]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* IP tables module for matching the value of the TTL |
2 | * | |
3 | * ipt_ttl.c,v 1.5 2000/11/13 11:16:08 laforge Exp | |
4 | * | |
5 | * (C) 2000,2001 by Harald Welte <laforge@netfilter.org> | |
6 | * | |
7 | * This program is free software; you can redistribute it and/or modify | |
8 | * it under the terms of the GNU General Public License version 2 as | |
9 | * published by the Free Software Foundation. | |
10 | */ | |
11 | ||
12 | #include <linux/module.h> | |
13 | #include <linux/skbuff.h> | |
14 | ||
15 | #include <linux/netfilter_ipv4/ipt_ttl.h> | |
16 | #include <linux/netfilter_ipv4/ip_tables.h> | |
17 | ||
18 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | |
19 | MODULE_DESCRIPTION("IP tables TTL matching module"); | |
20 | MODULE_LICENSE("GPL"); | |
21 | ||
22 | static int match(const struct sk_buff *skb, const struct net_device *in, | |
23 | const struct net_device *out, const void *matchinfo, | |
24 | int offset, int *hotdrop) | |
25 | { | |
26 | const struct ipt_ttl_info *info = matchinfo; | |
27 | ||
28 | switch (info->mode) { | |
29 | case IPT_TTL_EQ: | |
30 | return (skb->nh.iph->ttl == info->ttl); | |
31 | break; | |
32 | case IPT_TTL_NE: | |
33 | return (!(skb->nh.iph->ttl == info->ttl)); | |
34 | break; | |
35 | case IPT_TTL_LT: | |
36 | return (skb->nh.iph->ttl < info->ttl); | |
37 | break; | |
38 | case IPT_TTL_GT: | |
39 | return (skb->nh.iph->ttl > info->ttl); | |
40 | break; | |
41 | default: | |
42 | printk(KERN_WARNING "ipt_ttl: unknown mode %d\n", | |
43 | info->mode); | |
44 | return 0; | |
45 | } | |
46 | ||
47 | return 0; | |
48 | } | |
49 | ||
50 | static int checkentry(const char *tablename, const struct ipt_ip *ip, | |
51 | void *matchinfo, unsigned int matchsize, | |
52 | unsigned int hook_mask) | |
53 | { | |
54 | if (matchsize != IPT_ALIGN(sizeof(struct ipt_ttl_info))) | |
55 | return 0; | |
56 | ||
57 | return 1; | |
58 | } | |
59 | ||
60 | static struct ipt_match ttl_match = { | |
61 | .name = "ttl", | |
62 | .match = &match, | |
63 | .checkentry = &checkentry, | |
64 | .me = THIS_MODULE, | |
65 | }; | |
66 | ||
67 | static int __init init(void) | |
68 | { | |
69 | return ipt_register_match(&ttl_match); | |
70 | } | |
71 | ||
72 | static void __exit fini(void) | |
73 | { | |
74 | ipt_unregister_match(&ttl_match); | |
75 | ||
76 | } | |
77 | ||
78 | module_init(init); | |
79 | module_exit(fini); |