diff options
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libipt_DSCP.c | 47 | ||||
-rw-r--r-- | extensions/libipt_dscp.c | 35 | ||||
-rw-r--r-- | extensions/libipt_dscp_helper.c | 82 |
3 files changed, 121 insertions, 43 deletions
diff --git a/extensions/libipt_DSCP.c b/extensions/libipt_DSCP.c index e06c7361..13246633 100644 --- a/extensions/libipt_DSCP.c +++ b/extensions/libipt_DSCP.c @@ -18,39 +18,9 @@ #include <linux/netfilter_ipv4/ip_tables.h> #include <linux/netfilter_ipv4/ipt_DSCP.h> +/* This is evil, but it's my code - HW*/ +#include "libipt_dscp_helper.c" -/* see http://www.iana.org/assignments/dscp-registry */ - -static struct ds_class -{ - char *class; - unsigned int dscp; -} ds_classes[] = -{ - { "CS0", 0 }, - { "CS1", 0x08 }, - { "CS2", 0x10 }, - { "CS3", 0x18 }, - { "CS3", 0x18 }, - { "CS4", 0x20 }, - { "CS5", 0x28 }, - { "CS6", 0x30 }, - { "CS6", 0x38 }, - { "BE", 0 }, - { "AF11", 0x0a }, - { "AF12", 0x0c }, - { "AF13", 0x0e }, - { "AF21", 0x12 }, - { "AF22", 0x14 }, - { "AF23", 0x16 }, - { "AF31", 0x1a }, - { "AF32", 0x1c }, - { "AF33", 0x1e }, - { "AF41", 0x22 }, - { "AF42", 0x24 }, - { "AF43", 0x26 }, - { "EF", 0x2e } -}; static void init(struct ipt_entry_target *t, unsigned int *nfcache) { @@ -99,17 +69,10 @@ parse_dscp(const unsigned char *s, struct ipt_DSCP_info *dinfo) static void parse_class(const unsigned char *s, struct ipt_DSCP_info *dinfo) { - int i; - - for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) { - if (!strncasecmp(s, ds_classes[i].class, - strlen(ds_classes[i].class))) { - dinfo->dscp = (u_int8_t)ds_classes[i].dscp; - return; - } - } + unsigned int dscp = class_to_dscp(s); - exit_error(PARAMETER_PROBLEM, "Invalid DSCP class value '%s'", s); + /* Assign the value */ + dinfo->dscp = (u_int8_t)dscp; } diff --git a/extensions/libipt_dscp.c b/extensions/libipt_dscp.c index 83788154..7718112c 100644 --- a/extensions/libipt_dscp.c +++ b/extensions/libipt_dscp.c @@ -6,6 +6,8 @@ * * libipt_dscp.c borrowed heavily from libipt_tos.c * + * --class support added by Iain Barnes + * * For a list of DSCP codepoints see * http://www.iana.org/assignments/dscp-registry * @@ -19,6 +21,9 @@ #include <linux/netfilter_ipv4/ip_tables.h> #include <linux/netfilter_ipv4/ipt_dscp.h> +/* This is evil, but it's my code - HW*/ +#include "libipt_dscp_helper.c" + static void init(struct ipt_entry_match *m, unsigned int *nfcache) { *nfcache |= NFC_IP_TOS; @@ -30,12 +35,18 @@ static void help(void) "DSCP match v%s options\n" "[!] --dscp value Match DSCP codepoint with numerical value\n" " This value can be in decimal (ex: 32)\n" -" or in hex (ex: 0x20)\n", IPTABLES_VERSION +" or in hex (ex: 0x20)\n" +"[!] --class name Match the DiffServ class. This value may\n" +" be any of the BE,EF, AFxx or CSx classes\n" +"\n" +" These two options are mutually exclusive !\n" + , IPTABLES_VERSION ); } static struct option opts[] = { { "dscp", 1, 0, 'F' }, + { "class", 1, 0, 'G' }, { 0 } }; @@ -56,6 +67,17 @@ parse_dscp(const unsigned char *s, struct ipt_dscp_info *dinfo) return; } + +static void +parse_class(const char *s, struct ipt_dscp_info *dinfo) +{ + unsigned int dscp = class_to_dscp(s); + + /* Assign the value */ + dinfo->dscp = (u_int8_t)dscp; +} + + static int parse(int c, char **argv, int invert, unsigned int *flags, const struct ipt_entry *entry, @@ -77,6 +99,17 @@ parse(int c, char **argv, int invert, unsigned int *flags, *flags = 1; break; + case 'G': + if (*flags) + exit_error(PARAMETER_PROBLEM, + "DSCP match: Only use --class ONCE!"); + check_inverse(optarg, &invert, &optind, 0); + parse_class(argv[optind - 1], dinfo); + if (invert) + dinfo->invert = 1; + *flags = 1; + break; + default: return 0; } diff --git a/extensions/libipt_dscp_helper.c b/extensions/libipt_dscp_helper.c new file mode 100644 index 00000000..742ac86a --- /dev/null +++ b/extensions/libipt_dscp_helper.c @@ -0,0 +1,82 @@ +/* + * DiffServ classname <-> DiffServ codepoint mapping functions. + * + * The latest list of the mappings can be found at: + * <http://www.iana.org/assignments/dscp-registry> + * + * This code is released under the GNU GPL v2, 1991 + * + * Author: Iain Barnes + */ + +#include <stdio.h> +#include <string.h> +#include <iptables_common.h> + + + +static struct ds_class +{ + const char *name; + unsigned int dscp; +} ds_classes[] = +{ + { "CS0", 0x00 }, + { "CS1", 0x08 }, + { "CS2", 0x10 }, + { "CS3", 0x18 }, + { "CS4", 0x20 }, + { "CS5", 0x28 }, + { "CS6", 0x30 }, + { "CS7", 0x38 }, + { "BE", 0x00 }, + { "AF11", 0x0a }, + { "AF12", 0x0c }, + { "AF13", 0x0e }, + { "AF21", 0x12 }, + { "AF22", 0x14 }, + { "AF23", 0x16 }, + { "AF31", 0x1a }, + { "AF32", 0x1c }, + { "AF33", 0x1e }, + { "AF41", 0x22 }, + { "AF42", 0x24 }, + { "AF43", 0x26 }, + { "EF", 0x2e } +}; + + + +unsigned int +class_to_dscp(const char *name) +{ + int i; + + for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) { + if (!strncasecmp(name, ds_classes[i].name, + strlen(ds_classes[i].name))) + return ds_classes[i].dscp; + } + + exit_error(PARAMETER_PROBLEM, + "Invalid DSCP value `%s'\n", name); +} + + + +const char * +dscp_to_name(unsigned int dscp) +{ + int i; + + for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) { + if (dscp == ds_classes[i].dscp) + return ds_classes[i].name; + } + + + exit_error(PARAMETER_PROBLEM, + "Invalid DSCP value `%d'\n", dscp); +} + + |