Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 1 | /* |
| 2 | * IPv6 Hop Limit matching module |
| 3 | * Maciej Soltysiak <solt@dns.toxicfilms.tv> |
| 4 | * Based on HW's ttl match |
| 5 | * This program is released under the terms of GNU GPL |
Stephane Ouellette | 46525cd | 2003-05-07 20:08:36 +0000 | [diff] [blame] | 6 | * Cleanups by Stephane Ouellette <ouellettes@videotron.ca> |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 7 | */ |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 8 | #include <stdio.h> |
Jan Engelhardt | 5d9678a | 2008-11-20 10:15:35 +0100 | [diff] [blame] | 9 | #include <xtables.h> |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 10 | #include <linux/netfilter_ipv6/ip6t_hl.h> |
| 11 | |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 12 | enum { |
| 13 | O_HL_EQ = 0, |
| 14 | O_HL_LT, |
| 15 | O_HL_GT, |
| 16 | F_HL_EQ = 1 << O_HL_EQ, |
| 17 | F_HL_LT = 1 << O_HL_LT, |
| 18 | F_HL_GT = 1 << O_HL_GT, |
| 19 | F_ANY = F_HL_EQ | F_HL_LT | F_HL_GT, |
| 20 | }; |
| 21 | |
Jan Engelhardt | 997045f | 2007-10-04 16:29:21 +0000 | [diff] [blame] | 22 | static void hl_help(void) |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 23 | { |
| 24 | printf( |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 25 | "hl match options:\n" |
Jan Engelhardt | 9672792 | 2008-08-13 14:42:41 +0200 | [diff] [blame] | 26 | "[!] --hl-eq value Match hop limit value\n" |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 27 | " --hl-lt value Match HL < value\n" |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 28 | " --hl-gt value Match HL > value\n"); |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 29 | } |
| 30 | |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 31 | static void hl_parse(struct xt_option_call *cb) |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 32 | { |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 33 | struct ip6t_hl_info *info = cb->data; |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 34 | |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 35 | xtables_option_parse(cb); |
| 36 | switch (cb->entry->id) { |
| 37 | case O_HL_EQ: |
| 38 | info->mode = cb->invert ? IP6T_HL_NE : IP6T_HL_EQ; |
| 39 | break; |
| 40 | case O_HL_LT: |
| 41 | info->mode = IP6T_HL_LT; |
| 42 | break; |
| 43 | case O_HL_GT: |
| 44 | info->mode = IP6T_HL_GT; |
| 45 | break; |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 46 | } |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 47 | } |
| 48 | |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 49 | static void hl_check(struct xt_fcheck_call *cb) |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 50 | { |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 51 | if (!(cb->xflags & F_ANY)) |
Jan Engelhardt | 1829ed4 | 2009-02-21 03:29:44 +0100 | [diff] [blame] | 52 | xtables_error(PARAMETER_PROBLEM, |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 53 | "HL match: You must specify one of " |
Stephane Ouellette | 46525cd | 2003-05-07 20:08:36 +0000 | [diff] [blame] | 54 | "`--hl-eq', `--hl-lt', `--hl-gt'"); |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 55 | } |
| 56 | |
Jan Engelhardt | 997045f | 2007-10-04 16:29:21 +0000 | [diff] [blame] | 57 | static void hl_print(const void *ip, const struct xt_entry_match *match, |
| 58 | int numeric) |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 59 | { |
Jan Engelhardt | 69f564e | 2009-05-26 13:14:06 +0200 | [diff] [blame] | 60 | static const char *const op[] = { |
Stephane Ouellette | 46525cd | 2003-05-07 20:08:36 +0000 | [diff] [blame] | 61 | [IP6T_HL_EQ] = "==", |
