]>
Commit | Line | Data |
---|---|---|
17b0d7ef JE |
1 | /* |
2 | * xt_mark - Netfilter module to match NFMARK value | |
3 | * | |
4 | * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> | |
5 | * Copyright © CC Computer Consultants GmbH, 2007 - 2008 | |
4725c728 | 6 | * Jan Engelhardt <jengelh@medozas.de> |
1da177e4 | 7 | * |
17b0d7ef JE |
8 | * This program is free software; you can redistribute it and/or modify |
9 | * it under the terms of the GNU General Public License version 2 as | |
10 | * published by the Free Software Foundation. | |
1da177e4 LT |
11 | */ |
12 | ||
13 | #include <linux/module.h> | |
14 | #include <linux/skbuff.h> | |
15 | ||
2e4e6a17 HW |
16 | #include <linux/netfilter/xt_mark.h> |
17 | #include <linux/netfilter/x_tables.h> | |
1da177e4 LT |
18 | |
19 | MODULE_LICENSE("GPL"); | |
20 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); | |
28b94988 | 21 | MODULE_DESCRIPTION("Xtables: packet mark operations"); |
2e4e6a17 HW |
22 | MODULE_ALIAS("ipt_mark"); |
23 | MODULE_ALIAS("ip6t_mark"); | |
28b94988 JE |
24 | MODULE_ALIAS("ipt_MARK"); |
25 | MODULE_ALIAS("ip6t_MARK"); | |
12b7ed29 | 26 | MODULE_ALIAS("arpt_MARK"); |
28b94988 JE |
27 | |
28 | static unsigned int | |
4b560b44 | 29 | mark_tg(struct sk_buff *skb, const struct xt_action_param *par) |
28b94988 JE |
30 | { |
31 | const struct xt_mark_tginfo2 *info = par->targinfo; | |
32 | ||
33 | skb->mark = (skb->mark & ~info->mask) ^ info->mark; | |
34 | return XT_CONTINUE; | |
35 | } | |
1da177e4 | 36 | |
1d93a9cb | 37 | static bool |
62fc8051 | 38 | mark_mt(const struct sk_buff *skb, struct xt_action_param *par) |
1da177e4 | 39 | { |
f7108a20 | 40 | const struct xt_mark_mtinfo1 *info = par->matchinfo; |
1da177e4 | 41 | |
82e91ffe | 42 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; |
1da177e4 LT |
43 | } |
44 | ||
28b94988 JE |
45 | static struct xt_target mark_tg_reg __read_mostly = { |
46 | .name = "MARK", | |
47 | .revision = 2, | |
48 | .family = NFPROTO_UNSPEC, | |
49 | .target = mark_tg, | |
50 | .targetsize = sizeof(struct xt_mark_tginfo2), | |
51 | .me = THIS_MODULE, | |
52 | }; | |
53 | ||
4725c728 JE |
54 | static struct xt_match mark_mt_reg __read_mostly = { |
55 | .name = "mark", | |
56 | .revision = 1, | |
57 | .family = NFPROTO_UNSPEC, | |
58 | .match = mark_mt, | |
59 | .matchsize = sizeof(struct xt_mark_mtinfo1), | |
60 | .me = THIS_MODULE, | |
1da177e4 LT |
61 | }; |
62 | ||
d3c5ee6d | 63 | static int __init mark_mt_init(void) |
1da177e4 | 64 | { |
28b94988 JE |
65 | int ret; |
66 | ||
67 | ret = xt_register_target(&mark_tg_reg); | |
68 | if (ret < 0) | |
69 | return ret; | |
70 | ret = xt_register_match(&mark_mt_reg); | |
71 | if (ret < 0) { | |
72 | xt_unregister_target(&mark_tg_reg); | |
73 | return ret; | |
74 | } | |
75 | return 0; | |
1da177e4 LT |
76 | } |
77 | ||
d3c5ee6d | 78 | static void __exit mark_mt_exit(void) |
1da177e4 | 79 | { |
4725c728 | 80 | xt_unregister_match(&mark_mt_reg); |
28b94988 | 81 | xt_unregister_target(&mark_tg_reg); |
1da177e4 LT |
82 | } |
83 | ||
d3c5ee6d JE |
84 | module_init(mark_mt_init); |
85 | module_exit(mark_mt_exit); |