Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / d7282413763b0ba85d512c1cd49174b762ff449c / . / extensions / libxt_CONNMARK.c
blob: 5d5351e3a4b215072a880316e8f4d592f5d6e71a [file] [log] [blame]
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]1/* Shared library add-on to iptables to add CONNMARK target support.
2 *
3 * (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
4 * by Henrik Nordstrom <hno@marasystems.com>
5 *
6 * Version 1.1
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 */
Jan Engelhardt32b8e612010-07-23 21:16:14 +0200[diff] [blame]22#include <stdbool.h>
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]23#include <stdint.h>
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]24#include <stdio.h>
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]25#include <xtables.h>
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]26#include <linux/netfilter/xt_CONNMARK.h>
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]27
Jan Engelhardt350661a2010-01-31 22:42:52 +0100[diff] [blame]28struct xt_connmark_target_info {
29 unsigned long mark;
30 unsigned long mask;
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]31 uint8_t mode;
Jan Engelhardt350661a2010-01-31 22:42:52 +0100[diff] [blame]32};
33
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]34enum {
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]35 O_SET_MARK = 0,
36 O_SAVE_MARK,
37 O_RESTORE_MARK,
38 O_AND_MARK,
39 O_OR_MARK,
40 O_XOR_MARK,
41 O_SET_XMARK,
42 O_CTMASK,
43 O_NFMASK,
44 O_MASK,
45 F_SET_MARK = 1 << O_SET_MARK,
46 F_SAVE_MARK = 1 << O_SAVE_MARK,
47 F_RESTORE_MARK = 1 << O_RESTORE_MARK,
48 F_AND_MARK = 1 << O_AND_MARK,
49 F_OR_MARK = 1 << O_OR_MARK,
50 F_XOR_MARK = 1 << O_XOR_MARK,
51 F_SET_XMARK = 1 << O_SET_XMARK,
52 F_CTMASK = 1 << O_CTMASK,
53 F_NFMASK = 1 << O_NFMASK,
54 F_MASK = 1 << O_MASK,
55 F_OP_ANY = F_SET_MARK | F_SAVE_MARK | F_RESTORE_MARK |
56 F_AND_MARK | F_OR_MARK | F_XOR_MARK | F_SET_XMARK,
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]57};
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]58
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]59static void CONNMARK_help(void)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]60{
61 printf(
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]62"CONNMARK target options:\n"
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]63" --set-mark value[/mask] Set conntrack mark value\n"
64" --save-mark [--mask mask] Save the packet nfmark in the connection\n"
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]65" --restore-mark [--mask mask] Restore saved nfmark value\n");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]66}
67
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]68#define s struct xt_connmark_target_info
69static const struct xt_option_entry CONNMARK_opts[] = {
70 {.name = "set-mark", .id = O_SET_MARK, .type = XTTYPE_MARKMASK32,
71 .excl = F_OP_ANY},
72 {.name = "save-mark", .id = O_SAVE_MARK, .type = XTTYPE_NONE,
73 .excl = F_OP_ANY},
74 {.name = "restore-mark", .id = O_RESTORE_MARK, .type = XTTYPE_NONE,
75 .excl = F_OP_ANY},
76 {.name = "mask", .id = O_MASK, .type = XTTYPE_UINT32},
77 XTOPT_TABLEEND,
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]78};
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]79#undef s
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]80
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]81#define s struct xt_connmark_tginfo1
82static const struct xt_option_entry connmark_tg_opts[] = {
83 {.name = "set-xmark", .id = O_SET_XMARK, .type = XTTYPE_MARKMASK32,
84 .excl = F_OP_ANY},
85 {.name = "set-mark", .id = O_SET_MARK, .type = XTTYPE_MARKMASK32,
86 .excl = F_OP_ANY},
87 {.name = "and-mark", .id = O_AND_MARK, .type = XTTYPE_UINT32,
88 .excl = F_OP_ANY},
89 {.name = "or-mark", .id = O_OR_MARK, .type = XTTYPE_UINT32,
90 .excl = F_OP_ANY},
91 {.name = "xor-mark", .id = O_XOR_MARK, .type = XTTYPE_UINT32,
92 .excl = F_OP_ANY},
93 {.name = "save-mark", .id = O_SAVE_MARK, .type = XTTYPE_NONE,
94 .excl = F_OP_ANY},
95 {.name = "restore-mark", .id = O_RESTORE_MARK, .type = XTTYPE_NONE,
96 .excl = F_OP_ANY},
97 {.name = "ctmask", .id = O_CTMASK, .type = XTTYPE_UINT32,
98 .excl = F_MASK, .flags = XTOPT_PUT, XTOPT_POINTER(s, ctmask)},
99 {.name = "nfmask", .id = O_NFMASK, .type = XTTYPE_UINT32,
100 .excl = F_MASK, .flags = XTOPT_PUT, XTOPT_POINTER(s, nfmask)},
101 {.name = "mask", .id = O_MASK, .type = XTTYPE_UINT32,
102 .excl = F_CTMASK | F_NFMASK},
103 XTOPT_TABLEEND,
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]104};
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]105#undef s
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]106
107static void connmark_tg_help(void)
108{
109 printf(
110"CONNMARK target options:\n"
111" --set-xmark value[/ctmask] Zero mask bits and XOR ctmark with value\n"
112" --save-mark [--ctmask mask] [--nfmask mask]\n"
