 switch (markinfo->mode) {
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]350 case XT_CONNMARK_SET:
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]351 printf("--set-mark ");
352 print_mark(markinfo->mark);
353 print_mask("/", markinfo->mask);
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]354 printf(" ");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]355 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]356 case XT_CONNMARK_SAVE:
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]357 printf("--save-mark ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]358 print_mask("--mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]359 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]360 case XT_CONNMARK_RESTORE:
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]361 printf("--restore-mark ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]362 print_mask("--mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]363 break;
364 default:
365 printf("ERROR: UNKNOWN CONNMARK MODE ");
366 break;
367 }
368}
369
Peter Warasin2c3ce6a2008-01-15 15:46:35 +0000[diff] [blame]370static void CONNMARK_init(struct xt_entry_target *t)
371{
372 struct xt_connmark_target_info *markinfo
373 = (struct xt_connmark_target_info *)t->data;
374
375 markinfo->mask = 0xffffffffUL;
376}
377
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]378static void
379connmark_tg_save(const void *ip, const struct xt_entry_target *target)
380{
381 const struct xt_connmark_tginfo1 *info = (const void *)target->data;
382
383 switch (info->mode) {
384 case XT_CONNMARK_SET:
385 printf("--set-xmark 0x%x/0x%x ", info->ctmark, info->ctmask);
386 break;
387 case XT_CONNMARK_SAVE:
388 printf("--save-mark --nfmask 0x%x --ctmask 0x%x ",
389 info->nfmask, info->ctmask);
390 break;
391 case XT_CONNMARK_RESTORE:
392 printf("--restore-mark --nfmask 0x%x --ctmask 0x%x ",
393 info->nfmask, info->ctmask);
394 break;
395 default:
396 printf("ERROR: UNKNOWN CONNMARK MODE");
397 break;
398 }
399}
400
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]401static struct xtables_target connmark_target = {
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]402 .family = NFPROTO_IPV4,
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]403 .name = "CONNMARK",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]404 .revision = 0,
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]405 .version = XTABLES_VERSION,
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]406 .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
407 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]408 .help = CONNMARK_help,
Peter Warasin2c3ce6a2008-01-15 15:46:35 +0000[diff] [blame]409 .init = CONNMARK_init,
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]410 .parse = CONNMARK_parse,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]411 .final_check = connmark_tg_check,
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]412 .print = CONNMARK_print,
413 .save = CONNMARK_save,
414 .extra_opts = CONNMARK_opts,
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]415};
416
417static struct xtables_target connmark_target6 = {
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]418 .family = NFPROTO_IPV6,
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]419 .name = "CONNMARK",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]420 .revision = 0,
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]421 .version = XTABLES_VERSION,
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]422 .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
423 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]424 .help = CONNMARK_help,
Peter Warasin2c3ce6a2008-01-15 15:46:35 +0000[diff] [blame]425 .init = CONNMARK_init,
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]426 .parse = CONNMARK_parse,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]427 .final_check = connmark_tg_check,
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]428 .print = CONNMARK_print,
429 .save = CONNMARK_save,
430 .extra_opts = CONNMARK_opts,
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]431};
432
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]433static struct xtables_target connmark_tg_reg = {
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]434 .version = XTABLES_VERSION,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]435 .name = "CONNMARK",
436 .revision = 1,
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]437 .family = NFPROTO_IPV4,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]438 .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
439 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
440 .help = connmark_tg_help,
441 .init = connmark_tg_init,
442 .parse = connmark_tg_parse,
443 .final_check = connmark_tg_check,
444 .print = connmark_tg_print,
445 .save = connmark_tg_save,
446 .extra_opts = connmark_tg_opts,
447};
448
449static struct xtables_target connmark_tg6_reg = {
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]450 .version = XTABLES_VERSION,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]451 .name = "CONNMARK",
452 .revision = 1,
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]453 .family = NFPROTO_IPV6,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]454 .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
455 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
456 .help = connmark_tg_help,
457 .init = connmark_tg_init,
458 .parse = connmark_tg_parse,
459 .final_check = connmark_tg_check,
460 .print = connmark_tg_print,
461 .save = connmark_tg_save,
462 .extra_opts = connmark_tg_opts,
463};
464
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]465void _init(void)
466{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]467 xtables_register_target(&connmark_target);
468 xtables_register_target(&connmark_target6);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]469 xtables_register_target(&connmark_tg_reg);
470 xtables_register_target(&connmark_tg6_reg);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]471}