[mirror_ubuntu-jammy-kernel.git] / net / netfilter / xt_length.c

// SPDX-License-Identifier: GPL-2.0-only
/* Kernel module to match packet length. */
/* (C) 1999-2001 James Morris <jmorros@intercode.com.au>
 */

#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ipv6.h>
#include <net/ip.h>

#include <linux/netfilter/xt_length.h>
#include <linux/netfilter/x_tables.h>

MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>");
MODULE_DESCRIPTION("Xtables: Packet length (Layer3,4,5) match");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_length");
MODULE_ALIAS("ip6t_length");

static bool
length_mt(const struct sk_buff *skb, struct xt_action_param *par)
{
	const struct xt_length_info *info = par->matchinfo;
	u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len);

	return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
}

static bool
length_mt6(const struct sk_buff *skb, struct xt_action_param *par)
{
	const struct xt_length_info *info = par->matchinfo;
	const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) +
				 sizeof(struct ipv6hdr);

	return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
}

static struct xt_match length_mt_reg[] __read_mostly = {
	{
		.name		= "length",
		.family		= NFPROTO_IPV4,
		.match		= length_mt,
		.matchsize	= sizeof(struct xt_length_info),
		.me		= THIS_MODULE,
	},
	{
		.name		= "length",
		.family		= NFPROTO_IPV6,
		.match		= length_mt6,
		.matchsize	= sizeof(struct xt_length_info),
		.me		= THIS_MODULE,
	},
};

static int __init length_mt_init(void)
{
	return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
}

static void __exit length_mt_exit(void)
{
	xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
}

module_init(length_mt_init);
module_exit(length_mt_exit);
Commit	Line	Data
d2912cb1	1	// SPDX-License-Identifier: GPL-2.0-only
2e4e6a17 HW	2	/* Kernel module to match packet length. */
2e4e6a17 HW	3	/* (C) 1999-2001 James Morris <jmorros@intercode.com.au>
2e4e6a17 HW	4	*/
	5
	6	#include <linux/module.h>
	7	#include <linux/skbuff.h>
37d8dc82	8	#include <linux/ipv6.h>
2e4e6a17 HW	9	#include <net/ip.h>
	10
	11	#include <linux/netfilter/xt_length.h>
	12	#include <linux/netfilter/x_tables.h>
	13
	14	MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>");
2ae15b64	15	MODULE_DESCRIPTION("Xtables: Packet length (Layer3,4,5) match");
2e4e6a17 HW	16	MODULE_LICENSE("GPL");
	17	MODULE_ALIAS("ipt_length");
	18	MODULE_ALIAS("ip6t_length");
	19
1d93a9cb	20	static bool
62fc8051	21	length_mt(const struct sk_buff skb, struct xt_action_param par)
2e4e6a17	22	{
f7108a20	23	const struct xt_length_info *info = par->matchinfo;
eddc9ec5	24	u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len);
601e68e1	25
2e4e6a17 HW	26	return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
	27	}
	28
1d93a9cb	29	static bool
62fc8051	30	length_mt6(const struct sk_buff skb, struct xt_action_param par)
2e4e6a17	31	{
f7108a20	32	const struct xt_length_info *info = par->matchinfo;
7c4e36bc JE	33	const u_int16_t pktlen = ntohs(ipv6_hdr(skb)->payload_len) +
7c4e36bc JE	34	sizeof(struct ipv6hdr);
601e68e1	35
2e4e6a17 HW	36	return (pktlen >= info->min && pktlen <= info->max) ^ info->invert;
	37	}
	38
d3c5ee6d	39	static struct xt_match length_mt_reg[] __read_mostly = {
4470bbc7 PM	40	{
4470bbc7 PM	41	.name = "length",
ee999d8b	42	.family = NFPROTO_IPV4,
d3c5ee6d	43	.match = length_mt,
4470bbc7 PM	44	.matchsize = sizeof(struct xt_length_info),
	45	.me = THIS_MODULE,
	46	},
	47	{
	48	.name = "length",
ee999d8b	49	.family = NFPROTO_IPV6,
d3c5ee6d	50	.match = length_mt6,
4470bbc7 PM	51	.matchsize = sizeof(struct xt_length_info),
	52	.me = THIS_MODULE,
	53	},
2e4e6a17 HW	54	};
2e4e6a17 HW	55
d3c5ee6d	56	static int __init length_mt_init(void)
2e4e6a17	57	{
d3c5ee6d	58	return xt_register_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
2e4e6a17 HW	59	}
2e4e6a17 HW	60
d3c5ee6d	61	static void __exit length_mt_exit(void)
2e4e6a17	62	{
d3c5ee6d	63	xt_unregister_matches(length_mt_reg, ARRAY_SIZE(length_mt_reg));
2e4e6a17 HW	64	}
2e4e6a17 HW	65
d3c5ee6d JE	66	module_init(length_mt_init);
d3c5ee6d JE	67	module_exit(length_mt_exit);