Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / 7defa34947c015cf8f8ea40dd29be5cedc9e73cd / . / extensions / libipt_ttl.c
blob: 523c8550071bdf400e450a5346b60c63f5443ef7 [file] [log] [blame]
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]1/* Shared library add-on to iptables to add TTL matching support
2 * (C) 2000 by Harald Welte <laforge@gnumonks.org>
3 *
Phil Oester7defa342004-08-23 20:45:17 +0000[diff] [blame^]4 * $Id: libipt_ttl.c,v 1.6 2002/05/29 13:08:16 laforge Exp $
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]5 *
6 * This program is released under the terms of GNU GPL */
7
8#include <stdio.h>
9#include <stdlib.h>
10#include <string.h>
11#include <getopt.h>
12#include <iptables.h>
13
14#include <linux/netfilter_ipv4/ip_tables.h>
15#include <linux/netfilter_ipv4/ipt_ttl.h>
16
17static void help(void)
18{
19 printf(
20"TTL match v%s options:\n"
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]21" --ttl-eq value Match time to live value\n"
22" --ttl-lt value Match TTL < value\n"
23" --ttl-gt value Match TTL > value\n"
Harald Welte80fe35d2002-05-29 13:08:15 +0000[diff] [blame]24, IPTABLES_VERSION);
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]25}
26
27static void init(struct ipt_entry_match *m, unsigned int *nfcache)
28{
29 /* caching not yet implemented */
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]30 *nfcache |= NFC_UNKNOWN;
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]31}
32
33static int parse(int c, char **argv, int invert, unsigned int *flags,
34 const struct ipt_entry *entry, unsigned int *nfcache,
35 struct ipt_entry_match **match)
36{
37 struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
38 u_int8_t value;
39
Harald Welteb77f1da2002-03-14 11:35:58 +0000[diff] [blame]40 check_inverse(optarg, &invert, &optind, 0);
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]41 value = atoi(argv[optind-1]);
42
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]43 if (!optarg)
44 exit_error(PARAMETER_PROBLEM,
45 "ttl: You must specify a value");
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]46 switch (c) {
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]47 case '2':
48 if (invert)
49 info->mode = IPT_TTL_NE;
50 else
51 info->mode = IPT_TTL_EQ;
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]52
53 /* is 0 allowed? */
54 info->ttl = value;
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]55 break;
56 case '3':
57 if (invert)
58 exit_error(PARAMETER_PROBLEM,
59 "ttl: unexpected `!'");
60
61 info->mode = IPT_TTL_LT;
62 info->ttl = value;
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]63 break;
64 case '4':
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]65 if (invert)
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]66 exit_error(PARAMETER_PROBLEM,
67 "ttl: unexpected `!'");
68
69 info->mode = IPT_TTL_GT;
70 info->ttl = value;
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]71 break;
72 default:
73 return 0;
74
75 }
76
Phil Oester7defa342004-08-23 20:45:17 +0000[diff] [blame^]77 if (*flags)
78 exit_error(PARAMETER_PROBLEM,
79 "Can't specify TTL option twice");
80 *flags = 1;
81
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]82 return 1;
83}
84
85static void final_check(unsigned int flags)
86{
87 if (!flags)
88 exit_error(PARAMETER_PROBLEM,
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]89 "TTL match: You must specify one of "
90 "`--ttl-eq', `--ttl-lt', `--ttl-gt");
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]91}
92
93static void print(const struct ipt_ip *ip,
94 const struct ipt_entry_match *match,
95 int numeric)
96{
97 const struct ipt_ttl_info *info =
98 (struct ipt_ttl_info *) match->data;
99
100 printf("TTL match ");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]101 switch (info->mode) {
102 case IPT_TTL_EQ:
103 printf("TTL == ");
104 break;
105 case IPT_TTL_NE:
106 printf("TTL != ");
107 break;
108 case IPT_TTL_LT:
109 printf("TTL < ");
110 break;
111 case IPT_TTL_GT:
112 printf("TTL > ");
113 break;
114 }
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]115 printf("%u ", info->ttl);
116}
117
118static void save(const struct ipt_ip *ip,
119 const struct ipt_entry_match *match)
120{
121 const struct ipt_ttl_info *info =
122 (struct ipt_ttl_info *) match->data;
123
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]124 switch (info->mode) {
125 case IPT_TTL_EQ:
126 printf("--ttl-eq ");
127 break;
128 case IPT_TTL_NE:
129 printf("! --ttl-eq ");
130 break;
131 case IPT_TTL_LT:
132 printf("--ttl-lt ");
133 break;
134 case IPT_TTL_GT:
135 printf("--ttl-gt ");
136 break;
137 default:
138 /* error */
139 break;
140 }
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]141 printf("%u ", info->ttl);
142}
143
144static struct option opts[] = {
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]145 { "ttl", 1, 0, '2' },
146 { "ttl-eq", 1, 0, '2'},
147 { "ttl-lt", 1, 0, '3'},
148 { "ttl-gt", 1, 0, '4'},
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]149 { 0 }
150};
151
Harald Welte3efb6ea2001-08-06 18:50:21 +0000[diff] [blame]152static
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]153struct iptables_match ttl = {
154 NULL,
155 "ttl",
Harald Welte80fe35d2002-05-29 13:08:15 +0000[diff] [blame]156 IPTABLES_VERSION,
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]157 IPT_ALIGN(sizeof(struct ipt_ttl_info)),
158 IPT_ALIGN(sizeof(struct ipt_ttl_info)),
159 &help,
160 &init,
161 &parse,
162 &final_check,
163 &print,
164 &save,
165 opts
166};
167
168
169void _init(void)
170{
171 register_match(&ttl);
172}