summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--extensions/libipt_DSCP.c47
-rw-r--r--extensions/libipt_dscp.c35
-rw-r--r--extensions/libipt_dscp_helper.c82
3 files changed, 121 insertions, 43 deletions
diff --git a/extensions/libipt_DSCP.c b/extensions/libipt_DSCP.c
index e06c736..1324663 100644
--- a/extensions/libipt_DSCP.c
+++ b/extensions/libipt_DSCP.c
@@ -18,39 +18,9 @@
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter_ipv4/ipt_DSCP.h>
+/* This is evil, but it's my code - HW*/
+#include "libipt_dscp_helper.c"
-/* see http://www.iana.org/assignments/dscp-registry */
-
-static struct ds_class
-{
- char *class;
- unsigned int dscp;
-} ds_classes[] =
-{
- { "CS0", 0 },
- { "CS1", 0x08 },
- { "CS2", 0x10 },
- { "CS3", 0x18 },
- { "CS3", 0x18 },
- { "CS4", 0x20 },
- { "CS5", 0x28 },
- { "CS6", 0x30 },
- { "CS6", 0x38 },
- { "BE", 0 },
- { "AF11", 0x0a },
- { "AF12", 0x0c },
- { "AF13", 0x0e },
- { "AF21", 0x12 },
- { "AF22", 0x14 },
- { "AF23", 0x16 },
- { "AF31", 0x1a },
- { "AF32", 0x1c },
- { "AF33", 0x1e },
- { "AF41", 0x22 },
- { "AF42", 0x24 },
- { "AF43", 0x26 },
- { "EF", 0x2e }
-};
static void init(struct ipt_entry_target *t, unsigned int *nfcache)
{
@@ -99,17 +69,10 @@ parse_dscp(const unsigned char *s, struct ipt_DSCP_info *dinfo)
static void
parse_class(const unsigned char *s, struct ipt_DSCP_info *dinfo)
{
- int i;
-
- for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
- if (!strncasecmp(s, ds_classes[i].class,
- strlen(ds_classes[i].class))) {
- dinfo->dscp = (u_int8_t)ds_classes[i].dscp;
- return;
- }
- }
+ unsigned int dscp = class_to_dscp(s);
- exit_error(PARAMETER_PROBLEM, "Invalid DSCP class value '%s'", s);
+ /* Assign the value */
+ dinfo->dscp = (u_int8_t)dscp;
}
diff --git a/extensions/libipt_dscp.c b/extensions/libipt_dscp.c
index 8378815..7718112 100644
--- a/extensions/libipt_dscp.c
+++ b/extensions/libipt_dscp.c
@@ -6,6 +6,8 @@
*
* libipt_dscp.c borrowed heavily from libipt_tos.c
*
+ * --class support added by Iain Barnes
+ *
* For a list of DSCP codepoints see
* http://www.iana.org/assignments/dscp-registry
*
@@ -19,6 +21,9 @@
#include <linux/netfilter_ipv4/ip_tables.h>
#include <linux/netfilter_ipv4/ipt_dscp.h>
+/* This is evil, but it's my code - HW*/
+#include "libipt_dscp_helper.c"
+
static void init(struct ipt_entry_match *m, unsigned int *nfcache)
{
*nfcache |= NFC_IP_TOS;
@@ -30,12 +35,18 @@ static void help(void)
"DSCP match v%s options\n"
"[!] --dscp value Match DSCP codepoint with numerical value\n"
" This value can be in decimal (ex: 32)\n"
-" or in hex (ex: 0x20)\n", IPTABLES_VERSION
+" or in hex (ex: 0x20)\n"
+"[!] --class name Match the DiffServ class. This value may\n"
+" be any of the BE,EF, AFxx or CSx classes\n"
+"\n"
+" These two options are mutually exclusive !\n"
+ , IPTABLES_VERSION
);
}
static struct option opts[] = {
{ "dscp", 1, 0, 'F' },
+ { "class", 1, 0, 'G' },
{ 0 }
};
@@ -56,6 +67,17 @@ parse_dscp(const unsigned char *s, struct ipt_dscp_info *dinfo)
return;
}
+
+static void
+parse_class(const char *s, struct ipt_dscp_info *dinfo)
+{
+ unsigned int dscp = class_to_dscp(s);
+
+ /* Assign the value */
+ dinfo->dscp = (u_int8_t)dscp;
+}
+
+
static int
parse(int c, char **argv, int invert, unsigned int *flags,
const struct ipt_entry *entry,
@@ -77,6 +99,17 @@ parse(int c, char **argv, int invert, unsigned int *flags,
*flags = 1;
break;
+ case 'G':
+ if (*flags)
+ exit_error(PARAMETER_PROBLEM,
+ "DSCP match: Only use --class ONCE!");
+ check_inverse(optarg, &invert, &optind, 0);
+ parse_class(argv[optind - 1], dinfo);
+ if (invert)
+ dinfo->invert = 1;
+ *flags = 1;
+ break;
+
default:
return 0;
}
diff --git a/extensions/libipt_dscp_helper.c b/extensions/libipt_dscp_helper.c
new file mode 100644
index 0000000..742ac86
--- /dev/null
+++ b/extensions/libipt_dscp_helper.c
@@ -0,0 +1,82 @@
+/*
+ * DiffServ classname <-> DiffServ codepoint mapping functions.
+ *
+ * The latest list of the mappings can be found at:
+ * <http://www.iana.org/assignments/dscp-registry>
+ *
+ * This code is released under the GNU GPL v2, 1991
+ *
+ * Author: Iain Barnes
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <iptables_common.h>
+
+
+
+static struct ds_class
+{
+ const char *name;
+ unsigned int dscp;
+} ds_classes[] =
+{
+ { "CS0", 0x00 },
+ { "CS1", 0x08 },
+ { "CS2", 0x10 },
+ { "CS3", 0x18 },
+ { "CS4", 0x20 },
+ { "CS5", 0x28 },
+ { "CS6", 0x30 },
+ { "CS7", 0x38 },
+ { "BE", 0x00 },
+ { "AF11", 0x0a },
+ { "AF12", 0x0c },
+ { "AF13", 0x0e },
+ { "AF21", 0x12 },
+ { "AF22", 0x14 },
+ { "AF23", 0x16 },
+ { "AF31", 0x1a },
+ { "AF32", 0x1c },
+ { "AF33", 0x1e },
+ { "AF41", 0x22 },
+ { "AF42", 0x24 },
+ { "AF43", 0x26 },
+ { "EF", 0x2e }
+};
+
+
+
+unsigned int
+class_to_dscp(const char *name)
+{
+ int i;
+
+ for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ if (!strncasecmp(name, ds_classes[i].name,
+ strlen(ds_classes[i].name)))
+ return ds_classes[i].dscp;
+ }
+
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid DSCP value `%s'\n", name);
+}
+
+
+
+const char *
+dscp_to_name(unsigned int dscp)
+{
+ int i;
+
+ for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ if (dscp == ds_classes[i].dscp)
+ return ds_classes[i].name;
+ }
+
+
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid DSCP value `%d'\n", dscp);
+}
+
+