libxt_CONNMARK.c revision 350661a6eb089f3e54e67e022db9e16ea280499f
1a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom/* Shared library add-on to iptables to add CONNMARK target support. 2a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 3a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> 4a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * by Henrik Nordstrom <hno@marasystems.com> 5a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 6a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * Version 1.1 7a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 8a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * This program is free software; you can redistribute it and/or modify 9a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * it under the terms of the GNU General Public License as published by 10a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * the Free Software Foundation; either version 2 of the License, or 11a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * (at your option) any later version. 12a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 13a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * This program is distributed in the hope that it will be useful, 14a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * but WITHOUT ANY WARRANTY; without even the implied warranty of 15a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * GNU General Public License for more details. 17a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * 18a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * You should have received a copy of the GNU General Public License 19a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * along with this program; if not, write to the Free Software 20a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 21a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom */ 220e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <stdio.h> 230e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <string.h> 240e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <stdlib.h> 250e81d5db9ca61069e213236582deedb61dd38b45Harald Welte#include <getopt.h> 260e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 27f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI#include <xtables.h> 28f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI#include <linux/netfilter/x_tables.h> 29f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI#include <linux/netfilter/xt_CONNMARK.h> 300e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 31350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardtstruct xt_connmark_target_info { 32350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt unsigned long mark; 33350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt unsigned long mask; 34350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt u_int8_t mode; 35350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt}; 36350661a6eb089f3e54e67e022db9e16ea280499fJan Engelhardt 37ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtenum { 38ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt F_MARK = 1 << 0, 39ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt F_SR_MARK = 1 << 1, 400e81d5db9ca61069e213236582deedb61dd38b45Harald Welte}; 410e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 42932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardtstatic void CONNMARK_help(void) 430e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 440e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf( 458b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt"CONNMARK target options:\n" 46a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom" --set-mark value[/mask] Set conntrack mark value\n" 47a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom" --save-mark [--mask mask] Save the packet nfmark in the connection\n" 488b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt" --restore-mark [--mask mask] Restore saved nfmark value\n"); 490e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 500e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 51932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardtstatic const struct option CONNMARK_opts[] = { 52500f483fff529dcd88ec96b9d5054be6cd6363a0Patrick McHardy { "set-mark", 1, NULL, '1' }, 53500f483fff529dcd88ec96b9d5054be6cd6363a0Patrick McHardy { "save-mark", 0, NULL, '2' }, 54500f483fff529dcd88ec96b9d5054be6cd6363a0Patrick McHardy { "restore-mark", 0, NULL, '3' }, 55500f483fff529dcd88ec96b9d5054be6cd6363a0Patrick McHardy { "mask", 1, NULL, '4' }, 569ee386a1b6d7704b259460152c959ab0e79e02aaMax Kellermann { .name = NULL } 570e81d5db9ca61069e213236582deedb61dd38b45Harald Welte}; 580e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 59ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic const struct option connmark_tg_opts[] = { 60ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "set-xmark", .has_arg = true, .val = '='}, 61ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "set-mark", .has_arg = true, .val = '-'}, 62ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "and-mark", .has_arg = true, .val = '&'}, 63ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "or-mark", .has_arg = true, .val = '|'}, 64ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "xor-mark", .has_arg = true, .val = '^'}, 65ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "save-mark", .has_arg = false, .val = 'S'}, 66ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "restore-mark", .has_arg = false, .val = 'R'}, 67ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "ctmask", .has_arg = true, .val = 'c'}, 68ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "nfmask", .has_arg = true, .val = 'n'}, 69ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt {.name = "mask", .has_arg = true, .val = 'm'}, 709ee386a1b6d7704b259460152c959ab0e79e02aaMax Kellermann {.name = NULL}, 71ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt}; 72ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 73ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic void connmark_tg_help(void) 74ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt{ 75ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf( 76ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt"CONNMARK target options:\n" 77ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --set-xmark value[/ctmask] Zero mask bits and XOR ctmark with value\n" 78ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --save-mark [--ctmask mask] [--nfmask mask]\n" 79ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" Copy ctmark to nfmark using masks\n" 80ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --restore-mark [--ctmask mask] [--nfmask mask]\n" 81ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" Copy nfmark to ctmark using masks\n" 82ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --set-mark value[/mask] Set conntrack mark value\n" 83ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --save-mark [--mask mask] Save the packet nfmark in the connection\n" 84ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --restore-mark [--mask mask] Restore saved nfmark value\n" 85ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --and-mark value Binary AND the ctmark with bits\n" 86ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --or-mark value Binary OR the ctmark with bits\n" 87ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt" --xor-mark value Binary XOR the ctmark with bits\n" 88ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt); 89ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt} 90ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 91ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic void connmark_tg_init(struct xt_entry_target *target) 92ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt{ 93ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt struct xt_connmark_tginfo1 *info = (void *)target->data; 94ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 95ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt /* 96ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt * Need these defaults for --save-mark/--restore-mark if no 97ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt * --ctmark or --nfmask is given. 98ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt */ 99a80975497968e69b23f56bf15d346c65bec381f2Jan Engelhardt info->ctmask = UINT32_MAX; 100a80975497968e69b23f56bf15d346c65bec381f2Jan Engelhardt info->nfmask = UINT32_MAX; 101ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt} 102ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 1030e81d5db9ca61069e213236582deedb61dd38b45Harald Weltestatic int 104932e648f38ac16b1ea14c1f66f23951388448c5aJan EngelhardtCONNMARK_parse(int c, char **argv, int invert, unsigned int *flags, 105932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardt const void *entry, struct xt_entry_target **target) 1060e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 107f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI struct xt_connmark_target_info *markinfo 108f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI = (struct xt_connmark_target_info *)(*target)->data; 1090e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 1100e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (c) { 1110e81d5db9ca61069e213236582deedb61dd38b45Harald Welte char *end; 1120e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '1': 113f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI markinfo->mode = XT_CONNMARK_SET; 114361bac2f2c25ecabef125c6a8bb8dfc194bf73f1Deti Fliegl 1150e81d5db9ca61069e213236582deedb61dd38b45Harald Welte markinfo->mark = strtoul(optarg, &end, 0); 116a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (*end == '/' && end[1] != '\0') 117a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom markinfo->mask = strtoul(end+1, &end, 0); 118361bac2f2c25ecabef125c6a8bb8dfc194bf73f1Deti Fliegl 1190e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*end != '\0' || end == optarg) 1201829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); 1210e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 1221829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 1230e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --set-mark twice"); 1240e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1250e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1260e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '2': 127f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI markinfo->mode = XT_CONNMARK_SAVE; 1280e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 1291829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 1300e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --save-mark twice"); 1310e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1320e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 1330e81d5db9ca61069e213236582deedb61dd38b45Harald Welte case '3': 134f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI markinfo->mode = XT_CONNMARK_RESTORE; 1350e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (*flags) 1361829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 1370e81d5db9ca61069e213236582deedb61dd38b45Harald Welte "CONNMARK target: Can't specify --restore-mark twice"); 1380e81d5db9ca61069e213236582deedb61dd38b45Harald Welte *flags = 1; 1390e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 140a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom case '4': 141a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (!*flags) 1421829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 143a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom "CONNMARK target: Can't specify --mask without a operation"); 14402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson markinfo->mask = strtoul(optarg, &end, 0); 145361bac2f2c25ecabef125c6a8bb8dfc194bf73f1Deti Fliegl 146a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom if (*end != '\0' || end == optarg) 1471829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "Bad MASK value \"%s\"", optarg); 148a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom break; 1490e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 1500e81d5db9ca61069e213236582deedb61dd38b45Harald Welte return 0; 1510e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 1520e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 1530e81d5db9ca61069e213236582deedb61dd38b45Harald Welte return 1; 1540e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 1550e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 156ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic int connmark_tg_parse(int c, char **argv, int invert, 157ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt unsigned int *flags, const void *entry, 158ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt struct xt_entry_target **target) 159ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt{ 160ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt struct xt_connmark_tginfo1 *info = (void *)(*target)->data; 161a80975497968e69b23f56bf15d346c65bec381f2Jan Engelhardt unsigned int value, mask = UINT32_MAX; 162ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt char *end; 163ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 164ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt switch (c) { 165ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case '=': /* --set-xmark */ 166ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case '-': /* --set-mark */ 167a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 1685f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX)) 169a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg); 170ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (*end == '/') 1715f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX)) 172a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg); 173ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (*end != '\0') 174a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg); 175ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_SET; 176ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmark = value; 177ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask = mask; 178ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (c == '-') 179ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask |= value; 180ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK; 181ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 182ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 183ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case '&': /* --and-mark */ 184a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 1855f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX)) 186a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--and-mark", optarg); 187ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_SET; 188ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmark = 0; 189ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask = ~mask; 190ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK; 191ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 192ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 193ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case '|': /* --or-mark */ 194a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 1955f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) 196a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--or-mark", optarg); 197ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_SET; 198ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmark = value; 199ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask = value; 200ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK; 201ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 202ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 203ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case '^': /* --xor-mark */ 204a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 2055f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) 206a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--xor-mark", optarg); 207ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_SET; 208ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmark = value; 209ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask = 0; 210ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK; 211ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 212ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 213ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case 'S': /* --save-mark */ 214a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 215ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_SAVE; 216ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK | F_SR_MARK; 217ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 218ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 219ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case 'R': /* --restore-mark */ 220a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK); 221ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->mode = XT_CONNMARK_RESTORE; 222ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt *flags |= F_MARK | F_SR_MARK; 223ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 224ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 225ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case 'n': /* --nfmask */ 226ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (!