From 199d31a20f95babd74d692beb89988e2fb851032 Mon Sep 17 00:00:00 2001 From: fnm3 Date: Fri, 14 Jun 2002 17:28:13 +0000 Subject: New parameter definitions addded Kernelspace changes for encapsulated protocol parameter Version changed Updated VLAN match extension section Removed empty lines at end of file Userspace changes - vlan encapsulated protocol match added --- kernel/linux/net/bridge/netfilter/ebt_vlan.c | 70 +++++++++++++++++++--------- 1 file changed, 49 insertions(+), 21 deletions(-) (limited to 'kernel/linux/net/bridge') diff --git a/kernel/linux/net/bridge/netfilter/ebt_vlan.c b/kernel/linux/net/bridge/netfilter/ebt_vlan.c index 8ad921d..f7e2c16 100644 --- a/kernel/linux/net/bridge/netfilter/ebt_vlan.c +++ b/kernel/linux/net/bridge/netfilter/ebt_vlan.c @@ -5,7 +5,7 @@ * Bart De Schuymer * Nick Fedchik * - * May, 2002 + * June, 2002 */ #include @@ -18,6 +18,8 @@ static unsigned char debug; MODULE_PARM (debug, "0-1b"); MODULE_PARM_DESC (debug, "debug=1 is turn on debug messages"); +#define MODULE_VERSION "0.2" + static int ebt_filter_vlan (const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, @@ -30,42 +32,63 @@ static int ebt_filter_vlan (const struct sk_buff *skb, (struct vlan_ethhdr *) skb->mac.raw; unsigned short v_id; unsigned short v_prio; + unsigned short v_TCI; /* - * Calculate 802.1Q VLAN ID and Priority - * Reserved one bit (13) for CFI + * Calculate 802.1Q VLAN ID and user_priority from + * Tag Control Information (TCI) field. + * Reserved one bit (13) for CFI (Canonical Format Indicator) */ - v_id = ntohs ((unsigned short) vlanethhdr->h_vlan_TCI) & 0xFFF; - v_prio = ntohs ((unsigned short) vlanethhdr->h_vlan_TCI) >> 13; + v_TCI = ntohs (vlanethhdr->h_vlan_TCI); + v_id = v_TCI & 0xFFF; + v_prio = v_TCI >> 13; /* * Checking VLANs */ if (infostuff->bitmask & EBT_VLAN_ID) { /* Is VLAN ID parsed? */ if (!((infostuff->id == v_id) - ^ !!(infostuff->invflags & EBT_VLAN_ID))) - return 1; + ^ !!(infostuff->invflags & EBT_VLAN_ID))) + return 1; if (debug) printk (KERN_DEBUG "ebt_vlan: matched ID=%s%d (mask=%X)\n", - (infostuff->invflags & EBT_VLAN_ID) ? "!" : "", - infostuff->id, - (unsigned char) infostuff->bitmask); + (infostuff-> + invflags & EBT_VLAN_ID) ? "!" : "", + infostuff->id, infostuff->bitmask); } /* - * Checking Priority + * Checking User Priority */ if (infostuff->bitmask & EBT_VLAN_PRIO) { /* Is VLAN Prio parsed? */ - if (!( (infostuff->prio == v_prio) - ^ !!(infostuff->invflags & EBT_VLAN_PRIO))) - return 1; /* missed */ + if (!((infostuff->prio == v_prio) + ^ !!(infostuff->invflags & EBT_VLAN_PRIO))) + return 1; /* missed */ if (debug) printk (KERN_DEBUG "ebt_vlan: matched Prio=%s%d (mask=%X)\n", - (infostuff->invflags & EBT_VLAN_PRIO) ? "!" : "", - infostuff->prio, - (unsigned char) infostuff->bitmask); + (infostuff-> + invflags & EBT_VLAN_PRIO) ? "!" : "", + infostuff->prio, infostuff->bitmask); } + /* + * Checking for Encapsulated proto + */ + if (infostuff->bitmask & EBT_VLAN_ENCAP) { /* Is VLAN Encap parsed? */ + if (! + ((infostuff->encap == + vlanethhdr->h_vlan_encapsulated_proto) + ^ !!(infostuff->invflags & EBT_VLAN_ENCAP))) + return 1; /* missed */ + if (debug) + printk (KERN_DEBUG + "ebt_vlan: matched encap=%s%2.4X (mask=%X)\n", + (infostuff-> + invflags & EBT_VLAN_ENCAP) ? "!" : "", + ntohs (infostuff->encap), + infostuff->bitmask); + } + /* * rule matched */ @@ -96,7 +119,10 @@ static int ebt_vlan_check (const char *tablename, unsigned int hooknr, } static struct ebt_match filter_vlan = { - {NULL, NULL}, EBT_VLAN_MATCH, ebt_filter_vlan, ebt_vlan_check, + {NULL, NULL}, + EBT_VLAN_MATCH, + ebt_filter_vlan, + ebt_vlan_check, NULL, THIS_MODULE }; @@ -104,10 +130,11 @@ static struct ebt_match filter_vlan = { static int __init init (void) { printk (KERN_INFO - "ebt_vlan: 802.1Q VLAN matching module for EBTables\n"); + "ebt_vlan: 802.1Q VLAN matching module for EBTables " + MODULE_VERSION "\n"); if (debug) printk (KERN_DEBUG - "ebt_vlan: 802.1Q matching debug is on\n"); + "ebt_vlan: 802.1Q rule matching debug is on\n"); return ebt_register_match (&filter_vlan); } @@ -120,5 +147,6 @@ module_init (init); module_exit (fini); EXPORT_NO_SYMBOLS; MODULE_AUTHOR ("Nick Fedchik "); -MODULE_DESCRIPTION ("802.1Q VLAN matching module for ebtables, v0.1"); +MODULE_DESCRIPTION ("802.1Q VLAN matching module for ebtables, v" + MODULE_VERSION); MODULE_LICENSE ("GPL"); -- cgit v1.2.3