diff options
author | Duncan Roe <duncan_roe@optusnet.com.au> | 2019-12-20 16:53:48 +1100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-12-30 12:32:04 +0100 |
commit | 535a79f002c95b9d37ebded4f34c3b225c4c738d (patch) | |
tree | f4adb21b5883a73467d9d8fe0032f54692cb9a79 /src/extra/udp.c | |
parent | c432a84f1b6a5fb4435f74408d11ed8f7672ec4b (diff) |
src: add mangle functions for IPv6, IPv6/TCP and IPv6/UDP
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/extra/udp.c')
-rw-r--r-- | src/extra/udp.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/extra/udp.c b/src/extra/udp.c index 34dbf2a..9eee1c7 100644 --- a/src/extra/udp.c +++ b/src/extra/udp.c @@ -20,6 +20,7 @@ #include <libnetfilter_queue/libnetfilter_queue.h> #include <libnetfilter_queue/libnetfilter_queue_udp.h> #include <libnetfilter_queue/libnetfilter_queue_ipv4.h> +#include <libnetfilter_queue/libnetfilter_queue_ipv6.h> #include <libnetfilter_queue/pktbuff.h> #include "internal.h" @@ -160,6 +161,44 @@ int nfq_udp_mangle_ipv4(struct pkt_buff *pktb, } /** + * nfq_udp_mangle_ipv6 - Mangle UDP/IPv6 packet buffer + * \param pktb: Pointer to network packet buffer + * \param match_offset: Offset from start of UDP data of content that you want + * to mangle + * \param match_len: Length of the existing content you want to mangle + * \param rep_buffer: Pointer to data you want to use to replace current content + * \param rep_len: Length of data you want to use to replace current content + * \returns 1 for success and 0 for failure. See pktb_mangle() for failure case + * \note This function updates the IPv6 and UDP lengths and recalculates the UDP + * checksum for you. + */ +EXPORT_SYMBOL +int nfq_udp_mangle_ipv6(struct pkt_buff *pktb, + unsigned int match_offset, unsigned int match_len, + const char *rep_buffer, unsigned int rep_len) +{ + struct ip6_hdr *ip6h; + struct udphdr *udph; + + ip6h = (struct ip6_hdr *)pktb->network_header; + udph = (struct udphdr *)(pktb->transport_header); + if (!udph) + return 0; + + udph->len = htons(ntohs(udph->len) + rep_len - match_len); + + if (!nfq_ip6_mangle(pktb, + pktb->transport_header - pktb->network_header + + sizeof(struct udphdr), + match_offset, match_len, rep_buffer, rep_len)) + return 0; + + nfq_udp_compute_checksum_ipv6(udph, ip6h); + + return 1; +} + +/** * nfq_pkt_snprintf_udp_hdr - print udp header into one buffer in a humnan * readable way * \param buf: pointer to buffer that is used to print the object |