summaryrefslogtreecommitdiffstats
path: root/userspace/ebtables2
diff options
context:
space:
mode:
authorfnm3 <fnm3>2002-06-14 17:28:13 +0000
committerfnm3 <fnm3>2002-06-14 17:28:13 +0000
commit199d31a20f95babd74d692beb89988e2fb851032 (patch)
treef830ecf66793450012d4783b92158ec557d86c6c /userspace/ebtables2
parent0d581985af2e3dfea67bbf4825628f642a7ae134 (diff)
New parameter definitions addded
Kernelspace changes for encapsulated protocol parameter Version changed Updated VLAN match extension section Removed empty lines at end of file Userspace changes - vlan encapsulated protocol match added
Diffstat (limited to 'userspace/ebtables2')
-rw-r--r--userspace/ebtables2/Makefile2
-rw-r--r--userspace/ebtables2/ebtables.89
-rw-r--r--userspace/ebtables2/ethertypes5
-rw-r--r--userspace/ebtables2/extensions/ebt_vlan.c119
4 files changed, 104 insertions, 31 deletions
diff --git a/userspace/ebtables2/Makefile b/userspace/ebtables2/Makefile
index e82be17..8ebcd0f 100644
--- a/userspace/ebtables2/Makefile
+++ b/userspace/ebtables2/Makefile
@@ -2,7 +2,7 @@
KERNEL_DIR?=/usr/src/linux
PROGNAME:=ebtables
-PROGVERSION:="2.0pre6 (May 2002)"
+PROGVERSION:="2.0pre8 (June 2002)"
MANDIR?=/usr/local/man
CFLAGS:=-Wall -Wunused
diff --git a/userspace/ebtables2/ebtables.8 b/userspace/ebtables2/ebtables.8
index d0d7a18..b9d57c8 100644
--- a/userspace/ebtables2/ebtables.8
+++ b/userspace/ebtables2/ebtables.8
@@ -21,7 +21,7 @@
.\"
.\"
.SH NAME
-ebtables(v.2.0) \- ethernet bridge packet table administration
+ebtables (v.2.0) \- ethernet bridge packet table administration
.SH SYNOPSIS
.BR "ebtables -[ADI] " "chain rule-specification [options]"
.br
@@ -316,7 +316,7 @@ The ARP IP source address specification.
.BR "--arp-ip-dst " "[!] \fIaddress\fP[/\fImask\fP]"
The ARP IP destination address specification.
.SS vlan
-Specify 802.1Q VLAN specific fields. These will only work if the protocol equals
+Specify 802.1Q Tag Control Information fields. These will only work if the protocol equals
.BR 802_1Q .
For more details see
.BR "ebtables -h vlan" .
@@ -325,7 +325,10 @@ For more details see
The VLAN identifier (decimal number from 0 to 4095).
.TP
.BR "--vlan-prio " "[!] \fIprio\fP"
-The VLAN priority type, this can be a decimal number from 0 to 7. The default value is 0.
+The VLAN user priority type, this can be a decimal number from 0 to 7. The default value is 0.
+.TP
+.BR "--vlan-encap " "[!] \fIprotocol\fP"
+The VLAN encapsulated protocol, this can be a hexadecimal number from 0000 to FFFF. The default value is 0.
.SH WATCHER EXTENSION(S)
Watchers are things that only look at frames passing by. These watchers only see the
frame if the frame passes all the matches of the rule.
