libipt_ttl.c revision 703828fffcbcefa7adf1b835ffe930d91dcb75d7
1/* Shared library add-on to iptables to add TTL matching support 2 * (C) 2000 by Harald Welte <laforge@gnumonks.org> 3 * 4 * Version: 1.3 5 * 6 * This program is released under the terms of GNU GPL */ 7 8#include <stdio.h> 9#include <stdlib.h> 10#include <string.h> 11#include <getopt.h> 12#include <iptables.h> 13 14#include <linux/netfilter_ipv4/ip_tables.h> 15#include <linux/netfilter_ipv4/ipt_ttl.h> 16 17static void help(void) 18{ 19 printf( 20"TTL match v%s options:\n" 21" --ttl value Match time to live value\n", NETFILTER_VERSION); 22} 23 24static void init(struct ipt_entry_match *m, unsigned int *nfcache) 25{ 26 /* caching not yet implemented */ 27} 28 29static int parse(int c, char **argv, int invert, unsigned int *flags, 30 const struct ipt_entry *entry, unsigned int *nfcache, 31 struct ipt_entry_match **match) 32{ 33 struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data; 34 u_int8_t value; 35 36 switch (c) { 37 case '1': 38 if (check_inverse(optarg, &invert)) 39 optind++; 40 value = atoi(argv[optind-1]); 41 42 /* is 0 allowed? */ 43 info->ttl = value; 44 if (invert) 45 info->invert = 1; 46 break; 47 default: 48 return 0; 49 50 } 51 52 return 1; 53} 54 55static void final_check(unsigned int flags) 56{ 57 if (!flags) 58 exit_error(PARAMETER_PROBLEM, 59 "TTL match: You must specify `--ttl'"); 60} 61 62static void print(const struct ipt_ip *ip, 63 const struct ipt_entry_match *match, 64 int numeric) 65{ 66 const struct ipt_ttl_info *info = 67 (struct ipt_ttl_info *) match->data; 68 69 printf("TTL match "); 70 if (info->invert) 71 printf("!"); 72 printf("%u ", info->ttl); 73} 74 75static void save(const struct ipt_ip *ip, 76 const struct ipt_entry_match *match) 77{ 78 const struct ipt_ttl_info *info = 79 (struct ipt_ttl_info *) match->data; 80 81 printf("--ttl "); 82 if (info->invert) 83 printf("!"); 84 printf("%u ", info->ttl); 85} 86 87static struct option opts[] = { 88 { "ttl", 0, '1' }, 89 { 0 } 90}; 91 92struct iptables_match ttl = { 93 NULL, 94 "ttl", 95 NETFILTER_VERSION, 96 IPT_ALIGN(sizeof(struct ipt_ttl_info)), 97 IPT_ALIGN(sizeof(struct ipt_ttl_info)), 98 &help, 99 &init, 100 &parse, 101 &final_check, 102 &print, 103 &save, 104 opts 105}; 106 107 108void _init(void) 109{ 110 register_match(&ttl); 111} 112