From a501b78e17f7c12f161d025524afd84bc7a3783e Mon Sep 17 00:00:00 2001
From: Bart De Schuymer <bdschuym@pandora.be>
Date: Sat, 20 Jul 2002 16:15:39 +0000
Subject: *** empty log message ***

---
 ChangeLog               |   2 +
 extensions/ebt_mark.c   | 121 ++++++++++++++++++++++++++++++++++++++++++++++++
 extensions/ebt_mark_m.c | 115 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 238 insertions(+)
 create mode 100644 extensions/ebt_mark.c
 create mode 100644 extensions/ebt_mark_m.c

diff --git a/ChangeLog b/ChangeLog
index 0e3e27a..20bb3f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,5 @@
+20020720
+	* added mark target+match
 20020714
 	* added --atomic options
 20020710
diff --git a/extensions/ebt_mark.c b/extensions/ebt_mark.c
new file mode 100644
index 0000000..318e2b6
--- /dev/null
+++ b/extensions/ebt_mark.c
@@ -0,0 +1,121 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <getopt.h>
+#include "../include/ebtables_u.h"
+#include <linux/netfilter_bridge/ebt_mark_t.h>
+
+extern char *standard_targets[NUM_STANDARD_TARGETS];
+
+#define MARK_TARGET '1'
+#define MARK_SETMARK '2'
+static struct option opts[] =
+{
+	{ "mark-target"    , required_argument, 0, MARK_TARGET },
+	{ "set-mark"    , required_argument, 0, MARK_SETMARK },
+	{ 0 }
+};
+
+static void print_help()
+{
+	printf(
+	"mark target options:\n"
+	" --set-mark value   : Set nfmark value\n"
+	" --mark-target target   : ACCEPT, DROP or CONTINUE\n");
+}
+
+static void init(struct ebt_entry_target *target)
+{
+	struct ebt_mark_t_info *markinfo =
+	   (struct ebt_mark_t_info *)target->data;
+
+	markinfo->target = EBT_ACCEPT;
+	markinfo->mark = 0;
+	return;
+}
+
+#define OPT_MARK_TARGET  0x01
+#define OPT_MARK_SETMARK  0x02
+static int parse(int c, char **argv, int argc,
+   const struct ebt_u_entry *entry, unsigned int *flags,
+   struct ebt_entry_target **target)
+{
+	int i;
+	struct ebt_mark_t_info *markinfo =
+	   (struct ebt_mark_t_info *)(*target)->data;
+	char *end;
+
+	switch (c) {
+	case MARK_TARGET:
+		check_option(flags, OPT_MARK_TARGET);
+		for (i = 0; i < NUM_STANDARD_TARGETS; i++)
+			if (!strcmp(optarg, standard_targets[i])) {
+				markinfo->target = -i - 1;
+				break;
+			}
+		if (i == NUM_STANDARD_TARGETS)
+			print_error("Illegal --mark-target target");
+		break;
+	case MARK_SETMARK:
+		check_option(flags, OPT_MARK_SETMARK);
+		markinfo->mark = strtoul(optarg, &end, 0);
+		if (*end != '\0' || end == optarg)
+			print_error("Bad MARK value `%s'", optarg);
+                break;
+	 default:
+		return 0;
+	}
+	return 1;
+}
+
+static void final_check(const struct ebt_u_entry *entry,
+   const struct ebt_entry_target *target, const char *name,
+   unsigned int hook_mask, unsigned int time)
+{
+}
+
+static void print(const struct ebt_u_entry *entry,
+   const struct ebt_entry_target *target)
+{
+	struct ebt_mark_t_info *markinfo =
+	   (struct ebt_mark_t_info *)target->data;
+
+	printf("--set-mark 0x%lx", markinfo->mark);
+	if (markinfo->target == EBT_ACCEPT)
+		return;
+	printf(" --mark-target %s",
+	   standard_targets[-markinfo->target - 1]);
+}
+
+static int compare(const struct ebt_entry_target *t1,
+   const struct ebt_entry_target *t2)
+{
+	struct ebt_mark_t_info *markinfo1 =
+	   (struct ebt_mark_t_info *)t1->data;
+	struct ebt_mark_t_info *markinfo2 =
