1*a71a9546SAutomerger Merge Worker /*
2*a71a9546SAutomerger Merge Worker * Shared library add-on to iptables to add tos match support
3*a71a9546SAutomerger Merge Worker *
4*a71a9546SAutomerger Merge Worker * Copyright © CC Computer Consultants GmbH, 2007
5*a71a9546SAutomerger Merge Worker * Contact: Jan Engelhardt <[email protected]>
6*a71a9546SAutomerger Merge Worker */
7*a71a9546SAutomerger Merge Worker #include <getopt.h>
8*a71a9546SAutomerger Merge Worker #include <netdb.h>
9*a71a9546SAutomerger Merge Worker #include <stdbool.h>
10*a71a9546SAutomerger Merge Worker #include <stdio.h>
11*a71a9546SAutomerger Merge Worker #include <stdlib.h>
12*a71a9546SAutomerger Merge Worker #include <string.h>
13*a71a9546SAutomerger Merge Worker
14*a71a9546SAutomerger Merge Worker #include <xtables.h>
15*a71a9546SAutomerger Merge Worker #include <linux/netfilter/xt_dscp.h>
16*a71a9546SAutomerger Merge Worker #include "tos_values.c"
17*a71a9546SAutomerger Merge Worker
18*a71a9546SAutomerger Merge Worker struct ipt_tos_info {
19*a71a9546SAutomerger Merge Worker uint8_t tos;
20*a71a9546SAutomerger Merge Worker uint8_t invert;
21*a71a9546SAutomerger Merge Worker };
22*a71a9546SAutomerger Merge Worker
23*a71a9546SAutomerger Merge Worker enum {
24*a71a9546SAutomerger Merge Worker O_TOS = 1 << 0,
25*a71a9546SAutomerger Merge Worker };
26*a71a9546SAutomerger Merge Worker
27*a71a9546SAutomerger Merge Worker static const struct xt_option_entry tos_mt_opts_v0[] = {
28*a71a9546SAutomerger Merge Worker {.name = "tos", .id = O_TOS, .type = XTTYPE_TOSMASK,
29*a71a9546SAutomerger Merge Worker .flags = XTOPT_INVERT | XTOPT_MAND, .max = 0xFF},
30*a71a9546SAutomerger Merge Worker XTOPT_TABLEEND,
31*a71a9546SAutomerger Merge Worker };
32*a71a9546SAutomerger Merge Worker
33*a71a9546SAutomerger Merge Worker static const struct xt_option_entry tos_mt_opts[] = {
34*a71a9546SAutomerger Merge Worker {.name = "tos", .id = O_TOS, .type = XTTYPE_TOSMASK,
35*a71a9546SAutomerger Merge Worker .flags = XTOPT_INVERT | XTOPT_MAND, .max = 0x3F},
36*a71a9546SAutomerger Merge Worker XTOPT_TABLEEND,
37*a71a9546SAutomerger Merge Worker };
38*a71a9546SAutomerger Merge Worker
tos_mt_help(void)39*a71a9546SAutomerger Merge Worker static void tos_mt_help(void)
40*a71a9546SAutomerger Merge Worker {
41*a71a9546SAutomerger Merge Worker const struct tos_symbol_info *symbol;
42*a71a9546SAutomerger Merge Worker
43*a71a9546SAutomerger Merge Worker printf(
44*a71a9546SAutomerger Merge Worker "tos match options:\n"
45*a71a9546SAutomerger Merge Worker "[!] --tos value[/mask] Match Type of Service/Priority field value\n"
46*a71a9546SAutomerger Merge Worker "[!] --tos symbol Match TOS field (IPv4 only) by symbol\n"
47*a71a9546SAutomerger Merge Worker " Accepted symbolic names for value are:\n");
48*a71a9546SAutomerger Merge Worker
49*a71a9546SAutomerger Merge Worker for (symbol = tos_symbol_names; symbol->name != NULL; ++symbol)
50*a71a9546SAutomerger Merge Worker printf(" (0x%02x) %2u %s\n",
51*a71a9546SAutomerger Merge Worker symbol->value, symbol->value, symbol->name);
52*a71a9546SAutomerger Merge Worker
53*a71a9546SAutomerger Merge Worker printf("\n");
54*a71a9546SAutomerger Merge Worker }
55*a71a9546SAutomerger Merge Worker