| 62 | [IP6T_HL_NE] = "!=", |
| 63 | [IP6T_HL_LT] = "<", |
| 64 | [IP6T_HL_GT] = ">" }; |
| 65 | |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 66 | const struct ip6t_hl_info *info = |
| 67 | (struct ip6t_hl_info *) match->data; |
| 68 | |
Jan Engelhardt | 7386635 | 2010-12-18 02:04:59 +0100 | [diff] [blame] | 69 | printf(" HL match HL %s %u", op[info->mode], info->hop_limit); |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 70 | } |
| 71 | |
Jan Engelhardt | 997045f | 2007-10-04 16:29:21 +0000 | [diff] [blame] | 72 | static void hl_save(const void *ip, const struct xt_entry_match *match) |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 73 | { |
Jan Engelhardt | cea9f71 | 2008-12-09 15:06:20 +0100 | [diff] [blame] | 74 | static const char *const op[] = { |
| 75 | [IP6T_HL_EQ] = "--hl-eq", |
| 76 | [IP6T_HL_NE] = "! --hl-eq", |
| 77 | [IP6T_HL_LT] = "--hl-lt", |
| 78 | [IP6T_HL_GT] = "--hl-gt" }; |
Stephane Ouellette | 46525cd | 2003-05-07 20:08:36 +0000 | [diff] [blame] | 79 | |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 80 | const struct ip6t_hl_info *info = |
| 81 | (struct ip6t_hl_info *) match->data; |
| 82 | |
Jan Engelhardt | 7386635 | 2010-12-18 02:04:59 +0100 | [diff] [blame] | 83 | printf(" %s %u", op[info->mode], info->hop_limit); |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 84 | } |
| 85 | |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 86 | #define s struct ip6t_hl_info |
| 87 | static const struct xt_option_entry hl_opts[] = { |
| 88 | {.name = "hl-lt", .id = O_HL_LT, .excl = F_ANY, .type = XTTYPE_UINT8, |
| 89 | .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)}, |
| 90 | {.name = "hl-gt", .id = O_HL_GT, .excl = F_ANY, .type = XTTYPE_UINT8, |
| 91 | .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)}, |
| 92 | {.name = "hl-eq", .id = O_HL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8, |
| 93 | .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, hop_limit)}, |
| 94 | {.name = "hl", .id = O_HL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8, |
| 95 | .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)}, |
| 96 | XTOPT_TABLEEND, |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 97 | }; |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 98 | #undef s |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 99 | |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 100 | static struct xtables_match hl_mt6_reg = { |
Stephane Ouellette | 46525cd | 2003-05-07 20:08:36 +0000 | [diff] [blame] | 101 | .name = "hl", |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 102 | .version = XTABLES_VERSION, |
Jan Engelhardt | 03d9948 | 2008-11-18 12:27:54 +0100 | [diff] [blame] | 103 | .family = NFPROTO_IPV6, |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 104 | .size = XT_ALIGN(sizeof(struct ip6t_hl_info)), |
| 105 | .userspacesize = XT_ALIGN(sizeof(struct ip6t_hl_info)), |
Jan Engelhardt | 997045f | 2007-10-04 16:29:21 +0000 | [diff] [blame] | 106 | .help = hl_help, |
Jan Engelhardt | 997045f | 2007-10-04 16:29:21 +0000 | [diff] [blame] | 107 | .print = hl_print, |
| 108 | .save = hl_save, |
Jan Engelhardt | dba0839 | 2011-02-18 03:20:56 +0100 | [diff] [blame] | 109 | .x6_parse = hl_parse, |
| 110 | .x6_fcheck = hl_check, |
| 111 | .x6_options = hl_opts, |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 112 | }; |
| 113 | |
| 114 | |
| 115 | void _init(void) |
| 116 | { |
Jan Engelhardt | 8b7c64d | 2008-04-15 11:48:25 +0200 | [diff] [blame] | 117 | xtables_register_match(&hl_mt6_reg); |
Maciej Soltysiak | 60358d7 | 2003-01-08 09:14:20 +0000 | [diff] [blame] | 118 | } |