Root/
1 | /* |
2 | * IP tables module for matching the value of the TTL |
3 | * (C) 2000,2001 by Harald Welte <laforge@netfilter.org> |
4 | * |
5 | * Hop Limit matching module |
6 | * (C) 2001-2002 Maciej Soltysiak <solt@dns.toxicfilms.tv> |
7 | * |
8 | * This program is free software; you can redistribute it and/or modify |
9 | * it under the terms of the GNU General Public License version 2 as |
10 | * published by the Free Software Foundation. |
11 | */ |
12 | |
13 | #include <linux/ip.h> |
14 | #include <linux/ipv6.h> |
15 | #include <linux/module.h> |
16 | #include <linux/skbuff.h> |
17 | |
18 | #include <linux/netfilter/x_tables.h> |
19 | #include <linux/netfilter_ipv4/ipt_ttl.h> |
20 | #include <linux/netfilter_ipv6/ip6t_hl.h> |
21 | |
22 | MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); |
23 | MODULE_DESCRIPTION("Xtables: Hoplimit/TTL field match"); |
24 | MODULE_LICENSE("GPL"); |
25 | MODULE_ALIAS("ipt_ttl"); |
26 | MODULE_ALIAS("ip6t_hl"); |
27 | |
28 | static bool ttl_mt(const struct sk_buff *skb, const struct xt_match_param *par) |
29 | { |
30 | const struct ipt_ttl_info *info = par->matchinfo; |
31 | const u8 ttl = ip_hdr(skb)->ttl; |
32 | |
33 | switch (info->mode) { |
34 | case IPT_TTL_EQ: |
35 | return ttl == info->ttl; |
36 | case IPT_TTL_NE: |
37 | return ttl != info->ttl; |
38 | case IPT_TTL_LT: |
39 | return ttl < info->ttl; |
40 | case IPT_TTL_GT: |
41 | return ttl > info->ttl; |
42 | default: |
43 | printk(KERN_WARNING "ipt_ttl: unknown mode %d\n", |
44 | info->mode); |
45 | return false; |
46 | } |
47 | |
48 | return false; |
49 | } |
50 | |
51 | static bool hl_mt6(const struct sk_buff *skb, const struct xt_match_param *par) |
52 | { |
53 | const struct ip6t_hl_info *info = par->matchinfo; |
54 | const struct ipv6hdr *ip6h = ipv6_hdr(skb); |
55 | |
56 | switch (info->mode) { |
57 | case IP6T_HL_EQ: |
58 | return ip6h->hop_limit == info->hop_limit; |
59 | break; |
60 | case IP6T_HL_NE: |
61 | return ip6h->hop_limit != info->hop_limit; |
62 | break; |
63 | case IP6T_HL_LT: |
64 | return ip6h->hop_limit < info->hop_limit; |
65 | break; |
66 | case IP6T_HL_GT: |
67 | return ip6h->hop_limit > info->hop_limit; |
68 | break; |
69 | default: |
70 | printk(KERN_WARNING "ip6t_hl: unknown mode %d\n", |
71 | info->mode); |
72 | return false; |
73 | } |
74 | |
75 | return false; |
76 | } |
77 | |
78 | static struct xt_match hl_mt_reg[] __read_mostly = { |
79 | { |
80 | .name = "ttl", |
81 | .revision = 0, |
82 | .family = NFPROTO_IPV4, |
83 | .match = ttl_mt, |
84 | .matchsize = sizeof(struct ipt_ttl_info), |
85 | .me = THIS_MODULE, |
86 | }, |
87 | { |
88 | .name = "hl", |
89 | .revision = 0, |
90 | .family = NFPROTO_IPV6, |
91 | .match = hl_mt6, |
92 | .matchsize = sizeof(struct ip6t_hl_info), |
93 | .me = THIS_MODULE, |
94 | }, |
95 | }; |
96 | |
97 | static int __init hl_mt_init(void) |
98 | { |
99 | return xt_register_matches(hl_mt_reg, ARRAY_SIZE(hl_mt_reg)); |
100 | } |
101 | |
102 | static void __exit hl_mt_exit(void) |
103 | { |
104 | xt_unregister_matches(hl_mt_reg, ARRAY_SIZE(hl_mt_reg)); |
105 | } |
106 | |
107 | module_init(hl_mt_init); |
108 | module_exit(hl_mt_exit); |
109 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9