From ce251ce4227767051ab420e57c30f25df94162be Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Sat, 20 Jul 2002 16:15:39 +0000 Subject: *** empty log message *** --- kernel/linux/net/bridge/netfilter/ebt_mark.c | 69 ++++++++++++++++++++++++++ kernel/linux/net/bridge/netfilter/ebt_mark_m.c | 54 ++++++++++++++++++++ 2 files changed, 123 insertions(+) create mode 100644 kernel/linux/net/bridge/netfilter/ebt_mark.c create mode 100644 kernel/linux/net/bridge/netfilter/ebt_mark_m.c (limited to 'kernel/linux/net') diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark.c b/kernel/linux/net/bridge/netfilter/ebt_mark.c new file mode 100644 index 0000000..1e4d98b --- /dev/null +++ b/kernel/linux/net/bridge/netfilter/ebt_mark.c @@ -0,0 +1,69 @@ +/* + * ebt_mark_t + * + * Authors: + * Bart De Schuymer + * + * July, 2002 + * + */ + +// The mark target can be used in any chain +// I believe adding a mangle table just for marking is total overkill +// Marking a frame doesn't really change anything in the frame anyway +// The target member of the struct ebt_vlan_info provides the same +// functionality as a separate table + +#include +#include +#include +#include +#include +#include +#include "../br_private.h" + +static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr, + const struct net_device *in, const struct net_device *out, + const void *data, unsigned int datalen) +{ + struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data; + + if ((*pskb)->nfmark != infostuff->mark) { + (*pskb)->nfmark = infostuff->mark; + (*pskb)->nfcache |= NFC_ALTERED; + } + return infostuff->target; +} + +static int ebt_target_mark_check(const char *tablename, unsigned int hookmask, + const struct ebt_entry *e, void *data, unsigned int datalen) +{ + struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data; + + if (datalen != sizeof(struct ebt_mark_t_info)) + return -EINVAL; + if (infostuff->target < -NUM_STANDARD_TARGETS || infostuff->target >= 0) + return -EINVAL; + return 0; +} + +static struct ebt_target mark_target = +{ + {NULL, NULL}, EBT_MARK_TARGET, ebt_target_mark, + ebt_target_mark_check, NULL, THIS_MODULE +}; + +static int __init init(void) +{ + return ebt_register_target(&mark_target); +} + +static void __exit fini(void) +{ + ebt_unregister_target(&mark_target); +} + +module_init(init); +module_exit(fini); +EXPORT_NO_SYMBOLS; +MODULE_LICENSE("GPL"); diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark_m.c b/kernel/linux/net/bridge/netfilter/ebt_mark_m.c new file mode 100644 index 0000000..4972b09 --- /dev/null +++ b/kernel/linux/net/bridge/netfilter/ebt_mark_m.c @@ -0,0 +1,54 @@ +/* + * ebt_mark_m + * + * Authors: + * Bart De Schuymer + * + * July, 2002 + * + */ + +#include +#include +#include + +static int ebt_filter_mark(const struct sk_buff *skb, + const struct net_device *in, + const struct net_device *out, + const void *data, + unsigned int datalen, const struct ebt_counter *c) +{ + struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data; + + return !(((skb->nfmark & info->mask) == info->mark) ^ info->invert); +} + +static int ebt_mark_check(const char *tablename, unsigned int hookmask, + const struct ebt_entry *e, void *data, unsigned int datalen) +{ + if (datalen != sizeof(struct ebt_mark_m_info)) { + return -EINVAL; + } + return 0; +} + +static struct ebt_match filter_mark = +{ + {NULL, NULL}, EBT_MARK_MATCH, ebt_filter_mark, ebt_mark_check, NULL, + THIS_MODULE +}; + +static int __init init(void) +{ + return ebt_register_match(&filter_mark); +} + +static void __exit fini(void) +{ + ebt_unregister_match(&filter_mark); +} + +module_init(init); +module_exit(fini); +EXPORT_NO_SYMBOLS; +MODULE_LICENSE("GPL"); -- cgit v1.2.3