113" Copy ctmark to nfmark using masks\n"
114" --restore-mark [--ctmask mask] [--nfmask mask]\n"
115" Copy nfmark to ctmark using masks\n"
116" --set-mark value[/mask] Set conntrack mark value\n"
117" --save-mark [--mask mask] Save the packet nfmark in the connection\n"
118" --restore-mark [--mask mask] Restore saved nfmark value\n"
119" --and-mark value Binary AND the ctmark with bits\n"
120" --or-mark value Binary OR the ctmark with bits\n"
121" --xor-mark value Binary XOR the ctmark with bits\n"
122);
123}
124
125static void connmark_tg_init(struct xt_entry_target *target)
126{
127 struct xt_connmark_tginfo1 *info = (void *)target->data;
128
129 /*
130 * Need these defaults for --save-mark/--restore-mark if no
131 * --ctmark or --nfmask is given.
132 */
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]133 info->ctmask = UINT32_MAX;
134 info->nfmask = UINT32_MAX;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]135}
136
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]137static void CONNMARK_parse(struct xt_option_call *cb)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]138{
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]139 struct xt_connmark_target_info *markinfo = cb->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]140
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]141 xtables_option_parse(cb);
142 switch (cb->entry->id) {
143 case O_SET_MARK:
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]144 markinfo->mode = XT_CONNMARK_SET;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]145 markinfo->mark = cb->val.mark;
146 markinfo->mask = cb->val.mask;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]147 break;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]148 case O_SAVE_MARK:
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]149 markinfo->mode = XT_CONNMARK_SAVE;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]150 break;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]151 case O_RESTORE_MARK:
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]152 markinfo->mode = XT_CONNMARK_RESTORE;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]153 break;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]154 case O_MASK:
155 markinfo->mask = cb->val.u32;
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]156 break;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]157 }
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]158}
159
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]160static void connmark_tg_parse(struct xt_option_call *cb)
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]161{
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]162 struct xt_connmark_tginfo1 *info = cb->data;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]163
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]164 xtables_option_parse(cb);
165 switch (cb->entry->id) {
166 case O_SET_XMARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]167 info->mode = XT_CONNMARK_SET;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]168 info->ctmark = cb->val.mark;
169 info->ctmask = cb->val.mask;
170 break;
171 case O_SET_MARK:
172 info->mode = XT_CONNMARK_SET;
173 info->ctmark = cb->val.mark;
174 info->ctmask = cb->val.mark | cb->val.mask;
175 break;
176 case O_AND_MARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]177 info->mode = XT_CONNMARK_SET;
178 info->ctmark = 0;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]179 info->ctmask = ~cb->val.u32;
180 break;
181 case O_OR_MARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]182 info->mode = XT_CONNMARK_SET;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]183 info->ctmark = cb->val.u32;
184 info->ctmask = cb->val.u32;
185 break;
186 case O_XOR_MARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]187 info->mode = XT_CONNMARK_SET;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]188 info->ctmark = cb->val.u32;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]189 info->ctmask = 0;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]190 break;
191 case O_SAVE_MARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]192 info->mode = XT_CONNMARK_SAVE;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]193 break;
194 case O_RESTORE_MARK:
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]195 info->mode = XT_CONNMARK_RESTORE;
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]196 break;
197 case O_MASK:
198 info->nfmask = info->ctmask = cb->val.u32;
199 break;
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]200 }
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]201}
202
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]203static void connmark_tg_check(struct xt_fcheck_call *cb)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]204{
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]205 if (!(cb->xflags & F_OP_ANY))
