source-git / iptables

Clone
Source Code
GIT

Blame extensions/libxt_pkttype.c

c8 c8s master
  1.   a57ba4e533df0553378201f3a71c05329efbf2ba
  2.   extensions
  3.   libxt_pkttype.c
Blob History Raw
Packit 7b22a4 
/*
Packit 7b22a4 
 * Shared library add-on to iptables to match
Packit 7b22a4 
 * packets by their type (BROADCAST, UNICAST, MULTICAST).
Packit 7b22a4 
 *
Packit 7b22a4 
 * Michal Ludvig <michal@logix.cz>
Packit 7b22a4 
 */
Packit 7b22a4 
#include <stdio.h>
Packit 7b22a4 
#include <string.h>
Packit 7b22a4 
#include <xtables.h>
Packit 7b22a4 
#include <linux/if_packet.h>
Packit 7b22a4 
#include <linux/netfilter/xt_pkttype.h>
Packit 7b22a4
Packit 7b22a4 
enum {
Packit 7b22a4 
	O_PKTTYPE = 0,
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
struct pkttypes {
Packit 7b22a4 
	const char *name;
Packit 7b22a4 
	unsigned char pkttype;
Packit 7b22a4 
	unsigned char printhelp;
Packit 7b22a4 
	const char *help;
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
struct pkttypes_xlate {
Packit 7b22a4 
	const char *name;
Packit 7b22a4 
	unsigned char pkttype;
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
static const struct pkttypes supported_types[] = {
Packit 7b22a4 
	{"unicast", PACKET_HOST, 1, "to us"},
Packit 7b22a4 
	{"broadcast", PACKET_BROADCAST, 1, "to all"},
Packit 7b22a4 
	{"multicast", PACKET_MULTICAST, 1, "to group"},
Packit 7b22a4 
/*
Packit 7b22a4 
	{"otherhost", PACKET_OTHERHOST, 1, "to someone else"},
Packit 7b22a4 
	{"outgoing", PACKET_OUTGOING, 1, "outgoing of any type"},
Packit 7b22a4 
*/
Packit 7b22a4 
	/* aliases */
Packit 7b22a4 
	{"bcast", PACKET_BROADCAST, 0, NULL},
Packit 7b22a4 
	{"mcast", PACKET_MULTICAST, 0, NULL},
Packit 7b22a4 
	{"host", PACKET_HOST, 0, NULL}
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
static void print_types(void)
Packit 7b22a4 
{
Packit 7b22a4 
	unsigned int	i;
Packit 7b22a4
Packit 7b22a4 
	printf("Valid packet types:\n");
Packit 7b22a4 
	for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
Packit 7b22a4 
		if(supported_types[i].printhelp == 1)
Packit 7b22a4 
			printf("\t%-14s\t\t%s\n", supported_types[i].name, supported_types[i].help);
Packit 7b22a4 
	printf("\n");
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static void pkttype_help(void)
Packit 7b22a4 
{
Packit 7b22a4 
	printf(
Packit 7b22a4 
"pkttype match options:\n"
Packit 7b22a4 
"[!] --pkt-type packettype    match packet type\n");
Packit 7b22a4 
	print_types();
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static const struct xt_option_entry pkttype_opts[] = {
Packit 7b22a4 
	{.name = "pkt-type", .id = O_PKTTYPE, .type = XTTYPE_STRING,
Packit 7b22a4 
	 .flags = XTOPT_MAND | XTOPT_INVERT},
Packit 7b22a4 
	XTOPT_TABLEEND,
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info)
Packit 7b22a4 
{
Packit 7b22a4 
	unsigned int	i;
Packit 7b22a4
Packit 7b22a4 
	for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
Packit 7b22a4 
		if(strcasecmp(pkttype, supported_types[i].name)==0)
Packit 7b22a4 
		{
Packit 7b22a4 
			info->pkttype=supported_types[i].pkttype;
Packit 7b22a4 
			return;
Packit 7b22a4 
		}
Packit 7b22a4
Packit 7b22a4 
	xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype);
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static void pkttype_parse(struct xt_option_call *cb)
Packit 7b22a4 
{
Packit 7b22a4 
	struct xt_pkttype_info *info = cb->data;
Packit 7b22a4
Packit 7b22a4 
	xtables_option_parse(cb);
Packit 7b22a4 