tos_mt_parse_v0(struct xt_option_call * cb)56*a71a9546SAutomerger Merge Worker static void tos_mt_parse_v0(struct xt_option_call *cb)
57*a71a9546SAutomerger Merge Worker {
58*a71a9546SAutomerger Merge Worker struct ipt_tos_info *info = cb->data;
59*a71a9546SAutomerger Merge Worker
60*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
61*a71a9546SAutomerger Merge Worker if (cb->val.tos_mask != 0xFF)
62*a71a9546SAutomerger Merge Worker xtables_error(PARAMETER_PROBLEM, "tos: Your kernel is "
63*a71a9546SAutomerger Merge Worker "too old to support anything besides /0xFF "
64*a71a9546SAutomerger Merge Worker "as a mask.");
65*a71a9546SAutomerger Merge Worker info->tos = cb->val.tos_value;
66*a71a9546SAutomerger Merge Worker if (cb->invert)
67*a71a9546SAutomerger Merge Worker info->invert = true;
68*a71a9546SAutomerger Merge Worker }
69*a71a9546SAutomerger Merge Worker
tos_mt_parse(struct xt_option_call * cb)70*a71a9546SAutomerger Merge Worker static void tos_mt_parse(struct xt_option_call *cb)
71*a71a9546SAutomerger Merge Worker {
72*a71a9546SAutomerger Merge Worker struct xt_tos_match_info *info = cb->data;
73*a71a9546SAutomerger Merge Worker
74*a71a9546SAutomerger Merge Worker xtables_option_parse(cb);
75*a71a9546SAutomerger Merge Worker info->tos_value = cb->val.tos_value;
76*a71a9546SAutomerger Merge Worker info->tos_mask = cb->val.tos_mask;
77*a71a9546SAutomerger Merge Worker if (cb->invert)
78*a71a9546SAutomerger Merge Worker info->invert = true;
79*a71a9546SAutomerger Merge Worker }
80*a71a9546SAutomerger Merge Worker
tos_mt_print_v0(const void * ip,const struct xt_entry_match * match,int numeric)81*a71a9546SAutomerger Merge Worker static void tos_mt_print_v0(const void *ip, const struct xt_entry_match *match,
82*a71a9546SAutomerger Merge Worker int numeric)
83*a71a9546SAutomerger Merge Worker {
84*a71a9546SAutomerger Merge Worker const struct ipt_tos_info *info = (const void *)match->data;
85*a71a9546SAutomerger Merge Worker
86*a71a9546SAutomerger Merge Worker printf(" tos match ");
87*a71a9546SAutomerger Merge Worker if (info->invert)
88*a71a9546SAutomerger Merge Worker printf("!");
89*a71a9546SAutomerger Merge Worker if (numeric || !tos_try_print_symbolic("", info->tos, 0x3F))
90*a71a9546SAutomerger Merge Worker printf("0x%02x", info->tos);
91*a71a9546SAutomerger Merge Worker }
92*a71a9546SAutomerger Merge Worker
tos_mt_print(const void * ip,const struct xt_entry_match * match,int numeric)93*a71a9546SAutomerger Merge Worker static void tos_mt_print(const void *ip, const struct xt_entry_match *match,
94*a71a9546SAutomerger Merge Worker int numeric)
95*a71a9546SAutomerger Merge Worker {
96*a71a9546SAutomerger Merge Worker const struct xt_tos_match_info *info = (const void *)match->data;
97*a71a9546SAutomerger Merge Worker
98*a71a9546SAutomerger Merge Worker printf(" tos match");
99*a71a9546SAutomerger Merge Worker if (info->invert)
100*a71a9546SAutomerger Merge Worker printf("!");
101*a71a9546SAutomerger Merge Worker if (numeric ||
102*a71a9546SAutomerger Merge Worker !tos_try_print_symbolic("", info->tos_value, info->tos_mask))
103*a71a9546SAutomerger Merge Worker printf("0x%02x/0x%02x", info->tos_value, info->tos_mask);
104*a71a9546SAutomerger Merge Worker }
105*a71a9546SAutomerger Merge Worker
