[deliverable/linux.git] / net / netfilter / xt_MARK.c

/* This is a module which is used for setting the NFMARK field of an skb. */

/* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <net/checksum.h>

#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_MARK.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
MODULE_DESCRIPTION("ip[6]tables MARK modification module");
MODULE_ALIAS("ipt_MARK");
MODULE_ALIAS("ip6t_MARK");

static unsigned int
target_v0(struct sk_buff *skb,
	  const struct net_device *in,
	  const struct net_device *out,
	  unsigned int hooknum,
	  const struct xt_target *target,
	  const void *targinfo)
{
	const struct xt_mark_target_info *markinfo = targinfo;

	skb->mark = markinfo->mark;
	return XT_CONTINUE;
}

static unsigned int
target_v1(struct sk_buff *skb,
	  const struct net_device *in,
	  const struct net_device *out,
	  unsigned int hooknum,
	  const struct xt_target *target,
	  const void *targinfo)
{
	const struct xt_mark_target_info_v1 *markinfo = targinfo;
	int mark = 0;

	switch (markinfo->mode) {
	case XT_MARK_SET:
		mark = markinfo->mark;
		break;

	case XT_MARK_AND:
		mark = skb->mark & markinfo->mark;
		break;

	case XT_MARK_OR:
		mark = skb->mark | markinfo->mark;
		break;
	}

	skb->mark = mark;
	return XT_CONTINUE;
}


static bool
checkentry_v0(const char *tablename,
	      const void *entry,
	      const struct xt_target *target,
	      void *targinfo,
	      unsigned int hook_mask)
{
	const struct xt_mark_target_info *markinfo = targinfo;

	if (markinfo->mark > 0xffffffff) {
		printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
		return false;
	}
	return true;
}

static bool
checkentry_v1(const char *tablename,
	      const void *entry,
	      const struct xt_target *target,
	      void *targinfo,
	      unsigned int hook_mask)
{
	const struct xt_mark_target_info_v1 *markinfo = targinfo;

	if (markinfo->mode != XT_MARK_SET
	    && markinfo->mode != XT_MARK_AND
	    && markinfo->mode != XT_MARK_OR) {
		printk(KERN_WARNING "MARK: unknown mode %u\n",
		       markinfo->mode);
		return false;
	}
	if (markinfo->mark > 0xffffffff) {
		printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
		return false;
	}
	return true;
}

#ifdef CONFIG_COMPAT
struct compat_xt_mark_target_info_v1 {
	compat_ulong_t	mark;
	u_int8_t	mode;
	u_int8_t	__pad1;
	u_int16_t	__pad2;
};

static void compat_from_user_v1(void *dst, void *src)
{
	const struct compat_xt_mark_target_info_v1 *cm = src;
	struct xt_mark_target_info_v1 m = {
		.mark	= cm->mark,
		.mode	= cm->mode,
	};
	memcpy(dst, &m, sizeof(m));
}

static int compat_to_user_v1(void __user *dst, void *src)
{
	const struct xt_mark_target_info_v1 *m = src;
	struct compat_xt_mark_target_info_v1 cm = {
		.mark	= m->mark,
		.mode	= m->mode,
	};
	return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
}
#endif /* CONFIG_COMPAT */

static struct xt_target xt_mark_target[] __read_mostly = {
	{
		.name		= "MARK",
		.family		= AF_INET,
		.revision	= 0,
		.checkentry	= checkentry_v0,
		.target		= target_v0,
		.targetsize	= sizeof(struct xt_mark_target_info),
		.table		= "mangle",
		.me		= THIS_MODULE,
	},
	{
		.name		= "MARK",
		.family		= AF_INET,
		.revision	= 1,
		.checkentry	= checkentry_v1,
		.target		= target_v1,
		.targetsize	= sizeof(struct xt_mark_target_info_v1),
#ifdef CONFIG_COMPAT
		.compatsize	= sizeof(struct compat_xt_mark_target_info_v1),
		.compat_from_user = compat_from_user_v1,
		.compat_to_user	= compat_to_user_v1,
#endif
		.table		= "mangle",
		.me		= THIS_MODULE,
	},
	{
		.name		= "MARK",
		.family		= AF_INET6,
		.revision	= 0,
		.checkentry	= checkentry_v0,
		.target		= target_v0,
		.targetsize	= sizeof(struct xt_mark_target_info),
		.table		= "mangle",
		.me		= THIS_MODULE,
	},
};

