From edf2b7c0863133b38ba48dbcaa18a16bdba1a588 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Tue, 9 Oct 2018 17:21:37 +0200 Subject: ebtables-nft: add arpreply target Unfortunately no nft translation available so far. Signed-off-by: Florian Westphal --- extensions/libebt_arpreply.c | 106 +++++++++++++++++++++++++++++++++++++++++++ extensions/libebt_arpreply.t | 4 ++ 2 files changed, 110 insertions(+) create mode 100644 extensions/libebt_arpreply.c create mode 100644 extensions/libebt_arpreply.t (limited to 'extensions') diff --git a/extensions/libebt_arpreply.c b/extensions/libebt_arpreply.c new file mode 100644 index 00000000..998dece3 --- /dev/null +++ b/extensions/libebt_arpreply.c @@ -0,0 +1,106 @@ +/* ebt_arpreply + * + * Authors: + * Grzegorz Borowiak + * Bart De Schuymer + * + * August, 2003 + */ + +#include +#include +#include +#include +#include +#include +#include +#include "iptables/nft.h" +#include "iptables/nft-bridge.h" + +#define OPT_REPLY_MAC 0x01 +#define OPT_REPLY_TARGET 0x02 + +#define REPLY_MAC '1' +#define REPLY_TARGET '2' +static const struct option brarpreply_opts[] = { + { "arpreply-mac" , required_argument, 0, REPLY_MAC }, + { "arpreply-target" , required_argument, 0, REPLY_TARGET }, + XT_GETOPT_TABLEEND, +}; + +static void brarpreply_print_help(void) +{ + printf( + "arpreply target options:\n" + " --arpreply-mac address : source MAC of generated reply\n" + " --arpreply-target target : ACCEPT, DROP, RETURN or CONTINUE\n" + " (standard target is DROP)\n"); +} + +static void brarpreply_init(struct xt_entry_target *target) +{ + struct ebt_arpreply_info *replyinfo = (void *)target->data; + + replyinfo->target = EBT_DROP; +} + +static int +brarpreply_parse(int c, char **argv, int invert, unsigned int *flags, + const void *entry, struct xt_entry_target **tg) + +{ + struct ebt_arpreply_info *replyinfo = (void *)(*tg)->data; + struct ether_addr *addr; + + switch (c) { + case REPLY_MAC: + EBT_CHECK_OPTION(flags, OPT_REPLY_MAC); + if (!(addr = ether_aton(optarg))) + xtables_error(PARAMETER_PROBLEM, "Problem with specified --arpreply-mac mac"); + memcpy(replyinfo->mac, addr, ETH_ALEN); + break; + case REPLY_TARGET: + EBT_CHECK_OPTION(flags, OPT_REPLY_TARGET); + if (ebt_fill_target(optarg, (unsigned int *)&replyinfo->target)) + xtables_error(PARAMETER_PROBLEM, "Illegal --arpreply-target target"); + break; + + default: + return 0; + } + return 1; +} + +static void ebt_print_mac(const unsigned char *mac) +{ + printf("%s", ether_ntoa((struct ether_addr *) mac)); +} + +static void brarpreply_print(const void *ip, const struct xt_entry_target *t, int numeric) +{ + struct ebt_arpreply_info *replyinfo = (void *)t->data; + + printf("--arpreply-mac "); + ebt_print_mac(replyinfo->mac); + if (replyinfo->target == EBT_DROP) + return; + printf(" --arpreply-target %s", ebt_target_name(replyinfo->target)); +} + +static struct xtables_target arpreply_target = { + .name = "arpreply", + .version = XTABLES_VERSION, + .family = NFPROTO_BRIDGE, + .init = brarpreply_init, + .size = XT_ALIGN(sizeof(struct ebt_arpreply_info)), + .userspacesize = XT_ALIGN(sizeof(struct ebt_arpreply_info)), + .help = brarpreply_print_help, + .parse = brarpreply_parse, + .print = brarpreply_print, + .extra_opts = brarpreply_opts, +}; + +void _init(void) +{ + xtables_register_target(&arpreply_target); +} diff --git a/extensions/libebt_arpreply.t b/extensions/libebt_arpreply.t new file mode 100644 index 00000000..f7bc85f9 --- /dev/null +++ b/extensions/libebt_arpreply.t @@ -0,0 +1,4 @@ +:PREROUTING +*nat +-p ARP -i foo -j arpreply --arpreply-mac de:ad:0:be:ee:ff --arpreply-target ACCEPT;=;OK +-p ARP -i foo -j arpreply --arpreply-mac de:ad:0:be:ee:ff;=;OK -- cgit v1.2.3