Jan Engelhardt1829ed42009-02-21 03:29:44 +0100[diff] [blame]206 xtables_error(PARAMETER_PROBLEM,
Henrik Nordstroma6ef9942004-02-03 08:19:04 +0000[diff] [blame]207 "CONNMARK target: No operation specified");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]208}
209
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]210static void
211print_mark(unsigned long mark)
212{
213 printf("0x%lx", mark);
214}
215
216static void
217print_mask(const char *text, unsigned long mask)
218{
Deti Fliegl361bac22005-11-03 18:43:14 +0000[diff] [blame]219 if (mask != 0xffffffffUL)
Tom Eastepf3aa4912005-06-11 16:17:45 +0000[diff] [blame]220 printf("%s0x%lx", text, mask);
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]221}
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]222
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]223static void CONNMARK_print(const void *ip,
224 const struct xt_entry_target *target, int numeric)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]225{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]226 const struct xt_connmark_target_info *markinfo =
227 (const struct xt_connmark_target_info *)target->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]228 switch (markinfo->mode) {
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]229 case XT_CONNMARK_SET:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]230 printf(" CONNMARK set ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]231 print_mark(markinfo->mark);
232 print_mask("/", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]233 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]234 case XT_CONNMARK_SAVE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]235 printf(" CONNMARK save ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]236 print_mask("mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]237 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]238 case XT_CONNMARK_RESTORE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]239 printf(" CONNMARK restore ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]240 print_mask("mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]241 break;
242 default:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]243 printf(" ERROR: UNKNOWN CONNMARK MODE");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]244 break;
245 }
246}
247
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]248static void
249connmark_tg_print(const void *ip, const struct xt_entry_target *target,
250 int numeric)
251{
252 const struct xt_connmark_tginfo1 *info = (const void *)target->data;
253
254 switch (info->mode) {
255 case XT_CONNMARK_SET:
256 if (info->ctmark == 0)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]257 printf(" CONNMARK and 0x%x",
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]258 (unsigned int)(uint32_t)~info->ctmask);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]259 else if (info->ctmark == info->ctmask)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]260 printf(" CONNMARK or 0x%x", info->ctmark);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]261 else if (info->ctmask == 0)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]262 printf(" CONNMARK xor 0x%x", info->ctmark);
Jan Engelhardt5fdf0322009-11-04 13:10:50 +0100[diff] [blame]263 else if (info->ctmask == 0xFFFFFFFFU)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]264 printf(" CONNMARK set 0x%x", info->ctmark);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]265 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]266 printf(" CONNMARK xset 0x%x/0x%x",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]267 info->ctmark, info->ctmask);
268 break;
269 case XT_CONNMARK_SAVE:
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]270 if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]271 printf(" CONNMARK save");
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]272 else if (info->nfmask == info->ctmask)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]273 printf(" CONNMARK save mask 0x%x", info->nfmask);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]274 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]275 printf(" CONNMARK save nfmask 0x%x ctmask ~0x%x",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]276 info->nfmask, info->ctmask);
277 break;
278 case XT_CONNMARK_RESTORE:
Jan Engelhardta8097542009-01-27 17:39:01 +0100[diff] [blame]279 if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]280 printf(" CONNMARK restore");
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]281 else if (info->ctmask == info->nfmask)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]282 printf(" CONNMARK restore mask 0x%x", info->ctmask);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]283 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]284 printf(" CONNMARK restore ctmask 0x%x nfmask ~0x%x",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]285 info->ctmask, info->nfmask);