static int __init xt_mark_init(void)
{
	return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
}

static void __exit xt_mark_fini(void)
{
	xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
}

module_init(xt_mark_init);
module_exit(xt_mark_fini);
Commit	Line	Data
1da177e4 LT	1	/* This is a module which is used for setting the NFMARK field of an skb. */
	2
	3	/* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License version 2 as
	7	* published by the Free Software Foundation.
	8	*/
	9
	10	#include <linux/module.h>
	11	#include <linux/skbuff.h>
	12	#include <linux/ip.h>
	13	#include <net/checksum.h>
	14
2e4e6a17 HW	15	#include <linux/netfilter/x_tables.h>
2e4e6a17 HW	16	#include <linux/netfilter/xt_MARK.h>
1da177e4 LT	17
	18	MODULE_LICENSE("GPL");
	19	MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
2e4e6a17 HW	20	MODULE_DESCRIPTION("ip[6]tables MARK modification module");
	21	MODULE_ALIAS("ipt_MARK");
	22	MODULE_ALIAS("ip6t_MARK");
1da177e4 LT	23
1da177e4 LT	24	static unsigned int
3db05fea	25	target_v0(struct sk_buff *skb,
1da177e4 LT	26	const struct net_device *in,
	27	const struct net_device *out,
	28	unsigned int hooknum,
c4986734	29	const struct xt_target *target,
fe1cb108	30	const void *targinfo)
1da177e4	31	{
2e4e6a17	32	const struct xt_mark_target_info *markinfo = targinfo;
1da177e4	33
3db05fea	34	skb->mark = markinfo->mark;
2e4e6a17	35	return XT_CONTINUE;
1da177e4 LT	36	}
	37
	38	static unsigned int
3db05fea	39	target_v1(struct sk_buff *skb,
1da177e4 LT	40	const struct net_device *in,
	41	const struct net_device *out,
	42	unsigned int hooknum,
c4986734	43	const struct xt_target *target,
fe1cb108	44	const void *targinfo)
1da177e4	45	{
2e4e6a17	46	const struct xt_mark_target_info_v1 *markinfo = targinfo;
1da177e4 LT	47	int mark = 0;
	48
	49	switch (markinfo->mode) {
2e4e6a17	50	case XT_MARK_SET:
1da177e4 LT	51	mark = markinfo->mark;
1da177e4 LT	52	break;
601e68e1	53
2e4e6a17	54	case XT_MARK_AND:
3db05fea	55	mark = skb->mark & markinfo->mark;
1da177e4	56	break;
601e68e1	57
2e4e6a17	58	case XT_MARK_OR:
3db05fea	59	mark = skb->mark \| markinfo->mark;
1da177e4 LT	60	break;
	61	}
	62
3db05fea	63	skb->mark = mark;
2e4e6a17	64	return XT_CONTINUE;
1da177e4 LT	65	}
	66
	67
e1931b78	68	static bool
1da177e4	69	checkentry_v0(const char *tablename,
2e4e6a17	70	const void *entry,
c4986734	71	const struct xt_target *target,
1da177e4	72	void *targinfo,
1da177e4 LT	73	unsigned int hook_mask)
1da177e4 LT	74	{
a47362a2	75	const struct xt_mark_target_info *markinfo = targinfo;
bf3a46aa	76
bf3a46aa HW	77	if (markinfo->mark > 0xffffffff) {
bf3a46aa HW	78	printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
e1931b78	79	return false;
bf3a46aa	80	}
e1931b78	81	return true;
1da177e4 LT	82	}
1da177e4 LT	83
e1931b78	84	static bool
1da177e4	85	checkentry_v1(const char *tablename,
2e4e6a17	86	const void *entry,
c4986734	87	const struct xt_target *target,
1da177e4	88	void *targinfo,
