Eric Lee / smarc-fsl-linux-kernel

Blame view

net/netfilter/xt_HL.c 3.72 KB

563d36eb3 Jan Engelhardt netfilter: Combin...	1 2 3 4 5 6 7 8 9 10 11	/* * TTL modification target for IP tables * (C) 2000,2005 by Harald Welte <laforge@netfilter.org> * * Hop Limit modification target for ip6tables * Maciej Soltysiak <solt@dns.toxicfilms.tv> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. */
8bee4bad0 Jan Engelhardt netfilter: xt ext...	12	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
563d36eb3 Jan Engelhardt netfilter: Combin...	13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28	#include <linux/module.h> #include <linux/skbuff.h> #include <linux/ip.h> #include <linux/ipv6.h> #include <net/checksum.h> #include <linux/netfilter/x_tables.h> #include <linux/netfilter_ipv4/ipt_TTL.h> #include <linux/netfilter_ipv6/ip6t_HL.h> MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); MODULE_DESCRIPTION("Xtables: Hoplimit/TTL Limit field modification target"); MODULE_LICENSE("GPL"); static unsigned int
4b560b447 Jan Engelhardt netfilter: xtable...	29	ttl_tg(struct sk_buff skb, const struct xt_action_param par)
563d36eb3 Jan Engelhardt netfilter: Combin...	30 31 32 33 34 35 36 37 38 39 40	{ struct iphdr iph; const struct ipt_TTL_info info = par->targinfo; int new_ttl; if (!skb_make_writable(skb, skb->len)) return NF_DROP; iph = ip_hdr(skb); switch (info->mode) {
181b1e9ce Joe Perches netfilter: Reduce...	41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56	case IPT_TTL_SET: new_ttl = info->ttl; break; case IPT_TTL_INC: new_ttl = iph->ttl + info->ttl; if (new_ttl > 255) new_ttl = 255; break; case IPT_TTL_DEC: new_ttl = iph->ttl - info->ttl; if (new_ttl < 0) new_ttl = 0; break; default: new_ttl = iph->ttl; break;
563d36eb3 Jan Engelhardt netfilter: Combin...	57 58 59 60 61 62 63 64 65 66 67 68	} if (new_ttl != iph->ttl) { csum_replace2(&iph->check, htons(iph->ttl << 8), htons(new_ttl << 8)); iph->ttl = new_ttl; } return XT_CONTINUE; } static unsigned int
4b560b447 Jan Engelhardt netfilter: xtable...	69	hl_tg6(struct sk_buff skb, const struct xt_action_param par)
563d36eb3 Jan Engelhardt netfilter: Combin...	70 71 72 73 74 75 76 77 78 79 80	{ struct ipv6hdr ip6h; const struct ip6t_HL_info info = par->targinfo; int new_hl; if (!skb_make_writable(skb, skb->len)) return NF_DROP; ip6h = ipv6_hdr(skb); switch (info->mode) {
181b1e9ce Joe Perches netfilter: Reduce...	81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96	case IP6T_HL_SET: new_hl = info->hop_limit; break; case IP6T_HL_INC: new_hl = ip6h->hop_limit + info->hop_limit; if (new_hl > 255) new_hl = 255; break; case IP6T_HL_DEC: new_hl = ip6h->hop_limit - info->hop_limit; if (new_hl < 0) new_hl = 0; break; default: new_hl = ip6h->hop_limit; break;
563d36eb3 Jan Engelhardt netfilter: Combin...	97 98 99 100 101 102	} ip6h->hop_limit = new_hl; return XT_CONTINUE; }
135367b8f Jan Engelhardt netfilter: xtable...	103	static int ttl_tg_check(const struct xt_tgchk_param *par)
563d36eb3 Jan Engelhardt netfilter: Combin...	104 105 106 107	{ const struct ipt_TTL_info *info = par->targinfo; if (info->mode > IPT_TTL_MAXMODE) {
8bee4bad0 Jan Engelhardt netfilter: xt ext...	108 109	pr_info("TTL: invalid or unknown mode %u ", info->mode);
4a5a5c73b Jan Engelhardt netfilter: xtable...	110	return -EINVAL;
563d36eb3 Jan Engelhardt netfilter: Combin...	111 112	} if (info->mode != IPT_TTL_SET && info->ttl == 0)
d6b00a534 Jan Engelhardt netfilter: xtable...	113 114	return -EINVAL; return 0;
563d36eb3 Jan Engelhardt netfilter: Combin...	115	}
135367b8f Jan Engelhardt netfilter: xtable...	116	static int hl_tg6_check(const struct xt_tgchk_param *par)
563d36eb3 Jan Engelhardt netfilter: Combin...	117 118 119 120	{ const struct ip6t_HL_info *info = par->targinfo; if (info->mode > IP6T_HL_MAXMODE) {
8bee4bad0 Jan Engelhardt netfilter: xt ext...	121 122	pr_info("invalid or unknown mode %u ", info->mode);
d6b00a534 Jan Engelhardt netfilter: xtable...	123	return -EINVAL;
563d36eb3 Jan Engelhardt netfilter: Combin...	124 125	} if (info->mode != IP6T_HL_SET && info->hop_limit == 0) {
8bee4bad0 Jan Engelhardt netfilter: xt ext...	126	pr_info("increment/decrement does not "
563d36eb3 Jan Engelhardt netfilter: Combin...	127 128	"make sense with value 0 ");
d6b00a534 Jan Engelhardt netfilter: xtable...	129	return -EINVAL;
563d36eb3 Jan Engelhardt netfilter: Combin...	130	}
d6b00a534 Jan Engelhardt netfilter: xtable...	131	return 0;
563d36eb3 Jan Engelhardt netfilter: Combin...	132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170	} static struct xt_target hl_tg_reg[] __read_mostly = { { .name = "TTL", .revision = 0, .family = NFPROTO_IPV4, .target = ttl_tg, .targetsize = sizeof(struct ipt_TTL_info), .table = "mangle", .checkentry = ttl_tg_check, .me = THIS_MODULE, }, { .name = "HL", .revision = 0, .family = NFPROTO_IPV6, .target = hl_tg6, .targetsize = sizeof(struct ip6t_HL_info), .table = "mangle", .checkentry = hl_tg6_check, .me = THIS_MODULE, }, }; static int __init hl_tg_init(void) { return xt_register_targets(hl_tg_reg, ARRAY_SIZE(hl_tg_reg)); } static void __exit hl_tg_exit(void) { xt_unregister_targets(hl_tg_reg, ARRAY_SIZE(hl_tg_reg)); } module_init(hl_tg_init); module_exit(hl_tg_exit); MODULE_ALIAS("ipt_TTL"); MODULE_ALIAS("ip6t_HL");