286 break;
287
288 default:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]289 printf(" ERROR: UNKNOWN CONNMARK MODE");
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]290 break;
291 }
292}
293
Jan Engelhardt932e6482007-10-04 16:27:30 +0000[diff] [blame]294static void CONNMARK_save(const void *ip, const struct xt_entry_target *target)
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]295{
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]296 const struct xt_connmark_target_info *markinfo =
297 (const struct xt_connmark_target_info *)target->data;
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]298
299 switch (markinfo->mode) {
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]300 case XT_CONNMARK_SET:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]301 printf(" --set-mark ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]302 print_mark(markinfo->mark);
303 print_mask("/", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]304 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]305 case XT_CONNMARK_SAVE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]306 printf(" --save-mark ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]307 print_mask("--mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]308 break;
Yasuyuki KOZAKAIf36f4a82007-08-04 08:04:43 +0000[diff] [blame]309 case XT_CONNMARK_RESTORE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]310 printf(" --restore-mark ");
Martin Josefsson02964b82005-02-12 21:40:16 +0000[diff] [blame]311 print_mask("--mask ", markinfo->mask);
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]312 break;
313 default:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]314 printf(" ERROR: UNKNOWN CONNMARK MODE");
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]315 break;
316 }
317}
318
Peter Warasin2c3ce6a2008-01-15 15:46:35 +0000[diff] [blame]319static void CONNMARK_init(struct xt_entry_target *t)
320{
321 struct xt_connmark_target_info *markinfo
322 = (struct xt_connmark_target_info *)t->data;
323
324 markinfo->mask = 0xffffffffUL;
325}
326
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]327static void
328connmark_tg_save(const void *ip, const struct xt_entry_target *target)
329{
330 const struct xt_connmark_tginfo1 *info = (const void *)target->data;
331
332 switch (info->mode) {
333 case XT_CONNMARK_SET:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]334 printf(" --set-xmark 0x%x/0x%x", info->ctmark, info->ctmask);
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]335 break;
336 case XT_CONNMARK_SAVE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]337 printf(" --save-mark --nfmask 0x%x --ctmask 0x%x",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]338 info->nfmask, info->ctmask);
339 break;
340 case XT_CONNMARK_RESTORE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]341 printf(" --restore-mark --nfmask 0x%x --ctmask 0x%x",
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]342 info->nfmask, info->ctmask);
343 break;
344 default:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]345 printf(" ERROR: UNKNOWN CONNMARK MODE");
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]346 break;
347 }
348}
349
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]350static struct xtables_target connmark_tg_reg[] = {
351 {
352 .family = NFPROTO_UNSPEC,
353 .name = "CONNMARK",
354 .revision = 0,
355 .version = XTABLES_VERSION,
356 .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
357 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)),
358 .help = CONNMARK_help,
359 .init = CONNMARK_init,
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]360 .print = CONNMARK_print,
361 .save = CONNMARK_save,
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]362 .x6_parse = CONNMARK_parse,
363 .x6_fcheck = connmark_tg_check,
364 .x6_options = CONNMARK_opts,
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]365 },
366 {
367 .version = XTABLES_VERSION,
368 .name = "CONNMARK",
369 .revision = 1,
370 .family = NFPROTO_UNSPEC,
371 .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
372 .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)),
373 .help = connmark_tg_help,
374 .init = connmark_tg_init,
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]375 .print = connmark_tg_print,
376 .save = connmark_tg_save,
Jan Engelhardt7299fa42011-03-06 15:54:58 +0100[diff] [blame]377 .x6_parse = connmark_tg_parse,
378 .x6_fcheck = connmark_tg_check,
379 .x6_options = connmark_tg_opts,
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]380 },
Jan Engelhardtff068712008-01-29 13:36:27 +0000[diff] [blame]381};
382
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]383void _init(void)
384{
Jan Engelhardtf2a77522009-06-25 20:12:12 +0200[diff] [blame]385 xtables_register_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg));
Harald Welte0e81d5d2002-02-25 11:26:01 +0000[diff] [blame]386}