tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / net / netfilter / xt_length.c
at v2.6.27-rc9 76 lines 2.2 kB view raw
1/* Kernel module to match packet length. */ 2/* (C) 1999-2001 James Morris <jmorros@intercode.com.au> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License version 2 as 6 * published by the Free Software Foundation. 7 */ 8 9#include <linux/module.h> 10#include <linux/skbuff.h> 11#include <linux/ipv6.h> 12#include <net/ip.h> 13 14#include <linux/netfilter/xt_length.h> 15#include <linux/netfilter/x_tables.h> 16 17MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); 18MODULE_DESCRIPTION("Xtables: Packet length (Layer3,4,5) match"); 19MODULE_LICENSE("GPL"); 20MODULE_ALIAS("ipt_length"); 21MODULE_ALIAS("ip6t_length"); 22 23static bool 24length_mt(const struct sk_buff *skb, const struct net_device *in, 25 const struct net_device *out, const struct xt_match *match, 26 const void *matchinfo, int offset, unsigned int protoff, 27 bool *hotdrop) 28{ 29 const struct xt_length_info *info = matchinfo; 30 u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len); 31 32 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 33} 34 35static bool 36length_mt6(const struct sk_buff *skb, const struct net_device *in, 37 const struct net_device *out, const struct xt_match *match, 38 const void *matchinfo, int offset, unsigned int protoff, 39 bool *hotdrop) 40{ 41 const struct xt_length_info *info = matchinfo; 42 const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) + 43 sizeof(struct ipv6hdr); 44 45 return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 46} 47 48static struct xt_match length_mt_reg[] __read_mostly = { 49 { 50 .name = "length", 51 .family = AF_INET, 52 .match = length_mt, 53 .matchsize = sizeof(struct xt_length_info), 54 .me = THIS_MODULE, 55 }, 56 { 57 .name = "length", 58 .family = AF_INET6, 59 .match = length_mt6, 60 .matchsize = sizeof(struct xt_length_info), 61 .me = THIS_MODULE, 62 }, 63}; 64 65static int __init length_mt_init(void) 66{ 67 return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg)); 68} 69 70static void __exit length_mt_exit(void) 71{ 72 xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg)); 73} 74 75module_init(length_mt_init); 76module_exit(length_mt_exit);