2 * iptables module to match inet_addr_type() of an ip.
4 * Copyright (c) 2004 Patrick McHardy <kaber@trash.net>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
11 #include <linux/kernel.h>
12 #include <linux/module.h>
13 #include <linux/skbuff.h>
14 #include <linux/netdevice.h>
16 #include <net/route.h>
18 #include <linux/netfilter_ipv4/ipt_addrtype.h>
19 #include <linux/netfilter/x_tables.h>
21 MODULE_LICENSE("GPL");
22 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
23 MODULE_DESCRIPTION("iptables addrtype match");
25 static inline bool match_type(__be32 addr
, u_int16_t mask
)
27 return !!(mask
& (1 << inet_addr_type(addr
)));
30 static bool match(const struct sk_buff
*skb
,
31 const struct net_device
*in
, const struct net_device
*out
,
32 const struct xt_match
*match
, const void *matchinfo
,
33 int offset
, unsigned int protoff
, bool *hotdrop
)
35 const struct ipt_addrtype_info
*info
= matchinfo
;
36 const struct iphdr
*iph
= ip_hdr(skb
);
40 ret
&= match_type(iph
->saddr
, info
->source
)^info
->invert_source
;
42 ret
&= match_type(iph
->daddr
, info
->dest
)^info
->invert_dest
;
47 static struct xt_match addrtype_match __read_mostly
= {
51 .matchsize
= sizeof(struct ipt_addrtype_info
),
55 static int __init
ipt_addrtype_init(void)
57 return xt_register_match(&addrtype_match
);
60 static void __exit
ipt_addrtype_fini(void)
62 xt_unregister_match(&addrtype_match
);
65 module_init(ipt_addrtype_init
);
66 module_exit(ipt_addrtype_fini
);
projects / mirror_ubuntu-bionic-kernel.git / blob