(*flags & F_SR_MARK)) 2271829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " 228ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "or --restore-mark is required for " 229ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "--nfmask"); 2305f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) 231a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--nfmask", optarg); 232ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->nfmask = value; 233ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 234ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 235ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case 'c': /* --ctmask */ 236ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (!(*flags & F_SR_MARK)) 2371829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " 238ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "or --restore-mark is required for " 239ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "--ctmask"); 2405f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) 241a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--ctmask", optarg); 242ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask = value; 243ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 244ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 245ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case 'm': /* --mask */ 246ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (!(*flags & F_SR_MARK)) 2471829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " 248ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "or --restore-mark is required for " 249ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt "--mask"); 2505f2922cfc0bbfbeb878f5c12e9fb3eb602ae5507Jan Engelhardt if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) 251a41545ca7cde43e0ba53260ba74bd9bf74025a68Jan Engelhardt xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--mask", optarg); 252ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->nfmask = info->ctmask = value; 253ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return true; 254ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt } 255ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 256ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt return false; 257ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt} 258ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 259ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic void connmark_tg_check(unsigned int flags) 2600e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 2610e81d5db9ca61069e213236582deedb61dd38b45Harald Welte if (!flags) 2621829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 263a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom "CONNMARK target: No operation specified"); 2640e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 2650e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 26602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 26702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mark(unsigned long mark) 26802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 26902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("0x%lx", mark); 27002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 27102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 27202964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonstatic void 27302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefssonprint_mask(const char *text, unsigned long mask) 27402964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson{ 275361bac2f2c25ecabef125c6a8bb8dfc194bf73f1Deti Fliegl if (mask != 0xffffffffUL) 276f3aa491a54847fbbaae0858d00e5e4c0986c1d7bTom Eastep printf("%s0x%lx", text, mask); 27702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson} 27802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson 279932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardtstatic void CONNMARK_print(const void *ip, 280932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardt const struct xt_entry_target *target, int numeric) 2810e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 282f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI const struct xt_connmark_target_info *markinfo = 283f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI (const struct xt_connmark_target_info *)target->data; 2840e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (markinfo->mode) { 285f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_SET: 28602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("CONNMARK set "); 28702964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mark(markinfo->mark); 28802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("/", markinfo->mask); 289a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 2900e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 291f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_SAVE: 2920e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("CONNMARK save "); 29302964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("mask ", markinfo->mask); 294a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 2950e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 296f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_RESTORE: 2970e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("CONNMARK restore "); 29802964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("mask ", markinfo->mask); 2990e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 3000e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 3010e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("ERROR: UNKNOWN CONNMARK MODE "); 3020e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 3030e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 3040e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 3050e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 306ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic void 307ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtconnmark_tg_print(const void *ip, const struct xt_entry_target *target, 308ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt int numeric) 309ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt{ 310ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt const struct xt_connmark_tginfo1 *info = (const void *)target->data; 311ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 312ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt switch (info->mode) { 313ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_SET: 314ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt if (info->ctmark == 0) 315ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK and 0x%x ", 316ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt (unsigned int)(u_int32_t)~info->ctmask); 317ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else if (info->ctmark == info->ctmask) 318ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK or 0x%x ", info->ctmark); 319ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else if (info->ctmask == 0) 320ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK xor 0x%x ", info->ctmark); 3215fdf032a02b671bc1a18cec0e803c17c64175ab1Jan Engelhardt else if (info->ctmask == 0xFFFFFFFFU) 3225fdf032a02b671bc1a18cec0e803c17c64175ab1Jan Engelhardt printf("CONNMARK set 0x%x ", info->ctmark); 323ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else 324ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK xset 0x%x/0x%x ", 325ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmark, info->ctmask); 326ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 327ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_SAVE: 328a80975497968e69b23f56bf15d346c65bec381f2Jan Engelhardt if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX) 329ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK save "); 330ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else if (info->nfmask == info->ctmask) 331ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK save mask 0x%x ", info->nfmask); 332ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else 333ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK save nfmask 0x%x ctmask ~0x%x ", 334ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->nfmask, info->ctmask); 335ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 336ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_RESTORE: 