Linux kernel & device driver programming

Cross-Referenced Linux and Device Driver Code

[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ]
Version: [ 2.6.11.8 ] [ 2.6.25 ] [ 2.6.25.8 ] [ 2.6.31.13 ] Architecture: [ i386 ] 
  1 /* This kernel module matches connection mark values set by the
  2  * CONNMARK target
  3  *
  4  * Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
  5  * by Henrik Nordstrom <hno@marasystems.com>
  6  *
  7  * This program is free software; you can redistribute it and/or modify
  8  * it under the terms of the GNU General Public License as published by
  9  * the Free Software Foundation; either version 2 of the License, or
 10  * (at your option) any later version.
 11  *
 12  * This program is distributed in the hope that it will be useful,
 13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15  * GNU General Public License for more details.
 16  *
 17  * You should have received a copy of the GNU General Public License
 18  * along with this program; if not, write to the Free Software
 19  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 20  */
 21 
 22 #include <linux/module.h>
 23 #include <linux/skbuff.h>
 24 
 25 MODULE_AUTHOR("Henrik Nordstrom <hno@marasytems.com>");
 26 MODULE_DESCRIPTION("IP tables connmark match module");
 27 MODULE_LICENSE("GPL");
 28 
 29 #include <linux/netfilter_ipv4/ip_tables.h>
 30 #include <linux/netfilter_ipv4/ipt_connmark.h>
 31 #include <linux/netfilter_ipv4/ip_conntrack.h>
 32 
 33 static int
 34 match(const struct sk_buff *skb,
 35       const struct net_device *in,
 36       const struct net_device *out,
 37       const void *matchinfo,
 38       int offset,
 39       int *hotdrop)
 40 {
 41         const struct ipt_connmark_info *info = matchinfo;
 42         enum ip_conntrack_info ctinfo;
 43         struct ip_conntrack *ct = ip_conntrack_get((struct sk_buff *)skb, &ctinfo);
 44         if (!ct)
 45                 return 0;
 46 
 47         return ((ct->mark & info->mask) == info->mark) ^ info->invert;
 48 }
 49 
 50 static int
 51 checkentry(const char *tablename,
 52            const struct ipt_ip *ip,
 53            void *matchinfo,
 54            unsigned int matchsize,
 55            unsigned int hook_mask)
 56 {
 57         if (matchsize != IPT_ALIGN(sizeof(struct ipt_connmark_info)))
 58                 return 0;
 59 
 60         return 1;
 61 }
 62 
 63 static struct ipt_match connmark_match = {
 64         .name = "connmark",
 65         .match = &match,
 66         .checkentry = &checkentry,
 67         .me = THIS_MODULE
 68 };
 69 
 70 static int __init init(void)
 71 {
 72         return ipt_register_match(&connmark_match);
 73 }
 74 
 75 static void __exit fini(void)
 76 {
 77         ipt_unregister_match(&connmark_match);
 78 }
 79 
 80 module_init(init);
 81 module_exit(fini);
 82
  This page was automatically generated by the LXR engine.