+	   (struct ebt_mark_t_info *)t2->data;
+
+	return (markinfo1->target == markinfo2->target && 
+	   markinfo1->mark == markinfo2->mark);
+}
+
+static struct ebt_u_target mark_target =
+{
+	EBT_MARK_TARGET,
+	sizeof(struct ebt_mark_t_info),
+	print_help,
+	init,
+	parse,
+	final_check,
+	print,
+	compare,
+	opts,
+};
+
+static void _init(void) __attribute__ ((constructor));
+static void _init(void)
+{
+	register_target(&mark_target);
+}
diff --git a/extensions/ebt_mark_m.c b/extensions/ebt_mark_m.c
new file mode 100644
index 0000000..16caec5
--- /dev/null
+++ b/extensions/ebt_mark_m.c
@@ -0,0 +1,115 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/socket.h>
+#include <string.h>
+#include <getopt.h>
+#include "../include/ebtables_u.h"
+#include <linux/netfilter_bridge/ebt_mark_m.h>
+
+#define MARK '1'
+
+static struct option opts[] =
+{
+	{ "mark"     , required_argument, 0, MARK },
+	{ 0 }
+};
+
+static void print_help()
+{
+	printf(
+"mark option:\n"
+"--mark    [!] value[/mask]: Match nfmask value with optional mask\n");
+}
+
+static void init(struct ebt_entry_match *match)
+{
+	struct ebt_mark_m_info *markinfo = (struct ebt_mark_m_info *)match->data;
+
+	markinfo->mark = 0;
+	markinfo->mask = 0;
+	markinfo->invert = 0;
+}
+
+#define OPT_MARK 0x01
+static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry,
+   unsigned int *flags, struct ebt_entry_match **match)
+{
+	struct ebt_mark_m_info *markinfo = (struct ebt_mark_m_info *)
+	   (*match)->data;
+	char *end;
+
+	switch (c) {
+	case MARK:
+		check_option(flags, MARK);
+		if (check_inverse(optarg))
+			markinfo->invert = 1;
+		if (optind > argc)
+			print_error("No mark specified");
+		markinfo->mark = strtoul(argv[optind - 1], &end, 0);
+		if (*end == '/')
+			markinfo->mask = strtoul(end+1, &end, 0);
+		else
+			markinfo->mask = 0xffffffff;
+		if ( *end != '\0' || end == argv[optind - 1])
+			print_error("Bad mark value '%s'", argv[optind - 1]);
+		break;
+	default:
+		return 0;
+	}
+	return 1;
+}
+
+static void final_check(const struct ebt_u_entry *entry,
+   const struct ebt_entry_match *match, const char *name,
+   unsigned int hook_mask, unsigned int time)
+{
+}
+
+static void print(const struct ebt_u_entry *entry,
+   const struct ebt_entry_match *match)
+{
+	struct ebt_mark_m_info *markinfo =
+	   (struct ebt_mark_m_info *)match->data;
+
+	printf("--mark ");
+	if (markinfo->invert)
+		printf("! ");
+	if(markinfo->mask != 0xffffffff)
+		printf("0x%lx/0x%lx ", markinfo->mark, markinfo->mask);
+	else
+		printf("0x%lx ", markinfo->mark);
+}
+
+static int compare(const struct ebt_entry_match *m1,
+   const struct ebt_entry_match *m2)
+{
+	struct ebt_mark_m_info *markinfo1 = (struct ebt_mark_m_info *)m1->data;
+	struct ebt_mark_m_info *markinfo2 = (struct ebt_mark_m_info *)m2->data;
+
+	if (markinfo1->invert != markinfo2->invert)
+		return 0;
+	if (markinfo1->mark != markinfo2->mark)
+		return 0;
+	if (markinfo1->mask != markinfo2->mask)
+		return 0;
+	return 1;
+}
+
+static struct ebt_u_match mark_match =
+{
+	EBT_MARK_MATCH,
+	sizeof(struct ebt_mark_m_info),
+	print_help,
+	init,
+	parse,
+	final_check,
+	print,
+	compare,
+	opts,
+};
+
+static void _init(void) __attribute((constructor));
+static void _init(void)
+{
+	register_match(&mark_match);
+}
-- 
cgit v1.2.3