Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / f53710b16c2bae1843c3f5fee390f496dfa82526 / . / extensions / libip6t_ah.c
blob: 26f81408fc45bbafd10e28d41a6b070b4c843be8 [file] [log] [blame]
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]1#include <stdio.h>
Jan Engelhardt5d9678a2008-11-20 10:15:35 +0100[diff] [blame]2#include <xtables.h>
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]3#include <linux/netfilter_ipv6/ip6t_ah.h>
Jan Engelhardtddac6c52008-09-01 14:22:19 +0200[diff] [blame]4
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]5enum {
6 O_AHSPI = 0,
7 O_AHLEN,
8 O_AHRES,
9};
10
Jan Engelhardt997045f2007-10-04 16:29:21 +0000[diff] [blame]11static void ah_help(void)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]12{
13 printf(
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]14"ah match options:\n"
Jan Engelhardt96727922008-08-13 14:42:41 +0200[diff] [blame]15"[!] --ahspi spi[:spi] match spi (range)\n"
16"[!] --ahlen length total length of this header\n"
Jan Engelhardt12a18d62011-02-18 01:45:05 +0100[diff] [blame]17" --ahres check the reserved field too\n");
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]18}
19
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]20#define s struct ip6t_ah
21static const struct xt_option_entry ah_opts[] = {
22 {.name = "ahspi", .id = O_AHSPI, .type = XTTYPE_UINT32RC,
23 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, spis)},
24 {.name = "ahlen", .id = O_AHLEN, .type = XTTYPE_UINT32,
25 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, hdrlen)},
26 {.name = "ahres", .id = O_AHRES, .type = XTTYPE_NONE},
27 XTOPT_TABLEEND,
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]28};
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]29#undef s
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]30
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]31static void ah_parse(struct xt_option_call *cb)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]32{
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]33 struct ip6t_ah *ahinfo = cb->data;
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]34
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]35 xtables_option_parse(cb);
36 switch (cb->entry->id) {
37 case O_AHSPI:
Jan Engelhardt6944f2c2011-05-24 23:50:29 +0200[diff] [blame]38 if (cb->nvals == 1)
39 ahinfo->spis[1] = ahinfo->spis[0];
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]40 if (cb->invert)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]41 ahinfo->invflags |= IP6T_AH_INV_SPI;
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]42 break;
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]43 case O_AHLEN:
44 if (cb->invert)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]45 ahinfo->invflags |= IP6T_AH_INV_LEN;
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]46 break;
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]47 case O_AHRES:
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]48 ahinfo->hdrres = 1;
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]49 break;
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]50 }
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]51}
52
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]53static void
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]54print_spis(const char *name, uint32_t min, uint32_t max,
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]55 int invert)
56{
57 const char *inv = invert ? "!" : "";
58
59 if (min != 0 || max != 0xFFFFFFFF || invert) {
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]60 if (min == max)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]61 printf("%s:%s%u", name, inv, min);
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]62 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]63 printf("%ss:%s%u:%u", name, inv, min, max);
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]64 }
65}
66
67static void
Jan Engelhardt7ac40522011-01-07 12:34:04 +0100[diff] [blame]68print_len(const char *name, uint32_t len, int invert)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]69{
70 const char *inv = invert ? "!" : "";
71
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]72 if (len != 0 || invert)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]73 printf("%s:%s%u", name, inv, len);
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]74}
75
Jan Engelhardt997045f2007-10-04 16:29:21 +0000[diff] [blame]76static void ah_print(const void *ip, const struct xt_entry_match *match,
77 int numeric)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]78{
79 const struct ip6t_ah *ah = (struct ip6t_ah *)match->data;
80
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]81 printf(" ah ");
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]82 print_spis("spi", ah->spis[0], ah->spis[1],
83 ah->invflags & IP6T_AH_INV_SPI);
84 print_len("length", ah->hdrlen,
85 ah->invflags & IP6T_AH_INV_LEN);
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]86
87 if (ah->hdrres)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]88 printf(" reserved");
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]89
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]90 if (ah->invflags & ~IP6T_AH_INV_MASK)
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]91 printf(" Unknown invflags: 0x%X",
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]92 ah->invflags & ~IP6T_AH_INV_MASK);
93}
94
Jan Engelhardt997045f2007-10-04 16:29:21 +0000[diff] [blame]95static void ah_save(const void *ip, const struct xt_entry_match *match)
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]96{
97 const struct ip6t_ah *ahinfo = (struct ip6t_ah *)match->data;
98
99 if (!(ahinfo->spis[0] == 0
100 && ahinfo->spis[1] == 0xFFFFFFFF)) {
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]101 printf("%s --ahspi ",
102 (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !" : "");
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]103 if (ahinfo->spis[0]
104 != ahinfo->spis[1])
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]105 printf("%u:%u",
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]106 ahinfo->spis[0],
107 ahinfo->spis[1]);
108 else
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]109 printf("%u",
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]110 ahinfo->spis[0]);
111 }
112
András Kis-Szabód8a12a82002-04-24 09:36:30 +0000[diff] [blame]113 if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN) ) {
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]114 printf("%s --ahlen %u",
115 (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !" : "",
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]116 ahinfo->hdrlen);
117 }
118
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]119 if (ahinfo->hdrres != 0 )
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]120 printf(" --ahres");
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]121}
122
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]123static struct xtables_match ah_mt6_reg = {
Stephane Ouellette703575d2003-08-23 18:41:47 +0000[diff] [blame]124 .name = "ah",
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]125 .version = XTABLES_VERSION,
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]126 .family = NFPROTO_IPV6,
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]127 .size = XT_ALIGN(sizeof(struct ip6t_ah)),
128 .userspacesize = XT_ALIGN(sizeof(struct ip6t_ah)),
Jan Engelhardt997045f2007-10-04 16:29:21 +0000[diff] [blame]129 .help = ah_help,
Jan Engelhardt997045f2007-10-04 16:29:21 +0000[diff] [blame]130 .print = ah_print,
131 .save = ah_save,
Jan Engelhardt4d6ede02011-02-16 01:59:18 +0100[diff] [blame]132 .x6_parse = ah_parse,
133 .x6_options = ah_opts,
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]134};
135
136void
137_init(void)
138{
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]139 xtables_register_match(&ah_mt6_reg);
Harald Welted32980d2002-03-25 08:38:26 +0000[diff] [blame]140}