net/netfilter/xt_MARK.c at v2.6.24-rc1

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / net / netfilter / xt_MARK.c
at v2.6.24-rc1 185 lines 4.3 kB view raw
wrap content
  1/* This is a module which is used for setting the NFMARK field of an skb. */
  2
  3/* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
  4 *
  5 * This program is free software; you can redistribute it and/or modify
  6 * it under the terms of the GNU General Public License version 2 as
  7 * published by the Free Software Foundation.
  8 */
  9
 10#include <linux/module.h>
 11#include <linux/skbuff.h>
 12#include <linux/ip.h>
 13#include <net/checksum.h>
 14
 15#include <linux/netfilter/x_tables.h>
 16#include <linux/netfilter/xt_MARK.h>
 17
 18MODULE_LICENSE("GPL");
 19MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
 20MODULE_DESCRIPTION("ip[6]tables MARK modification module");
 21MODULE_ALIAS("ipt_MARK");
 22MODULE_ALIAS("ip6t_MARK");
 23
 24static unsigned int
 25target_v0(struct sk_buff *skb,
 26	  const struct net_device *in,
 27	  const struct net_device *out,
 28	  unsigned int hooknum,
 29	  const struct xt_target *target,
 30	  const void *targinfo)
 31{
 32	const struct xt_mark_target_info *markinfo = targinfo;
 33
 34	skb->mark = markinfo->mark;
 35	return XT_CONTINUE;
 36}
 37
 38static unsigned int
 39target_v1(struct sk_buff *skb,
 40	  const struct net_device *in,
 41	  const struct net_device *out,
 42	  unsigned int hooknum,
 43	  const struct xt_target *target,
 44	  const void *targinfo)
 45{
 46	const struct xt_mark_target_info_v1 *markinfo = targinfo;
 47	int mark = 0;
 48
 49	switch (markinfo->mode) {
 50	case XT_MARK_SET:
 51		mark = markinfo->mark;
 52		break;
 53
 54	case XT_MARK_AND:
 55		mark = skb->mark & markinfo->mark;
 56		break;
 57
 58	case XT_MARK_OR:
 59		mark = skb->mark | markinfo->mark;
 60		break;
 61	}
 62
 63	skb->mark = mark;
 64	return XT_CONTINUE;
 65}
 66
 67
 68static bool
 69checkentry_v0(const char *tablename,
 70	      const void *entry,
 71	      const struct xt_target *target,
 72	      void *targinfo,
 73	      unsigned int hook_mask)
 74{
 75	const struct xt_mark_target_info *markinfo = targinfo;
 76
 77	if (markinfo->mark > 0xffffffff) {
 78		printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
 79		return false;
 80	}
 81	return true;
 82}
 83
 84static bool
 85checkentry_v1(const char *tablename,
 86	      const void *entry,
 87	      const struct xt_target *target,
 88	      void *targinfo,
 89	      unsigned int hook_mask)
 90{
 91	const struct xt_mark_target_info_v1 *markinfo = targinfo;
 92
 93	if (markinfo->mode != XT_MARK_SET
 94	    && markinfo->mode != XT_MARK_AND
 95	    && markinfo->mode != XT_MARK_OR) {
 96		printk(KERN_WARNING "MARK: unknown mode %u\n",
 97		       markinfo->mode);
 98		return false;
 99	}
100	if (markinfo->mark > 0xffffffff) {
101		printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
102		return false;
103	}
104	return true;
105}
106
107#ifdef CONFIG_COMPAT
108struct compat_xt_mark_target_info_v1 {
109	compat_ulong_t	mark;
110	u_int8_t	mode;
111	u_int8_t	__pad1;
112	u_int16_t	__pad2;
113};
114
115static void compat_from_user_v1(void *dst, void *src)
116{
117	const struct compat_xt_mark_target_info_v1 *cm = src;
118	struct xt_mark_target_info_v1 m = {
119		.mark	= cm->mark,
120		.mode	= cm->mode,
121	};
122	memcpy(dst, &m, sizeof(m));
123}
124
125static int compat_to_user_v1(void __user *dst, void *src)
126{
127	const struct xt_mark_target_info_v1 *m = src;
128	struct compat_xt_mark_target_info_v1 cm = {
129		.mark	= m->mark,
130		.mode	= m->mode,
131	};
132	return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
133}
134#endif /* CONFIG_COMPAT */
135
136static struct xt_target xt_mark_target[] __read_mostly = {
137	{
138		.name		= "MARK",
139		.family		= AF_INET,
140		.revision	= 0,
141		.checkentry	= checkentry_v0,
142		.target		= target_v0,
143		.targetsize	= sizeof(struct xt_mark_target_info),
144		.table		= "mangle",
145		.me		= THIS_MODULE,
146	},
147	{
148		.name		= "MARK",
149		.family		= AF_INET,
150		.revision	= 1,
151		.checkentry	= checkentry_v1,
152		.target		= target_v1,
153		.targetsize	= sizeof(struct xt_mark_target_info_v1),
154#ifdef CONFIG_COMPAT
155		.compatsize	= sizeof(struct compat_xt_mark_target_info_v1),
156		.compat_from_user = compat_from_user_v1,
157		.compat_to_user	= compat_to_user_v1,
158#endif
159		.table		= "mangle",
160		.me		= THIS_MODULE,
161	},
162	{
163		.name		= "MARK",
164		.family		= AF_INET6,
165		.revision	= 0,
166		.checkentry	= checkentry_v0,
167		.target		= target_v0,
168		.targetsize	= sizeof(struct xt_mark_target_info),
169		.table		= "mangle",
170		.me		= THIS_MODULE,
171	},
172};
173
174static int __init xt_mark_init(void)
175{
176	return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
177}
178
179static void __exit xt_mark_fini(void)
180{
181	xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
182}
183
184module_init(xt_mark_init);
185module_exit(xt_mark_fini);
Configure Feed

Configure Feed
