libxt_quota.c revision e746abb15df34da1729de8d669c95f1b0b9ecb7c 
1e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/*
2e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte * Shared library add-on to iptables to add quota support
3e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte *
4e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte * Sam Johnston <samj@samj.net>
5e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte */
6e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <stdio.h>
7e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <stdlib.h>
8e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <getopt.h>
9e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <iptables.h>
10e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
11e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <linux/netfilter_ipv4/ipt_quota.h>
12e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#include <linux/netfilter_ipv4/ip_tables.h>
13e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
14e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic struct option opts[] = {
15e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        {"quota", 1, 0, '1'},
16e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        {0}
17e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte};
18e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
19e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* print usage */
20e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic void
21e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltehelp(void)
22e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
23e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        printf("quota options:\n"
24e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte               " --quota quota			quota (bytes)\n" "\n");
25e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
26e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
27e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* initialise match */
28e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic void
29e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welteinit(struct ipt_entry_match *m, unsigned int *nfcache)
30e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
31e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        /* no can cache */
32e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        *nfcache |= NFC_UNKNOWN;
33e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
34e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
35e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* print matchinfo */
36e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic void
37e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welteprint(const struct ipt_ip *ip, const struct ipt_entry_match *match, int numeric)
38e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
39e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        struct ipt_quota_info *q = (struct ipt_quota_info *) match->data;
40e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        printf("quota: %llu bytes", (unsigned long long) q->quota);
41e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
42e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
43e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* save matchinfo */
44e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic void
45e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltesave(const struct ipt_ip *ip, const struct ipt_entry_match *match)
46e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
47e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        struct ipt_quota_info *q = (struct ipt_quota_info *) match->data;
48e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        printf("--quota %llu ", (unsigned long long) q->quota);
49e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
50e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
51e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* parse quota option */
52e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic int
53e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welteparse_quota(const char *s, u_int64_t * quota)
54e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
55e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        *quota = strtoull(s, (char **) NULL, 10);
56e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
57e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#ifdef DEBUG_IPT_QUOTA
58e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        printf("Quota: %llu\n", *quota);
59e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte#endif
60e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
61e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        if (*quota == -1)
62e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                exit_error(PARAMETER_PROBLEM, "quota invalid: '%s'\n", s);
63e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        else
64e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                return 1;
65e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
66e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
67e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* parse all options, returning true if we found any for us */
68e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic int
69e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welteparse(int c, char **argv, int invert, unsigned int *flags,
70e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte      const struct ipt_entry *entry,
71e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte      unsigned int *nfcache, struct ipt_entry_match **match)
72e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
73e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        struct ipt_quota_info *info = (struct ipt_quota_info *) (*match)->data;
74e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
75e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        switch (c) {
76e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        case '1':
77e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                if (check_inverse(optarg, &invert))
78e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                        exit_error(PARAMETER_PROBLEM, "quota: unexpected '!'");
79e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                if (!parse_quota(optarg, &info->quota))
80e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                        exit_error(PARAMETER_PROBLEM,
81e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                                   "bad quota: '%s'", optarg);
82e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                break;
83e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
84e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        default:
85e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte                return 0;
86e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        }
87e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        return 1;
88e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
89e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
90e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte/* no final check */
91e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestatic void
92e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltefinal_check(unsigned int flags)
93e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
94e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
95e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
96e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltestruct iptables_match quota = { NULL,
97e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        "quota",
98e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        NETFILTER_VERSION,
99e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        IPT_ALIGN(sizeof (struct ipt_quota_info)),
100e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        IPT_ALIGN(sizeof (struct ipt_quota_info)),
101e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &help,
102e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &init,
103e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &parse,
104e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &final_check,
105e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &print,
106e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        &save,
107e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        opts
108e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte};
109e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte
110e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Weltevoid
111e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte_init(void)
112e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte{
113e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte        register_match(&quota);
114e746abb15df34da1729de8d669c95f1b0b9ecb7cHarald Welte}
115