Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / f53710b16c2bae1843c3f5fee390f496dfa82526 / . / extensions / libipt_ttl.c
blob: 6370cb6748616722babef7285c00fd32740169c7 [file] [log] [blame]
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]1/* Shared library add-on to iptables to add TTL matching support
2 * (C) 2000 by Harald Welte <laforge@gnumonks.org>
3 *
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]4 * This program is released under the terms of GNU GPL */
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]5#include <stdio.h>
Jan Engelhardt5d9678a2008-11-20 10:15:35 +0100[diff] [blame]6#include <xtables.h>
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]7#include <linux/netfilter_ipv4/ipt_ttl.h>
8
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]9enum {
10 O_TTL_EQ = 0,
11 O_TTL_LT,
12 O_TTL_GT,
13 F_TTL_EQ = 1 << O_TTL_EQ,
14 F_TTL_LT = 1 << O_TTL_LT,
15 F_TTL_GT = 1 << O_TTL_GT,
16 F_ANY = F_TTL_EQ | F_TTL_LT | F_TTL_GT,
17};
18
Jan Engelhardt59d16402007-10-04 16:28:39 +0000[diff] [blame]19static void ttl_help(void)
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]20{
21 printf(
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]22"ttl match options:\n"
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]23" --ttl-eq value Match time to live value\n"
24" --ttl-lt value Match TTL < value\n"
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]25" --ttl-gt value Match TTL > value\n");
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]26}
27
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]28static void ttl_parse(struct xt_option_call *cb)
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]29{
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]30 struct ipt_ttl_info *info = cb->data;
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]31
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]32 xtables_option_parse(cb);
33 switch (cb->entry->id) {
34 case O_TTL_EQ:
35 info->mode = cb->invert ? IPT_TTL_NE : IPT_TTL_EQ;
36 break;
37 case O_TTL_LT:
38 info->mode = IPT_TTL_LT;
39 break;
40 case O_TTL_GT:
41 info->mode = IPT_TTL_GT;
42 break;
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]43 }
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]44}
45
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]46static void ttl_check(struct xt_fcheck_call *cb)
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]47{
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]48 if (!(cb->xflags & F_ANY))
Jan Engelhardt1829ed42009-02-21 03:29:44 +0100[diff] [blame]49 xtables_error(PARAMETER_PROBLEM,
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]50 "TTL match: You must specify one of "
51 "`--ttl-eq', `--ttl-lt', `--ttl-gt");
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]52}
53
Jan Engelhardt59d16402007-10-04 16:28:39 +0000[diff] [blame]54static void ttl_print(const void *ip, const struct xt_entry_match *match,
55 int numeric)
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]56{
57 const struct ipt_ttl_info *info =
58 (struct ipt_ttl_info *) match->data;
59
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]60 printf(" TTL match ");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]61 switch (info->mode) {
62 case IPT_TTL_EQ:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]63 printf("TTL ==");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]64 break;
65 case IPT_TTL_NE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]66 printf("TTL !=");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]67 break;
68 case IPT_TTL_LT:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]69 printf("TTL <");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]70 break;
71 case IPT_TTL_GT:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]72 printf("TTL >");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]73 break;
74 }
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]75 printf(" %u", info->ttl);
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]76}
77
Jan Engelhardt59d16402007-10-04 16:28:39 +0000[diff] [blame]78static void ttl_save(const void *ip, const struct xt_entry_match *match)
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]79{
80 const struct ipt_ttl_info *info =
81 (struct ipt_ttl_info *) match->data;
82
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]83 switch (info->mode) {
84 case IPT_TTL_EQ:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]85 printf(" --ttl-eq");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]86 break;
87 case IPT_TTL_NE:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]88 printf(" ! --ttl-eq");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]89 break;
90 case IPT_TTL_LT:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]91 printf(" --ttl-lt");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]92 break;
93 case IPT_TTL_GT:
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]94 printf(" --ttl-gt");
Harald Welte1441c422000-11-13 12:32:50 +0000[diff] [blame]95 break;
96 default:
97 /* error */
98 break;
99 }
Jan Engelhardt73866352010-12-18 02:04:59 +0100[diff] [blame]100 printf(" %u", info->ttl);
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]101}
102
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]103#define s struct ipt_ttl_info
104static const struct xt_option_entry ttl_opts[] = {
105 {.name = "ttl-lt", .id = O_TTL_LT, .excl = F_ANY, .type = XTTYPE_UINT8,
106 .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)},
107 {.name = "ttl-gt", .id = O_TTL_GT, .excl = F_ANY, .type = XTTYPE_UINT8,
108 .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)},
109 {.name = "ttl-eq", .id = O_TTL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8,
110 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, ttl)},
111 {.name = "ttl", .id = O_TTL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8,
112 .flags = XTOPT_PUT, XTOPT_POINTER(s, ttl)},
113 XTOPT_TABLEEND,
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]114};
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]115#undef s
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]116
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]117static struct xtables_match ttl_mt_reg = {
Pablo Neira8caee8b2004-12-28 13:11:59 +0000[diff] [blame]118 .name = "ttl",
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]119 .version = XTABLES_VERSION,
Jan Engelhardt03d99482008-11-18 12:27:54 +0100[diff] [blame]120 .family = NFPROTO_IPV4,
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]121 .size = XT_ALIGN(sizeof(struct ipt_ttl_info)),
122 .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)),
Jan Engelhardt59d16402007-10-04 16:28:39 +0000[diff] [blame]123 .help = ttl_help,
Jan Engelhardt59d16402007-10-04 16:28:39 +0000[diff] [blame]124 .print = ttl_print,
125 .save = ttl_save,
Jan Engelhardtdba08392011-02-18 03:20:56 +0100[diff] [blame]126 .x6_parse = ttl_parse,
127 .x6_fcheck = ttl_check,
128 .x6_options = ttl_opts,
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]129};
130
131
132void _init(void)
133{
Jan Engelhardt8b7c64d2008-04-15 11:48:25 +0200[diff] [blame]134 xtables_register_match(&ttl_mt_reg);
Harald Welte703828f2000-10-04 15:27:07 +0000[diff] [blame]135}