diff --git a/userspace/ebtables2/ethertypes b/userspace/ebtables2/ethertypes
index 0123bf3..e53d4f2 100644
--- a/userspace/ebtables2/ethertypes
+++ b/userspace/ebtables2/ethertypes
@@ -7,7 +7,7 @@
# programs using this file should not be case sensitive
# that's all :-))
IPV4 0800 put your comments behind, on the same line, after a tab
-X25 0800 or whitespace
+X25 0805 or whitespace
ARP 0806
802_1Q 8100 802.1Q Virtual LAN tagged frame
IPX 8137
@@ -30,5 +30,4 @@ PPP_DISC 8863 PPPoE discovery messages
PPP_SES 8864 PPPoE session messages
ATMMPOA 884C MultiProtocol over ATM
ATMFATE 8884 Frame-based ATM Transport over Ethernet
-
-
+LOOP 9000
diff --git a/userspace/ebtables2/extensions/ebt_vlan.c b/userspace/ebtables2/extensions/ebt_vlan.c
index ad3e6f7..580fa71 100644
--- a/userspace/ebtables2/extensions/ebt_vlan.c
+++ b/userspace/ebtables2/extensions/ebt_vlan.c
@@ -1,44 +1,49 @@
/*
- * Summary: ebt_vlan userspace module
- *
- * Description: 802.1Q Virtual LAN match support module for ebtables project.
- * Enable to match 802.1Q VLAN tagged frames by VLAN numeric
- * identifier (12-bites field) and frame priority (3-bites field)
+ * Summary: ebt_vlan - 802.1 Q match extension module for userspace
+ *
+ * Description:802.1 Q Virtual LAN match support module for ebtables project.
+ * Enable to match 802.1 Q VLAN tagged frames by VLAN numeric
+ * identifier (12 - bits field) and user_priority (3 bits field)
*
* Authors:
* Bart De Schuymer <bart.de.schuymer@pandora.be>
- * Nick Fedchik <nick@fedchik.org.ua>
- *
- * May, 2002
+ * Nick Fedchik <nick@fedchik.org.ua>
+ * June, 2002
+ *
+ * License: GPL
+ *
*/
-
+
+#include <getopt.h>
+#include <netinet/in.h>
#include <stdio.h>
-#include <string.h>
#include <stdlib.h>
+#include <string.h>
#include <sys/socket.h>
-#include <netinet/in.h>
+
#include <linux/netfilter_bridge/ebtables.h>
-#include <getopt.h>
#include "../include/ebtables_u.h"
-#include <linux/netfilter_bridge/ebt_vlan.h>
#define VLAN_ID '1'
#define VLAN_PRIO '2'
+#define VLAN_ENCAP '3'
static struct option opts[] = {
{"vlan-id", required_argument, 0, VLAN_ID},
{"vlan-prio", required_argument, 0, VLAN_PRIO},
+ {"vlan-encap", required_argument, 0, VLAN_ENCAP},
{0}
};
/*
- * Print out help for ebtables -h vlan
+ * Print out local help by ebtables -h vlan
*/
static void print_help ()
{
printf ("802.1Q VLAN options:\n"
- "--vlan-id [!] id : VLAN ID 1-4095 (integer)\n"
- "--vlan-prio [!] prio : VLAN Priority 0-7 (integer)\n");
+ "--vlan-id [!] id : VLAN ID 1-4094 (integer)\n"
+ "--vlan-prio [!] prio : VLAN Priority 0-7 (integer)\n"
+ "--vlan-encap [!] proto : VLAN Encapsulated Protocol (integer or string as in /etc/ethertypes)\n");
}
/*
@@ -53,12 +58,18 @@ static void init (struct ebt_entry_match *match)
*/
vlaninfo->id = 0;
vlaninfo->prio = 0;
+ vlaninfo->encap = 0;
vlaninfo->invflags = 0;
vlaninfo->bitmask = 0;
}
+/*
+ * option flags definition
+ */
#define OPT_VLAN_ID 0x01
#define OPT_VLAN_PRIO 0x02
+#define OPT_VLAN_ENCAP 0x04
+
static int
parse (int c, char **argv, int argc,
const struct ebt_u_entry *entry, unsigned int *flags,
@@ -66,20 +77,24 @@ parse (int c, char **argv, int argc,
{
struct ebt_vlan_info *vlaninfo =