337a80975497968e69b23f56bf15d346c65bec381f2Jan Engelhardt if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX) 338ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK restore "); 339ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else if (info->ctmask == info->nfmask) 340ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK restore mask 0x%x ", info->ctmask); 341ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt else 342ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("CONNMARK restore ctmask 0x%x nfmask ~0x%x ", 343ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->ctmask, info->nfmask); 344ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 345ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 346ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt default: 347ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("ERROR: UNKNOWN CONNMARK MODE"); 348ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 349ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt } 350ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt} 351ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 352932e648f38ac16b1ea14c1f66f23951388448c5aJan Engelhardtstatic void CONNMARK_save(const void *ip, const struct xt_entry_target *target) 3530e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 354f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI const struct xt_connmark_target_info *markinfo = 355f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI (const struct xt_connmark_target_info *)target->data; 3560e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 3570e81d5db9ca61069e213236582deedb61dd38b45Harald Welte switch (markinfo->mode) { 358f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_SET: 35902964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson printf("--set-mark "); 36002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mark(markinfo->mark); 36102964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("/", markinfo->mask); 362a6ef99487b05ac5f358cb58d9448e28ac5f38b30Henrik Nordstrom printf(" "); 3630e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 364f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_SAVE: 3650e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("--save-mark "); 36602964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("--mask ", markinfo->mask); 3670e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 368f36f4a8844132cbaacf3bbd5ec0254c17fcc97aeYasuyuki KOZAKAI case XT_CONNMARK_RESTORE: 3690e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("--restore-mark "); 37002964b869a8616b41e4c2dc899ff23921aaaa4b0Martin Josefsson print_mask("--mask ", markinfo->mask); 3710e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 3720e81d5db9ca61069e213236582deedb61dd38b45Harald Welte default: 3730e81d5db9ca61069e213236582deedb61dd38b45Harald Welte printf("ERROR: UNKNOWN CONNMARK MODE "); 3740e81d5db9ca61069e213236582deedb61dd38b45Harald Welte break; 3750e81d5db9ca61069e213236582deedb61dd38b45Harald Welte } 3760e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 3770e81d5db9ca61069e213236582deedb61dd38b45Harald Welte 3782c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasinstatic void CONNMARK_init(struct xt_entry_target *t) 3792c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin{ 3802c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin struct xt_connmark_target_info *markinfo 3812c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin = (struct xt_connmark_target_info *)t->data; 3822c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin 3832c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin markinfo->mask = 0xffffffffUL; 3842c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin} 3852c3ce6ad598cb479640f6f14c7c5e25488923062Peter Warasin 386ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtstatic void 387ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardtconnmark_tg_save(const void *ip, const struct xt_entry_target *target) 388ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt{ 389ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt const struct xt_connmark_tginfo1 *info = (const void *)target->data; 390ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 391ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt switch (info->mode) { 392ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_SET: 393ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("--set-xmark 0x%x/0x%x ", info->ctmark, info->ctmask); 394ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 395ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_SAVE: 396ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("--save-mark --nfmask 0x%x --ctmask 0x%x ", 397ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->nfmask, info->ctmask); 398ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 399ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt case XT_CONNMARK_RESTORE: 400ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("--restore-mark --nfmask 0x%x --ctmask 0x%x ", 401ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt info->nfmask, info->ctmask); 402ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 403ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt default: 404ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt printf("ERROR: UNKNOWN CONNMARK MODE"); 405ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt break; 406ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt } 407ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt} 408ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 409f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardtstatic struct xtables_target connmark_tg_reg[] = { 410f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt { 411f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .family = NFPROTO_UNSPEC, 412f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .name = "CONNMARK", 413f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .revision = 0, 414f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .version = XTABLES_VERSION, 415f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .size = XT_ALIGN(sizeof(struct xt_connmark_target_info)), 416f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_target_info)), 417f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .help = CONNMARK_help, 418f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .init = CONNMARK_init, 419f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .parse = CONNMARK_parse, 420f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .final_check = connmark_tg_check, 421f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .print = CONNMARK_print, 422f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .save = CONNMARK_save, 423f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .extra_opts = CONNMARK_opts, 424f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt }, 425f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt { 426f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .version = XTABLES_VERSION, 427f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .name = "CONNMARK", 428f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .revision = 1, 429f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .family = NFPROTO_UNSPEC, 430f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .size = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), 431f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .userspacesize = XT_ALIGN(sizeof(struct xt_connmark_tginfo1)), 432f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .help = connmark_tg_help, 433f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .init = connmark_tg_init, 434f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .parse = connmark_tg_parse, 435f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .final_check = connmark_tg_check, 436f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .print = connmark_tg_print, 437f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .save = connmark_tg_save, 438f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt .extra_opts = connmark_tg_opts, 439f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt }, 440ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt}; 441ff068719055ae2327d94c79048381c09d3b744c4Jan Engelhardt 4420e81d5db9ca61069e213236582deedb61dd38b45Harald Weltevoid _init(void) 4430e81d5db9ca61069e213236582deedb61dd38b45Harald Welte{ 444f2a77520693f0a6dd1df1f87be4b81913961c1f5Jan Engelhardt xtables_register_targets(connmark_tg_reg, ARRAY_SIZE(connmark_tg_reg)); 4450e81d5db9ca61069e213236582deedb61dd38b45Harald Welte} 446