	parse_pkttype(cb->arg, info);
Packit 7b22a4 
	if (cb->invert)
Packit 7b22a4 
		info->invert = 1;
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static void print_pkttype(const struct xt_pkttype_info *info)
Packit 7b22a4 
{
Packit 7b22a4 
	unsigned int	i;
Packit 7b22a4
Packit 7b22a4 
	for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
Packit 7b22a4 
		if(supported_types[i].pkttype==info->pkttype)
Packit 7b22a4 
		{
Packit 7b22a4 
			printf("%s", supported_types[i].name);
Packit 7b22a4 
			return;
Packit 7b22a4 
		}
Packit 7b22a4
Packit 7b22a4 
	printf("%d", info->pkttype);	/* in case we didn't find an entry in named-packtes */
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static void pkttype_print(const void *ip, const struct xt_entry_match *match,
Packit 7b22a4 
                          int numeric)
Packit 7b22a4 
{
Packit 7b22a4 
	const struct xt_pkttype_info *info = (const void *)match->data;
Packit 7b22a4
Packit 7b22a4 
	printf(" PKTTYPE %s= ", info->invert ? "!" : "");
Packit 7b22a4 
	print_pkttype(info);
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static void pkttype_save(const void *ip, const struct xt_entry_match *match)
Packit 7b22a4 
{
Packit 7b22a4 
	const struct xt_pkttype_info *info = (const void *)match->data;
Packit 7b22a4
Packit 7b22a4 
	printf("%s --pkt-type ", info->invert ? " !" : "");
Packit 7b22a4 
	print_pkttype(info);
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static const struct pkttypes_xlate supported_types_xlate[] = {
Packit 7b22a4 
	{"unicast",	PACKET_HOST},
Packit 7b22a4 
	{"broadcast",	PACKET_BROADCAST},
Packit 7b22a4 
	{"multicast",	PACKET_MULTICAST},
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
static void print_pkttype_xlate(const struct xt_pkttype_info *info,
Packit 7b22a4 
				struct xt_xlate *xl)
Packit 7b22a4 
{
Packit 7b22a4 
	unsigned int i;
Packit 7b22a4
Packit 7b22a4 
	for (i = 0; i < ARRAY_SIZE(supported_types_xlate); ++i) {
Packit 7b22a4 
		if (supported_types_xlate[i].pkttype == info->pkttype) {
Packit 7b22a4 
			xt_xlate_add(xl, "%s", supported_types_xlate[i].name);
Packit 7b22a4 
			return;
Packit 7b22a4 
		}
Packit 7b22a4 
	}
Packit 7b22a4 
	xt_xlate_add(xl, "%d", info->pkttype);
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static int pkttype_xlate(struct xt_xlate *xl,
Packit 7b22a4 
			 const struct xt_xlate_mt_params *params)
Packit 7b22a4 
{
Packit 7b22a4 
	const struct xt_pkttype_info *info = (const void *)params->match->data;
Packit 7b22a4
Packit 7b22a4 
	xt_xlate_add(xl, "pkttype%s ", info->invert ? " !=" : "");
Packit 7b22a4 
	print_pkttype_xlate(info, xl);
Packit 7b22a4
Packit 7b22a4 
	return 1;
Packit 7b22a4 
}
Packit 7b22a4
Packit 7b22a4 
static struct xtables_match pkttype_match = {
Packit 7b22a4 
	.family		= NFPROTO_UNSPEC,
Packit 7b22a4 
	.name		= "pkttype",
Packit 7b22a4 
	.version	= XTABLES_VERSION,
Packit 7b22a4 
	.size		= XT_ALIGN(sizeof(struct xt_pkttype_info)),
Packit 7b22a4 
	.userspacesize	= XT_ALIGN(sizeof(struct xt_pkttype_info)),
Packit 7b22a4 
	.help		= pkttype_help,
Packit 7b22a4 
	.print		= pkttype_print,
Packit 7b22a4 
	.save		= pkttype_save,
Packit 7b22a4 
	.x6_parse	= pkttype_parse,
Packit 7b22a4 
	.x6_options	= pkttype_opts,
Packit 7b22a4 
	.xlate		= pkttype_xlate,
Packit 7b22a4 
};
Packit 7b22a4
Packit 7b22a4 
void _init(void)
Packit 7b22a4 
{
Packit 7b22a4 
	xtables_register_match(&pkttype_match);
Packit 7b22a4 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation