Blame - extensions/libxt_connmark.c - platform/external/iptables

blob: 6f1d532360198e64429ffa6fb3fde55f9707490b [file] [log] [blame]

Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	1	/* Shared library add-on to iptables to add connmark matching support.
				2	*
				3	* (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
				4	* by Henrik Nordstrom <hno@marasystems.com>
				5	*
				6	* Version 1.1
				7	*
				8	* This program is free software; you can redistribute it and/or modify
				9	* it under the terms of the GNU General Public License as published by
				10	* the Free Software Foundation; either version 2 of the License, or
				11	* (at your option) any later version.
				12	*
				13	* This program is distributed in the hope that it will be useful,
				14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				16	* GNU General Public License for more details.
				17	*
				18	* You should have received a copy of the GNU General Public License
				19	* along with this program; if not, write to the Free Software
				20	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
				21	*/
Jan Engelhardt	32b8e61	2010-07-23 21:16:14 +0200	[diff] [blame]	22	#include <stdbool.h>
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	23	#include <stdint.h>
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	24	#include <stdio.h>
Yasuyuki KOZAKAI	c57c155	2007-08-04 08:09:04 +0000	[diff] [blame]	25	#include <xtables.h>
				26	#include <linux/netfilter/xt_connmark.h>
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	27
Jan Engelhardt	350661a	2010-01-31 22:42:52 +0100	[diff] [blame]	28	struct xt_connmark_info {
				29	unsigned long mark, mask;
Jan Engelhardt	7ac4052	2011-01-07 12:34:04 +0100	[diff] [blame]	30	uint8_t invert;
Jan Engelhardt	350661a	2010-01-31 22:42:52 +0100	[diff] [blame]	31	};
				32
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	33	enum {
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	34	O_MARK = 0,
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	35	};
				36
				37	static void connmark_mt_help(void)
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	38	{
				39	printf(
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	40	"connmark match options:\n"
Jan Engelhardt	8b7c64d	2008-04-15 11:48:25 +0200	[diff] [blame]	41	"[!] --mark value[/mask] Match ctmark value with optional mask\n");
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	42	}
				43
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	44	static const struct xt_option_entry connmark_mt_opts[] = {
				45	{.name = "mark", .id = O_MARK, .type = XTTYPE_MARKMASK32,
				46	.flags = XTOPT_MAND \| XTOPT_INVERT},
				47	XTOPT_TABLEEND,
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	48	};
				49
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	50	static void connmark_mt_parse(struct xt_option_call *cb)
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	51	{
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	52	struct xt_connmark_mtinfo1 *info = cb->data;
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	53
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	54	xtables_option_parse(cb);
				55	if (cb->invert)
				56	info->invert = true;
				57	info->mark = cb->val.mark;
				58	info->mask = cb->val.mask;
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	59	}
				60
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	61	static void connmark_parse(struct xt_option_call *cb)
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	62	{
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	63	struct xt_connmark_info *markinfo = cb->data;
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	64
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	65	xtables_option_parse(cb);
				66	markinfo->mark = cb->val.mark;
				67	markinfo->mask = cb->val.mask;
				68	if (cb->invert)
				69	markinfo->invert = 1;
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	70	}
				71
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	72	static void print_mark(unsigned int mark, unsigned int mask)
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	73	{
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	74	if (mask != 0xffffffffU)
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	75	printf(" 0x%x/0x%x", mark, mask);
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	76	else
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	77	printf(" 0x%x", mark);
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	78	}
				79
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	80	static void
Jan Engelhardt	181dead	2007-10-04 16:27:07 +0000	[diff] [blame]	81	connmark_print(const void ip, const struct xt_entry_match match, int numeric)
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	82	{
Jan Engelhardt	69f564e	2009-05-26 13:14:06 +0200	[diff] [blame]	83	const struct xt_connmark_info info = (const void )match->data;
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	84
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	85	printf(" CONNMARK match ");
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	86	if (info->invert)
				87	printf("!");
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	88	print_mark(info->mark, info->mask);
				89	}
				90
				91	static void
				92	connmark_mt_print(const void ip, const struct xt_entry_match match, int numeric)
				93	{
				94	const struct xt_connmark_mtinfo1 info = (const void )match->data;
				95
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	96	printf(" connmark match ");
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	97	if (info->invert)
				98	printf("!");
				99	print_mark(info->mark, info->mask);
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	100	}
				101
Jan Engelhardt	181dead	2007-10-04 16:27:07 +0000	[diff] [blame]	102	static void connmark_save(const void ip, const struct xt_entry_match match)
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	103	{
Jan Engelhardt	69f564e	2009-05-26 13:14:06 +0200	[diff] [blame]	104	const struct xt_connmark_info info = (const void )match->data;
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	105
				106	if (info->invert)
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	107	printf(" !");
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	108
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	109	printf(" --mark");
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	110	print_mark(info->mark, info->mask);
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	111	}
				112
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	113	static void
				114	connmark_mt_save(const void ip, const struct xt_entry_match match)
				115	{
				116	const struct xt_connmark_mtinfo1 info = (const void )match->data;
				117
				118	if (info->invert)
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	119	printf(" !");
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	120
Jan Engelhardt	7386635	2010-12-18 02:04:59 +0100	[diff] [blame]	121	printf(" --mark");
Jan Engelhardt	a7b0707	2008-01-20 13:32:01 +0000	[diff] [blame]	122	print_mark(info->mark, info->mask);
				123	}
				124
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	125	static struct xtables_match connmark_mt_reg[] = {
				126	{
				127	.family = NFPROTO_UNSPEC,
				128	.name = "connmark",
				129	.revision = 0,
				130	.version = XTABLES_VERSION,
				131	.size = XT_ALIGN(sizeof(struct xt_connmark_info)),
				132	.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_info)),
				133	.help = connmark_mt_help,
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	134	.print = connmark_print,
				135	.save = connmark_save,
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	136	.x6_parse = connmark_parse,
				137	.x6_options = connmark_mt_opts,
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	138	},
				139	{
				140	.version = XTABLES_VERSION,
				141	.name = "connmark",
				142	.revision = 1,
				143	.family = NFPROTO_UNSPEC,
				144	.size = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
				145	.userspacesize = XT_ALIGN(sizeof(struct xt_connmark_mtinfo1)),
				146	.help = connmark_mt_help,
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	147	.print = connmark_mt_print,
				148	.save = connmark_mt_save,
Jan Engelhardt	7299fa4	2011-03-06 15:54:58 +0100	[diff] [blame]	149	.x6_parse = connmark_mt_parse,
				150	.x6_options = connmark_mt_opts,
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	151	},
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	152	};
				153
				154	void _init(void)
				155	{
Jan Engelhardt	f2a7752	2009-06-25 20:12:12 +0200	[diff] [blame]	156	xtables_register_matches(connmark_mt_reg, ARRAY_SIZE(connmark_mt_reg));
Harald Welte	469d18f	2006-01-26 14:43:52 +0000	[diff] [blame]	157	}