1da177e4 LT	89	unsigned int hook_mask)
1da177e4 LT	90	{
a47362a2	91	const struct xt_mark_target_info_v1 *markinfo = targinfo;
1da177e4	92
2e4e6a17 HW	93	if (markinfo->mode != XT_MARK_SET
	94	&& markinfo->mode != XT_MARK_AND
	95	&& markinfo->mode != XT_MARK_OR) {
1da177e4 LT	96	printk(KERN_WARNING "MARK: unknown mode %u\n",
1da177e4 LT	97	markinfo->mode);
e1931b78	98	return false;
1da177e4	99	}
bf3a46aa HW	100	if (markinfo->mark > 0xffffffff) {
bf3a46aa HW	101	printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
e1931b78	102	return false;
bf3a46aa	103	}
e1931b78	104	return true;
1da177e4 LT	105	}
1da177e4 LT	106
be7263b7 PM	107	#ifdef CONFIG_COMPAT
	108	struct compat_xt_mark_target_info_v1 {
	109	compat_ulong_t mark;
	110	u_int8_t mode;
	111	u_int8_t __pad1;
	112	u_int16_t __pad2;
	113	};
	114
	115	static void compat_from_user_v1(void dst, void src)
	116	{
a47362a2	117	const struct compat_xt_mark_target_info_v1 *cm = src;
be7263b7 PM	118	struct xt_mark_target_info_v1 m = {
	119	.mark = cm->mark,
	120	.mode = cm->mode,
	121	};
	122	memcpy(dst, &m, sizeof(m));
	123	}
	124
	125	static int compat_to_user_v1(void __user dst, void src)
	126	{
a47362a2	127	const struct xt_mark_target_info_v1 *m = src;
be7263b7 PM	128	struct compat_xt_mark_target_info_v1 cm = {
	129	.mark = m->mark,
	130	.mode = m->mode,
	131	};
	132	return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
	133	}
	134	#endif /* CONFIG_COMPAT */
	135
9f15c530	136	static struct xt_target xt_mark_target[] __read_mostly = {
4470bbc7 PM	137	{
	138	.name = "MARK",
	139	.family = AF_INET,
	140	.revision = 0,
	141	.checkentry = checkentry_v0,
	142	.target = target_v0,
	143	.targetsize = sizeof(struct xt_mark_target_info),
	144	.table = "mangle",
	145	.me = THIS_MODULE,
	146	},
	147	{
	148	.name = "MARK",
	149	.family = AF_INET,
	150	.revision = 1,
	151	.checkentry = checkentry_v1,
	152	.target = target_v1,
	153	.targetsize = sizeof(struct xt_mark_target_info_v1),
be7263b7 PM	154	#ifdef CONFIG_COMPAT
	155	.compatsize = sizeof(struct compat_xt_mark_target_info_v1),
	156	.compat_from_user = compat_from_user_v1,
	157	.compat_to_user = compat_to_user_v1,
	158	#endif
4470bbc7 PM	159	.table = "mangle",
	160	.me = THIS_MODULE,
	161	},
	162	{
	163	.name = "MARK",
	164	.family = AF_INET6,
	165	.revision = 0,
	166	.checkentry = checkentry_v0,
	167	.target = target_v0,
	168	.targetsize = sizeof(struct xt_mark_target_info),
	169	.table = "mangle",
	170	.me = THIS_MODULE,
	171	},
2e4e6a17 HW	172	};
2e4e6a17 HW	173
65b4b4e8	174	static int __init xt_mark_init(void)
1da177e4	175	{
4470bbc7	176	return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
1da177e4 LT	177	}
1da177e4 LT	178
65b4b4e8	179	static void __exit xt_mark_fini(void)
1da177e4	180	{
4470bbc7	181	xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target));
1da177e4 LT	182	}
1da177e4 LT	183
65b4b4e8 AM	184	module_init(xt_mark_init);
65b4b4e8 AM	185	module_exit(xt_mark_fini);