Blame view
net/netfilter/xt_length.c
1.82 KB
2e4e6a17a [NETFILTER] x_tab... |
1 2 3 4 5 6 7 8 9 10 |
/* Kernel module to match packet length. */ /* (C) 1999-2001 James Morris <jmorros@intercode.com.au> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. */ #include <linux/module.h> #include <linux/skbuff.h> |
37d8dc82e [NETFILTER] x-tab... |
11 |
#include <linux/ipv6.h> |
2e4e6a17a [NETFILTER] x_tab... |
12 13 14 15 16 17 |
#include <net/ip.h> #include <linux/netfilter/xt_length.h> #include <linux/netfilter/x_tables.h> MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); |
2ae15b64e [NETFILTER]: Upda... |
18 |
MODULE_DESCRIPTION("Xtables: Packet length (Layer3,4,5) match"); |
2e4e6a17a [NETFILTER] x_tab... |
19 20 21 |
MODULE_LICENSE("GPL"); MODULE_ALIAS("ipt_length"); MODULE_ALIAS("ip6t_length"); |
1d93a9cba [NETFILTER]: x_ta... |
22 |
static bool |
62fc80510 netfilter: xtable... |
23 |
length_mt(const struct sk_buff *skb, struct xt_action_param *par) |
2e4e6a17a [NETFILTER] x_tab... |
24 |
{ |
f7108a20d netfilter: xtable... |
25 |
const struct xt_length_info *info = par->matchinfo; |
eddc9ec53 [SK_BUFF]: Introd... |
26 |
u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len); |
601e68e10 [NETFILTER]: Fix ... |
27 |
|
2e4e6a17a [NETFILTER] x_tab... |
28 29 |
return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; } |
1d93a9cba [NETFILTER]: x_ta... |
30 |
static bool |
62fc80510 netfilter: xtable... |
31 |
length_mt6(const struct sk_buff *skb, struct xt_action_param *par) |
2e4e6a17a [NETFILTER] x_tab... |
32 |
{ |
f7108a20d netfilter: xtable... |
33 |
const struct xt_length_info *info = par->matchinfo; |
7c4e36bc1 [NETFILTER]: Remo... |
34 35 |
const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) + sizeof(struct ipv6hdr); |
601e68e10 [NETFILTER]: Fix ... |
36 |
|
2e4e6a17a [NETFILTER] x_tab... |
37 38 |
return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; } |
d3c5ee6d5 [NETFILTER]: x_ta... |
39 |
static struct xt_match length_mt_reg[] __read_mostly = { |
4470bbc74 [NETFILTER]: x_ta... |
40 41 |
{ .name = "length", |
ee999d8b9 netfilter: x_tabl... |
42 |
.family = NFPROTO_IPV4, |
d3c5ee6d5 [NETFILTER]: x_ta... |
43 |
.match = length_mt, |
4470bbc74 [NETFILTER]: x_ta... |
44 45 46 47 48 |
.matchsize = sizeof(struct xt_length_info), .me = THIS_MODULE, }, { .name = "length", |
ee999d8b9 netfilter: x_tabl... |
49 |
.family = NFPROTO_IPV6, |
d3c5ee6d5 [NETFILTER]: x_ta... |
50 |
.match = length_mt6, |
4470bbc74 [NETFILTER]: x_ta... |
51 52 53 |
.matchsize = sizeof(struct xt_length_info), .me = THIS_MODULE, }, |
2e4e6a17a [NETFILTER] x_tab... |
54 |
}; |
d3c5ee6d5 [NETFILTER]: x_ta... |
55 |
static int __init length_mt_init(void) |
2e4e6a17a [NETFILTER] x_tab... |
56 |
{ |
d3c5ee6d5 [NETFILTER]: x_ta... |
57 |
return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg)); |
2e4e6a17a [NETFILTER] x_tab... |
58 |
} |
d3c5ee6d5 [NETFILTER]: x_ta... |
59 |
static void __exit length_mt_exit(void) |
2e4e6a17a [NETFILTER] x_tab... |
60 |
{ |
d3c5ee6d5 [NETFILTER]: x_ta... |
61 |
xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg)); |
2e4e6a17a [NETFILTER] x_tab... |
62 |
} |
d3c5ee6d5 [NETFILTER]: x_ta... |
63 64 |
module_init(length_mt_init); module_exit(length_mt_exit); |