首頁 探索 說明
登入
SoftwareDesign
/
csu3_am335x
8
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
csu3_am335x
/
EVSE
/
GPL
/
iptables-1.4.18
/
extensions
/
libip6t_hl.c

libip6t_hl.c 2.9 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 
  1. /*
    2. 

  2.  * IPv6 Hop Limit matching module
    3. 

  3.  * Maciej Soltysiak <solt@dns.toxicfilms.tv>
    4. 

  4.  * Based on HW's ttl match
    5. 

  5.  * This program is released under the terms of GNU GPL
    6. 

  6.  * Cleanups by Stephane Ouellette <ouellettes@videotron.ca>
    7. 

  7.  */
    8. 

  8. #include <stdio.h>
    9. 

  9. #include <xtables.h>
    10. 

  10. #include <linux/netfilter_ipv6/ip6t_hl.h>
    11. 

  11. 

  12. enum {
    13. 

  13. 	O_HL_EQ = 0,
    14. 

  14. 	O_HL_LT,
    15. 

  15. 	O_HL_GT,
    16. 

  16. 	F_HL_EQ = 1 << O_HL_EQ,
    17. 

  17. 	F_HL_LT = 1 << O_HL_LT,
    18. 

  18. 	F_HL_GT = 1 << O_HL_GT,
    19. 

  19. 	F_ANY  = F_HL_EQ | F_HL_LT | F_HL_GT,
    20. 

  20. };
    21. 

  21. 

  22. static void hl_help(void)
    23. 

  23. {
    24. 

  24. 	printf(
    25. 

  25. "hl match options:\n"
    26. 

  26. "[!] --hl-eq value	Match hop limit value\n"
    27. 

  27. "  --hl-lt value	Match HL < value\n"
    28. 

  28. "  --hl-gt value	Match HL > value\n");
    29. 

  29. }
    30. 

  30. 

  31. static void hl_parse(struct xt_option_call *cb)
    32. 

  32. {
    33. 

  33. 	struct ip6t_hl_info *info = cb->data;
    34. 

  34. 

  35. 	xtables_option_parse(cb);
    36. 

  36. 	switch (cb->entry->id) {
    37. 

  37. 	case O_HL_EQ:
    38. 

  38. 		info->mode = cb->invert ? IP6T_HL_NE : IP6T_HL_EQ;
    39. 

  39. 		break;
    40. 

  40. 	case O_HL_LT:
    41. 

  41. 		info->mode = IP6T_HL_LT;
    42. 

  42. 		break;
    43. 

  43. 	case O_HL_GT:
    44. 

  44. 		info->mode = IP6T_HL_GT;
    45. 

  45. 		break;
    46. 

  46. 	}
    47. 

  47. }
    48. 

  48. 

  49. static void hl_check(struct xt_fcheck_call *cb)
    50. 

  50. {
    51. 

  51. 	if (!(cb->xflags & F_ANY))
    52. 

  52. 		xtables_error(PARAMETER_PROBLEM,
    53. 

  53. 			"HL match: You must specify one of "
    54. 

  54. 			"`--hl-eq', `--hl-lt', `--hl-gt'");
    55. 

  55. }
    56. 

  56. 

  57. static void hl_print(const void *ip, const struct xt_entry_match *match,
    58. 

  58.                      int numeric)
    59. 

  59. {
    60. 

  60. 	static const char *const op[] = {
    61. 

  61. 		[IP6T_HL_EQ] = "==",
    62. 

  62. 		[IP6T_HL_NE] = "!=",
    63. 

  63. 		[IP6T_HL_LT] = "<",
    64. 

  64. 		[IP6T_HL_GT] = ">" };
    65. 

  65. 

  66. 	const struct ip6t_hl_info *info = 
    67. 

  67. 		(struct ip6t_hl_info *) match->data;
    68. 

  68. 

  69. 	printf(" HL match HL %s %u", op[info->mode], info->hop_limit);
    70. 

  70. }
    71. 

  71. 

  72. static void hl_save(const void *ip, const struct xt_entry_match *match)
    73. 

  73. {
    74. 

  74. 	static const char *const op[] = {
    75. 

  75. 		[IP6T_HL_EQ] = "--hl-eq",
    76. 

  76. 		[IP6T_HL_NE] = "! --hl-eq",
    77. 

  77. 		[IP6T_HL_LT] = "--hl-lt",
    78. 

  78. 		[IP6T_HL_GT] = "--hl-gt" };
    79. 

  79. 

  80. 	const struct ip6t_hl_info *info =
    81. 

  81. 		(struct ip6t_hl_info *) match->data;
    82. 

  82. 

  83. 	printf(" %s %u", op[info->mode], info->hop_limit);
    84. 

  84. }
    85. 

  85. 

  86. #define s struct ip6t_hl_info
    87. 

  87. static const struct xt_option_entry hl_opts[] = {
    88. 

  88. 	{.name = "hl-lt", .id = O_HL_LT, .excl = F_ANY, .type = XTTYPE_UINT8,
    89. 

  89. 	 .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)},
    90. 

  90. 	{.name = "hl-gt", .id = O_HL_GT, .excl = F_ANY, .type = XTTYPE_UINT8,
    91. 

  91. 	 .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)},
    92. 

  92. 	{.name = "hl-eq", .id = O_HL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8,
    93. 

  93. 	 .flags = XTOPT_INVERT | XTOPT_PUT, XTOPT_POINTER(s, hop_limit)},
    94. 

  94. 	{.name = "hl", .id = O_HL_EQ, .excl = F_ANY, .type = XTTYPE_UINT8,
    95. 

  95. 	 .flags = XTOPT_PUT, XTOPT_POINTER(s, hop_limit)},
    96. 

  96. 	XTOPT_TABLEEND,
    97. 

  97. };
    98. 

  98. #undef s
    99. 

  99. 

  100. static struct xtables_match hl_mt6_reg = {
    101. 

  101. 	.name          = "hl",
    102. 

  102. 	.version       = XTABLES_VERSION,
    103. 

  103. 	.family        = NFPROTO_IPV6,
    104. 

  104. 	.size          = XT_ALIGN(sizeof(struct ip6t_hl_info)),
    105. 

  105. 	.userspacesize = XT_ALIGN(sizeof(struct ip6t_hl_info)),
    106. 

  106. 	.help          = hl_help,
    107. 

  107. 	.print         = hl_print,
    108. 

  108. 	.save          = hl_save,
    109. 

  109. 	.x6_parse      = hl_parse,
    110. 

  110. 	.x6_fcheck     = hl_check,
    111. 

  111. 	.x6_options    = hl_opts,
    112. 

  112. };
    113. 

  113. 

  114. 

  115. void _init(void) 
    116. 

  116. {
    117. 

  117. 	xtables_register_match(&hl_mt6_reg);
    118. 

  118. }
    119.