tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / net / netfilter / xt_length.c
at v2.6.18-rc1 91 lines 2.3 kB view raw
1/* Kernel module to match packet length. */ 2/* (C) 1999-2001 James Morris <jmorros@intercode.com.au> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License version 2 as 6 * published by the Free Software Foundation. 7 */ 8 9#include <linux/module.h> 10#include <linux/skbuff.h> 11#include <linux/ipv6.h> 12#include <net/ip.h> 13 14#include <linux/netfilter/xt_length.h> 15#include <linux/netfilter/x_tables.h> 16 17MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); 18MODULE_DESCRIPTION("IP tables packet length matching module"); 19MODULE_LICENSE("GPL"); 20MODULE_ALIAS("ipt_length"); 21MODULE_ALIAS("ip6t_length"); 22 23static int 24match(const struct sk_buff *skb, 25 const struct net_device *in, 26 const struct net_device *out, 27 const struct xt_match *match, 28 const void *matchinfo, 29 int offset, 30 unsigned int protoff, 31 int *hotdrop) 32{ 33 const struct xt_length_info *info = matchinfo; 34 u_int16_t pktlen = ntohs(skb->nh.iph->tot_len); 35 36 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 37} 38 39static int 40match6(const struct sk_buff *skb, 41 const struct net_device *in, 42 const struct net_device *out, 43 const struct xt_match *match, 44 const void *matchinfo, 45 int offset, 46 unsigned int protoff, 47 int *hotdrop) 48{ 49 const struct xt_length_info *info = matchinfo; 50 u_int16_t pktlen = ntohs(skb->nh.ipv6h->payload_len) + sizeof(struct ipv6hdr); 51 52 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 53} 54 55static struct xt_match length_match = { 56 .name = "length", 57 .match = match, 58 .matchsize = sizeof(struct xt_length_info), 59 .family = AF_INET, 60 .me = THIS_MODULE, 61}; 62 63static struct xt_match length6_match = { 64 .name = "length", 65 .match = match6, 66 .matchsize = sizeof(struct xt_length_info), 67 .family = AF_INET6, 68 .me = THIS_MODULE, 69}; 70 71static int __init xt_length_init(void) 72{ 73 int ret; 74 ret = xt_register_match(&length_match); 75 if (ret) 76 return ret; 77 ret = xt_register_match(&length6_match); 78 if (ret) 79 xt_unregister_match(&length_match); 80 81 return ret; 82} 83 84static void __exit xt_length_fini(void) 85{ 86 xt_unregister_match(&length_match); 87 xt_unregister_match(&length6_match); 88} 89 90module_init(xt_length_init); 91module_exit(xt_length_fini);