tos_mt_save_v0(const void * ip,const struct xt_entry_match * match)106*a71a9546SAutomerger Merge Worker static void tos_mt_save_v0(const void *ip, const struct xt_entry_match *match)
107*a71a9546SAutomerger Merge Worker {
108*a71a9546SAutomerger Merge Worker const struct ipt_tos_info *info = (const void *)match->data;
109*a71a9546SAutomerger Merge Worker
110*a71a9546SAutomerger Merge Worker if (info->invert)
111*a71a9546SAutomerger Merge Worker printf(" !");
112*a71a9546SAutomerger Merge Worker printf(" --tos 0x%02x", info->tos);
113*a71a9546SAutomerger Merge Worker }
114*a71a9546SAutomerger Merge Worker
tos_mt_save(const void * ip,const struct xt_entry_match * match)115*a71a9546SAutomerger Merge Worker static void tos_mt_save(const void *ip, const struct xt_entry_match *match)
116*a71a9546SAutomerger Merge Worker {
117*a71a9546SAutomerger Merge Worker const struct xt_tos_match_info *info = (const void *)match->data;
118*a71a9546SAutomerger Merge Worker
119*a71a9546SAutomerger Merge Worker if (info->invert)
120*a71a9546SAutomerger Merge Worker printf(" !");
121*a71a9546SAutomerger Merge Worker printf(" --tos 0x%02x/0x%02x", info->tos_value, info->tos_mask);
122*a71a9546SAutomerger Merge Worker }
123*a71a9546SAutomerger Merge Worker
124*a71a9546SAutomerger Merge Worker static struct xtables_match tos_mt_reg[] = {
125*a71a9546SAutomerger Merge Worker {
126*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
127*a71a9546SAutomerger Merge Worker .name = "tos",
128*a71a9546SAutomerger Merge Worker .family = NFPROTO_IPV4,
129*a71a9546SAutomerger Merge Worker .revision = 0,
130*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct ipt_tos_info)),
131*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct ipt_tos_info)),
132*a71a9546SAutomerger Merge Worker .help = tos_mt_help,
133*a71a9546SAutomerger Merge Worker .print = tos_mt_print_v0,
134*a71a9546SAutomerger Merge Worker .save = tos_mt_save_v0,
135*a71a9546SAutomerger Merge Worker .x6_parse = tos_mt_parse_v0,
136*a71a9546SAutomerger Merge Worker .x6_options = tos_mt_opts_v0,
137*a71a9546SAutomerger Merge Worker },
138*a71a9546SAutomerger Merge Worker {
139*a71a9546SAutomerger Merge Worker .version = XTABLES_VERSION,
140*a71a9546SAutomerger Merge Worker .name = "tos",
141*a71a9546SAutomerger Merge Worker .family = NFPROTO_UNSPEC,
142*a71a9546SAutomerger Merge Worker .revision = 1,
143*a71a9546SAutomerger Merge Worker .size = XT_ALIGN(sizeof(struct xt_tos_match_info)),
144*a71a9546SAutomerger Merge Worker .userspacesize = XT_ALIGN(sizeof(struct xt_tos_match_info)),
145*a71a9546SAutomerger Merge Worker .help = tos_mt_help,
146*a71a9546SAutomerger Merge Worker .print = tos_mt_print,
147*a71a9546SAutomerger Merge Worker .save = tos_mt_save,
148*a71a9546SAutomerger Merge Worker .x6_parse = tos_mt_parse,
149*a71a9546SAutomerger Merge Worker .x6_options = tos_mt_opts,
150*a71a9546SAutomerger Merge Worker },
151*a71a9546SAutomerger Merge Worker };
152*a71a9546SAutomerger Merge Worker
_init(void)153*a71a9546SAutomerger Merge Worker void _init(void)
154*a71a9546SAutomerger Merge Worker {
155*a71a9546SAutomerger Merge Worker xtables_register_matches(tos_mt_reg, ARRAY_SIZE(tos_mt_reg));
156*a71a9546SAutomerger Merge Worker }
157