From ffa83b5968b534f679bc34acc506801db3d28d58 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 31 May 2012 10:52:46 +0200
Subject: add mangle functions for IPv4/TCP and IPv4/UDP

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/extra/ipv4.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'src/extra/ipv4.c')

diff --git a/src/extra/ipv4.c b/src/extra/ipv4.c
index 200a20e..ce101ef 100644
--- a/src/extra/ipv4.c
+++ b/src/extra/ipv4.c
@@ -10,6 +10,7 @@
  */
 
 #include <stdio.h>
+#include <stdbool.h>
 #include <arpa/inet.h>
 #include <netinet/ip.h>
 
@@ -90,6 +91,24 @@ void nfq_ip_set_checksum(struct iphdr *iph)
 }
 EXPORT_SYMBOL(nfq_ip_set_checksum);
 
+int nfq_ip_mangle(struct pkt_buff *pkt, unsigned int dataoff,
+		  unsigned int match_offset, unsigned int match_len,
+		  const char *rep_buffer, unsigned int rep_len)
+{
+	struct iphdr *iph = (struct iphdr *) pkt->network_header;
+
+	if (!pktb_mangle(pkt, dataoff, match_offset, match_len,
+						rep_buffer, rep_len))
+		return 0;
+
+	/* fix IP hdr checksum information */
+	iph->tot_len = htons(pkt->len);
+	nfq_ip_set_checksum(iph);
+
+	return 1;
+}
+EXPORT_SYMBOL(nfq_ip_mangle);
+
 /**
  * nfq_pkt_snprintf_ip - print IPv4 header into buffer in iptables LOG format
  * \param buf: pointer to buffer that will be used to print the header
-- 
cgit v1.2.3