From ce251ce4227767051ab420e57c30f25df94162be Mon Sep 17 00:00:00 2001
From: Bart De Schuymer <bdschuym@pandora.be>
Date: Sat, 20 Jul 2002 16:15:39 +0000
Subject: *** empty log message ***

---
 .../include/linux/netfilter_bridge/ebt_mark_m.h    | 11 ++++
 .../include/linux/netfilter_bridge/ebt_mark_t.h    | 12 ++++
 kernel/linux/net/bridge/netfilter/ebt_mark.c       | 69 ++++++++++++++++++++++
 kernel/linux/net/bridge/netfilter/ebt_mark_m.c     | 54 +++++++++++++++++
 4 files changed, 146 insertions(+)
 create mode 100644 kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
 create mode 100644 kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
 create mode 100644 kernel/linux/net/bridge/netfilter/ebt_mark.c
 create mode 100644 kernel/linux/net/bridge/netfilter/ebt_mark_m.c

(limited to 'kernel/linux')

diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
new file mode 100644
index 0000000..576d33b
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
@@ -0,0 +1,11 @@
+#ifndef __LINUX_BRIDGE_EBT_MARK_M_H
+#define __LINUX_BRIDGE_EBT_MARK_M_H
+
+struct ebt_mark_m_info
+{
+	unsigned long mark, mask;
+	__u8 invert;
+};
+#define EBT_MARK_MATCH "mark_m"
+
+#endif
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
new file mode 100644
index 0000000..f84d2ad
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
@@ -0,0 +1,12 @@
+#ifndef __LINUX_BRIDGE_EBT_MARK_T_H
+#define __LINUX_BRIDGE_EBT_MARK_T_H
+
+struct ebt_mark_t_info
+{
+	unsigned long mark;
+	// EBT_ACCEPT, EBT_DROP or EBT_CONTINUE or EBT_RETURN
+	int target;
+};
+#define EBT_MARK_TARGET "mark"
+
+#endif
diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark.c b/kernel/linux/net/bridge/netfilter/ebt_mark.c
new file mode 100644
index 0000000..1e4d98b
--- /dev/null
+++ b/kernel/linux/net/bridge/netfilter/ebt_mark.c
@@ -0,0 +1,69 @@
+/*
+ *  ebt_mark_t
+ *
+ *	Authors:
+ *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *
+ *  July, 2002
+ *
+ */
+
+// The mark target can be used in any chain
+// I believe adding a mangle table just for marking is total overkill
+// Marking a frame doesn't really change anything in the frame anyway
+// The target member of the struct ebt_vlan_info provides the same
+// functionality as a separate table
+
+#include <linux/netfilter_bridge/ebtables.h>
+#include <linux/netfilter_bridge/ebt_mark_t.h>
+#include <linux/netfilter_bridge.h>
+#include <linux/skbuff.h>
+#include <linux/module.h>
+#include <net/sock.h>
+#include "../br_private.h"
+
+static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr,
+   const struct net_device *in, const struct net_device *out,
+   const void *data, unsigned int datalen)
+{
+	struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data;
+
+	if ((*pskb)->nfmark != infostuff->mark) {
+		(*pskb)->nfmark = infostuff->mark;
+		(*pskb)->nfcache |= NFC_ALTERED;
+	}
+	return infostuff->target;
+}
+
+static int ebt_target_mark_check(const char *tablename, unsigned int hookmask,
+   const struct ebt_entry *e, void *data, unsigned int datalen)
+{
+	struct ebt_mark_t_info *infostuff = (struct ebt_mark_t_info *) data;
+
+	if (datalen != sizeof(struct ebt_mark_t_info))
+		return -EINVAL;
+	if (infostuff->target < -NUM_STANDARD_TARGETS || infostuff->target >= 0)
+		return -EINVAL;
+	return 0;
+}
+
+static struct ebt_target mark_target =
+{
+	{NULL, NULL}, EBT_MARK_TARGET, ebt_target_mark,
+	ebt_target_mark_check, NULL, THIS_MODULE
+};
+
+static int __init init(void)
+{
+	return ebt_register_target(&mark_target);
+}
+
+static void __exit fini(void)
+{
+	ebt_unregister_target(&mark_target);
+}
+
+module_init(init);
+module_exit(fini);
+EXPORT_NO_SYMBOLS;
+MODULE_LICENSE("GPL");
diff --git a/kernel/linux/net/bridge/netfilter/ebt_mark_m.c b/kernel/linux/net/bridge/netfilter/ebt_mark_m.c
new file mode 100644
index 0000000..4972b09
--- /dev/null
+++ b/kernel/linux/net/bridge/netfilter/ebt_mark_m.c
@@ -0,0 +1,54 @@
+/*
+ *  ebt_mark_m
+ *
+ *	Authors:
+ *	Bart De Schuymer <bart.de.schuymer@pandora.be>
+ *
+ *  July, 2002
+ *
+ */
+
+#include <linux/netfilter_bridge/ebtables.h>
+#include <linux/netfilter_bridge/ebt_mark_m.h>
+#include <linux/module.h>
+
+static int ebt_filter_mark(const struct sk_buff *skb,
+	       const struct net_device *in,
+	       const struct net_device *out,
+	       const void *data,
+	       unsigned int datalen, const struct ebt_counter *c)
+{
+	struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data;
+
+	return !(((skb->nfmark & info->mask) == info->mark) ^ info->invert);
+}
+
+static int ebt_mark_check(const char *tablename, unsigned int hookmask,
+   const struct ebt_entry *e, void *data, unsigned int datalen)
+{
+	if (datalen != sizeof(struct ebt_mark_m_info)) {
+		return -EINVAL;
+	}
+	return 0;
+}
+
+static struct ebt_match filter_mark =
+{
+	{NULL, NULL}, EBT_MARK_MATCH, ebt_filter_mark, ebt_mark_check, NULL,
+	THIS_MODULE
+};
+
+static int __init init(void)
+{
+	return ebt_register_match(&filter_mark);
+}
+
+static void __exit fini(void)
+{
+	ebt_unregister_match(&filter_mark);
+}
+
+module_init(init);
+module_exit(fini);
+EXPORT_NO_SYMBOLS;
+MODULE_LICENSE("GPL");
-- 
cgit v1.2.3