projects / linux.git / blame
| Commit | Line | Data |
|---|---|---|
| 17b0d7ef JE |
1 | /* |
| 2 | * xt_mark - Netfilter module to match NFMARK value | |
| 3 | * | |
| 4 | * (C) 1999-2001 Marc Boucher <[email protected]> | |
| 5 | * Copyright © CC Computer Consultants GmbH, 2007 - 2008 | |
| 4725c728 | 6 | * Jan Engelhardt <[email protected]> |
| 1da177e4 | 7 | * |
| 17b0d7ef JE |
8 | * This program is free software; you can redistribute it and/or modify |
| 9 | * it under the terms of the GNU General Public License version 2 as | |
| 10 | * published by the Free Software Foundation. | |
| 1da177e4 LT |
11 | */ |
| 12 | ||
| 13 | #include <linux/module.h> | |
| 14 | #include <linux/skbuff.h> | |
| 15 | ||
| 2e4e6a17 HW |
16 | #include <linux/netfilter/xt_mark.h> |
| 17 | #include <linux/netfilter/x_tables.h> | |
| 1da177e4 LT |
18 | |
| 19 | MODULE_LICENSE("GPL"); | |
| 20 | MODULE_AUTHOR("Marc Boucher <[email protected]>"); | |
| 28b94988 | 21 | MODULE_DESCRIPTION("Xtables: packet mark operations"); |
| 2e4e6a17 HW |
22 | MODULE_ALIAS("ipt_mark"); |
| 23 | MODULE_ALIAS("ip6t_mark"); | |
| 28b94988 JE |
24 | MODULE_ALIAS("ipt_MARK"); |
| 25 | MODULE_ALIAS("ip6t_MARK"); | |
| 26 | ||
| 27 | static unsigned int | |
| 4b560b44 | 28 | mark_tg(struct sk_buff *skb, const struct xt_action_param *par) |
| 28b94988 JE |
29 | { |
| 30 | const struct xt_mark_tginfo2 *info = par->targinfo; | |
| 31 | ||
| 32 | skb->mark = (skb->mark & ~info->mask) ^ info->mark; | |
| 33 | return XT_CONTINUE; | |
| 34 | } | |
| 1da177e4 | 35 | |
| 1d93a9cb | 36 | static bool |
| 62fc8051 | 37 | mark_mt(const struct sk_buff *skb, struct xt_action_param *par) |
| 1da177e4 | 38 | { |
| f7108a20 | 39 | const struct xt_mark_mtinfo1 *info = par->matchinfo; |
| 1da177e4 | 40 | |
| 82e91ffe | 41 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; |
| 1da177e4 LT |
42 | } |
| 43 | ||
| 28b94988 JE |
44 | static struct xt_target mark_tg_reg __read_mostly = { |
| 45 | .name = "MARK", | |
| 46 | .revision = 2, | |
| 47 | .family = NFPROTO_UNSPEC, | |
| 48 | .target = mark_tg, | |
| 49 | .targetsize = sizeof(struct xt_mark_tginfo2), | |
| 50 | .me = THIS_MODULE, | |
| 51 | }; | |
| 52 | ||
| 4725c728 JE |
53 | static struct xt_match mark_mt_reg __read_mostly = { |
| 54 | .name = "mark", | |
| 55 | .revision = 1, | |
| 56 | .family = NFPROTO_UNSPEC, | |
| 57 | .match = mark_mt, | |
| 58 | .matchsize = sizeof(struct xt_mark_mtinfo1), | |
| 59 | .me = THIS_MODULE, | |
| 1da177e4 LT |
60 | }; |
| 61 | ||
| d3c5ee6d | 62 | static int __init mark_mt_init(void) |
| 1da177e4 | 63 | { |
| 28b94988 JE |
64 | int ret; |
| 65 | ||
| 66 | ret = xt_register_target(&mark_tg_reg); | |
| 67 | if (ret < 0) | |
| 68 | return ret; | |
| 69 | ret = xt_register_match(&mark_mt_reg); | |
| 70 | if (ret < 0) { | |
| 71 | xt_unregister_target(&mark_tg_reg); | |
| 72 | return ret; | |
| 73 | } | |
| 74 | return 0; | |
| 1da177e4 LT |
75 | } |
| 76 | ||
| d3c5ee6d | 77 | static void __exit mark_mt_exit(void) |
| 1da177e4 | 78 | { |
| 4725c728 | 79 | xt_unregister_match(&mark_mt_reg); |
| 28b94988 | 80 | xt_unregister_target(&mark_tg_reg); |
| 1da177e4 LT |
81 | } |
| 82 | ||
| d3c5ee6d JE |
83 | module_init(mark_mt_init); |
| 84 | module_exit(mark_mt_exit); |