xt_mark.c revision 65b4b4e81a5094d52cbe372b887b1779abe53f9b 
1/* Kernel module to match NFMARK values. */
2
3/* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10#include <linux/module.h>
11#include <linux/skbuff.h>
12
13#include <linux/netfilter/xt_mark.h>
14#include <linux/netfilter/x_tables.h>
15
16MODULE_LICENSE("GPL");
17MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
18MODULE_DESCRIPTION("iptables mark matching module");
19MODULE_ALIAS("ipt_mark");
20MODULE_ALIAS("ip6t_mark");
21
22static int
23match(const struct sk_buff *skb,
24      const struct net_device *in,
25      const struct net_device *out,
26      const struct xt_match *match,
27      const void *matchinfo,
28      int offset,
29      unsigned int protoff,
30      int *hotdrop)
31{
32	const struct xt_mark_info *info = matchinfo;
33
34	return ((skb->nfmark & info->mask) == info->mark) ^ info->invert;
35}
36
37static int
38checkentry(const char *tablename,
39           const void *entry,
40	   const struct xt_match *match,
41           void *matchinfo,
42           unsigned int matchsize,
43           unsigned int hook_mask)
44{
45	struct xt_mark_info *minfo = (struct xt_mark_info *) matchinfo;
46
47	if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) {
48		printk(KERN_WARNING "mark: only supports 32bit mark\n");
49		return 0;
50	}
51	return 1;
52}
53
54static struct xt_match mark_match = {
55	.name		= "mark",
56	.match		= match,
57	.matchsize	= sizeof(struct xt_mark_info),
58	.checkentry	= checkentry,
59	.family		= AF_INET,
60	.me		= THIS_MODULE,
61};
62
63static struct xt_match mark6_match = {
64	.name		= "mark",
65	.match		= match,
66	.matchsize	= sizeof(struct xt_mark_info),
67	.checkentry	= checkentry,
68	.family		= AF_INET6,
69	.me		= THIS_MODULE,
70};
71
72static int __init xt_mark_init(void)
73{
74	int ret;
75	ret = xt_register_match(&mark_match);
76	if (ret)
77		return ret;
78
79	ret = xt_register_match(&mark6_match);
80	if (ret)
81		xt_unregister_match(&mark_match);
82
83	return ret;
84}
85
86static void __exit xt_mark_fini(void)
87{
88	xt_unregister_match(&mark_match);
89	xt_unregister_match(&mark6_match);
90}
91
92module_init(xt_mark_init);
93module_exit(xt_mark_fini);
94