libipt_ttl.c revision bf97128c7262f17a02fec41cdae75b472ba77f88
1/* Shared library add-on to iptables to add TTL matching support 2 * (C) 2000 by Harald Welte <laforge@gnumonks.org> 3 * 4 * $Id$ 5 * 6 * This program is released under the terms of GNU GPL */ 7 8#include <stdio.h> 9#include <stdlib.h> 10#include <string.h> 11#include <getopt.h> 12#include <xtables.h> 13 14#include <linux/netfilter_ipv4/ipt_ttl.h> 15 16static void ttl_help(void) 17{ 18 printf( 19"ttl match options:\n" 20" --ttl-eq value Match time to live value\n" 21" --ttl-lt value Match TTL < value\n" 22" --ttl-gt value Match TTL > value\n"); 23} 24 25static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, 26 const void *entry, struct xt_entry_match **match) 27{ 28 struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data; 29 unsigned int value; 30 31 xtables_check_inverse(optarg, &invert, &optind, 0, argv); 32 33 switch (c) { 34 case '2': 35 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 36 xtables_error(PARAMETER_PROBLEM, 37 "ttl: Expected value between 0 and 255"); 38 39 if (invert) 40 info->mode = IPT_TTL_NE; 41 else 42 info->mode = IPT_TTL_EQ; 43 44 /* is 0 allowed? */ 45 info->ttl = value; 46 break; 47 case '3': 48 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 49 xtables_error(PARAMETER_PROBLEM, 50 "ttl: Expected value between 0 and 255"); 51 52 if (invert) 53 xtables_error(PARAMETER_PROBLEM, 54 "ttl: unexpected `!'"); 55 56 info->mode = IPT_TTL_LT; 57 info->ttl = value; 58 break; 59 case '4': 60 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) 61 xtables_error(PARAMETER_PROBLEM, 62 "ttl: Expected value between 0 and 255"); 63 64 if (invert) 65 xtables_error(PARAMETER_PROBLEM, 66 "ttl: unexpected `!'"); 67 68 info->mode = IPT_TTL_GT; 69 info->ttl = value; 70 break; 71 default: 72 return 0; 73 74 } 75 76 if (*flags) 77 xtables_error(PARAMETER_PROBLEM, 78 "Can't specify TTL option twice"); 79 *flags = 1; 80 81 return 1; 82} 83 84static void ttl_check(unsigned int flags) 85{ 86 if (!flags) 87 xtables_error(PARAMETER_PROBLEM, 88 "TTL match: You must specify one of " 89 "`--ttl-eq', `--ttl-lt', `--ttl-gt"); 90} 91 92static void ttl_print(const void *ip, const struct xt_entry_match *match, 93 int numeric) 94{ 95 const struct ipt_ttl_info *info = 96 (struct ipt_ttl_info *) match->data; 97 98 printf("TTL match "); 99 switch (info->mode) { 100 case IPT_TTL_EQ: 101 printf("TTL == "); 102 break; 103 case IPT_TTL_NE: 104 printf("TTL != "); 105 break; 106 case IPT_TTL_LT: 107 printf("TTL < "); 108 break; 109 case IPT_TTL_GT: 110 printf("TTL > "); 111 break; 112 } 113 printf("%u ", info->ttl); 114} 115 116static void ttl_save(const void *ip, const struct xt_entry_match *match) 117{ 118 const struct ipt_ttl_info *info = 119 (struct ipt_ttl_info *) match->data; 120 121 switch (info->mode) { 122 case IPT_TTL_EQ: 123 printf("--ttl-eq "); 124 break; 125 case IPT_TTL_NE: 126 printf("! --ttl-eq "); 127 break; 128 case IPT_TTL_LT: 129 printf("--ttl-lt "); 130 break; 131 case IPT_TTL_GT: 132 printf("--ttl-gt "); 133 break; 134 default: 135 /* error */ 136 break; 137 } 138 printf("%u ", info->ttl); 139} 140 141static const struct option ttl_opts[] = { 142 { "ttl", 1, NULL, '2' }, 143 { "ttl-eq", 1, NULL, '2'}, 144 { "ttl-lt", 1, NULL, '3'}, 145 { "ttl-gt", 1, NULL, '4'}, 146 { .name = NULL } 147}; 148 149static struct xtables_match ttl_mt_reg = { 150 .name = "ttl", 151 .version = XTABLES_VERSION, 152 .family = NFPROTO_IPV4, 153 .size = XT_ALIGN(sizeof(struct ipt_ttl_info)), 154 .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)), 155 .help = ttl_help, 156 .parse = ttl_parse, 157 .final_check = ttl_check, 158 .print = ttl_print, 159 .save = ttl_save, 160 .extra_opts = ttl_opts, 161}; 162 163 164void _init(void) 165{ 166 xtables_register_match(&ttl_mt_reg); 167} 168