libipt_ttl.c revision 73866357e4a7a0fdc1b293bf8863fee2bd56da9e
1/* Shared library add-on to iptables to add TTL matching support 2 * (C) 2000 by Harald Welte <laforge@gnumonks.org> 3 * 4 * $Id$ 5 * 6 * This program is released under the terms of GNU GPL */ 7#include <stdbool.h> 8#include <stdio.h> 9#include <stdlib.h> 10#include <string.h> 11#include <getopt.h> 12#include <xtables.h> 13 14#include <linux/netfilter_ipv4/ipt_ttl.h> 15 16static void ttl_help(void) 17{ 18 printf( 19"ttl match options:\n" 20" --ttl-eq value Match time to live value\n" 21" --ttl-lt value Match TTL < value\n" 22" --ttl-gt value Match TTL > value\n"); 23} 24 25static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, 26 const void *entry, struct xt_entry_match **match) 27{ 28 struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data; 29 unsigned int value; 30 31 xtables_check_inverse(optarg, &invert, &optind, 0, argv); 32 33 switch (c) { 34 case '2': 35 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 36 xtables_error(PARAMETER_PROBLEM, 37 "ttl: Expected value between 0 and 255"); 38 39 if (invert) 40 info->mode = IPT_TTL_NE; 41 else 42 info->mode = IPT_TTL_EQ; 43 44 /* is 0 allowed? */ 45 info->ttl = value; 46 break; 47 case '3': 48 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 49 xtables_error(PARAMETER_PROBLEM, 50 "ttl: Expected value between 0 and 255"); 51 52 if (invert) 53 xtables_error(PARAMETER_PROBLEM, 54 "ttl: unexpected `!'"); 55 56 info->mode = IPT_TTL_LT; 57 info->ttl = value; 58 break; 59 case '4': 60 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 61 xtables_error(PARAMETER_PROBLEM, 62 "ttl: Expected value between 0 and 255"); 63 64 if (invert) 65 xtables_error(PARAMETER_PROBLEM, 66 "ttl: unexpected `!'"); 67 68 info->mode = IPT_TTL_GT; 69 info->ttl = value; 70 break; 71 } 72 73 if (*flags) 74 xtables_error(PARAMETER_PROBLEM, 75 "Can't specify TTL option twice"); 76 *flags = 1; 77 78 return 1; 79} 80 81static void ttl_check(unsigned int flags) 82{ 83 if (!flags) 84 xtables_error(PARAMETER_PROBLEM, 85 "TTL match: You must specify one of " 86 "`--ttl-eq', `--ttl-lt', `--ttl-gt"); 87} 88 89static void ttl_print(const void *ip, const struct xt_entry_match *match, 90 int numeric) 91{ 92 const struct ipt_ttl_info *info = 93 (struct ipt_ttl_info *) match->data; 94 95 printf(" TTL match "); 96 switch (info->mode) { 97 case IPT_TTL_EQ: 98 printf("TTL =="); 99 break; 100 case IPT_TTL_NE: 101 printf("TTL !="); 102 break; 103 case IPT_TTL_LT: 104 printf("TTL <"); 105 break; 106 case IPT_TTL_GT: 107 printf("TTL >"); 108 break; 109 } 110 printf(" %u", info->ttl); 111} 112 113static void ttl_save(const void *ip, const struct xt_entry_match *match) 114{ 115 const struct ipt_ttl_info *info = 116 (struct ipt_ttl_info *) match->data; 117 118 switch (info->mode) { 119 case IPT_TTL_EQ: 120 printf(" --ttl-eq"); 121 break; 122 case IPT_TTL_NE: 123 printf(" ! --ttl-eq"); 124 break; 125 case IPT_TTL_LT: 126 printf(" --ttl-lt"); 127 break; 128 case IPT_TTL_GT: 129 printf(" --ttl-gt"); 130 break; 131 default: 132 /* error */ 133 break; 134 } 135 printf(" %u", info->ttl); 136} 137 138static const struct option ttl_opts[] = { 139 {.name = "ttl", .has_arg = true, .val = '2'}, 140 {.name = "ttl-eq", .has_arg = true, .val = '2'}, 141 {.name = "ttl-lt", .has_arg = true, .val = '3'}, 142 {.name = "ttl-gt", .has_arg = true, .val = '4'}, 143 XT_GETOPT_TABLEEND, 144}; 145 146static struct xtables_match ttl_mt_reg = { 147 .name = "ttl", 148 .version = XTABLES_VERSION, 149 .family = NFPROTO_IPV4, 150 .size = XT_ALIGN(sizeof(struct ipt_ttl_info)), 151 .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)), 152 .help = ttl_help, 153 .parse = ttl_parse, 154 .final_check = ttl_check, 155 .print = ttl_print, 156 .save = ttl_save, 157 .extra_opts = ttl_opts, 158}; 159 160 161void _init(void) 162{ 163 xtables_register_match(&ttl_mt_reg); 164} 165