(struct ebt_vlan_info *) (*match)->data;
- unsigned short i;
+ unsigned long i;
char *end;
switch (c) {
case VLAN_ID:
+ /*
+ * ebtables.c:check_option(unsigned int *flags, unsigned int mask)
+ * checking for multiple usage of same option
+ */
check_option (flags, OPT_VLAN_ID);
/*
- * Check If we got inversed arg for VID,
+ * Check If we got inversed arg for vlan-id option,
* otherwise unset inversion flag
*/
if (check_inverse (optarg))
vlaninfo->invflags |= EBT_VLAN_ID;
/*
- * Check arg value presense
+ * Check arg value presence
*/
if (optind > argc)
print_error ("Missing VLAN ID argument\n");
@@ -90,15 +105,21 @@ parse (int c, char **argv, int argc,
*/
(unsigned short) i = strtol (argv[optind - 1], &end, 10);
/*
- * Check arg val range
+ * Check arg val range
*/
- if (i < 1 || i >= 4096 || *end != '\0') {
+ if (i < 1 || i >= 4094 || *end != '\0') {
i = 0;
print_error
("Problem with specified VLAN ID range\n");
}
+ /*
+ * Set up parameter value
+ */
vlaninfo->id = i;
- vlaninfo->bitmask|=EBT_VLAN_ID;
+ /*
+ * Set up parameter presence flag
+ */
+ vlaninfo->bitmask |= EBT_VLAN_ID;
break;
case VLAN_PRIO:
@@ -113,7 +134,7 @@ parse (int c, char **argv, int argc,
* set *end to end of argv string,
* base set 10 for decimal only
*/
- (unsigned short) i = strtol (argv[optind - 1], &end, 10);
+ (unsigned char) i = strtol (argv[optind - 1], &end, 10);
/*
* Check arg val range
*/
@@ -122,10 +143,45 @@ parse (int c, char **argv, int argc,
print_error
("Problem with specified VLAN Priority range\n");
}
+ /*
+ * Set up parameter value
+ */
vlaninfo->prio = i;
- vlaninfo->bitmask|=EBT_VLAN_PRIO;
+ /*
+ * Set up parameter presence flag
+ */
+ vlaninfo->bitmask |= EBT_VLAN_PRIO;
break;
+ case VLAN_ENCAP:
+ check_option (flags, OPT_VLAN_ENCAP);
+ if (check_inverse (optarg))
+ vlaninfo->invflags |= EBT_VLAN_ENCAP;
+ if (optind > argc)
+ print_error
+ ("Missing VLAN Encapsulated Protocol argument\n");
+ /*
+ * Parameter can be decimal, hexadecimal, or string.
+ * Check arg val range
+ */
+ (unsigned short) i = strtol (argv[optind - 1], &end, 16);
+ if (*end == '\0' && (i < 0 || i > 0xFFFF))
+ print_error
+ ("Problem with the specified encapsulated protocol");
+ if (*end != '\0')
+ if (name_to_protocol (argv[optind - 1]) == -1)
+ print_error
+ ("Problem with the specified encapsulated"
+ "protocol");
+ /*
+ * Set up parameter value (network notation)
+ */
+ vlaninfo->encap = htons (i);
+ /*
+ * Set up parameter presence flag
+ */
+ vlaninfo->bitmask |= EBT_VLAN_ENCAP;
+ break;
default:
return 0;
}
@@ -174,6 +230,14 @@ print (const struct ebt_u_entry *entry,
vlaninfo->invflags & EBT_VLAN_PRIO ? "!" : "",
vlaninfo->prio);
}
+ /*
+ * Print VLAN encapsulated protocol if they are specified
+ */
+ if (vlaninfo->bitmask & EBT_VLAN_ENCAP) {
+ printf ("vlan encap: %s%2.4X, ",
+ vlaninfo->invflags & EBT_VLAN_ENCAP ? "!" : "",
+ ntohs (vlaninfo->encap));
+ }
}
@@ -209,6 +273,13 @@ compare (const struct ebt_entry_match *vlan1,
if (vlaninfo1->prio != vlaninfo2->prio)
return 0;
};
+ /*
+ * Compare VLAN Encap if they are present
+ */
+ if (vlaninfo1->bitmask & EBT_VLAN_ENCAP) {
+ if (vlaninfo1->encap != vlaninfo2->encap)
+ return 0;
+ };
return 1;
}