Google Git
Sign in
android-kvm / linux / 8e9c523016cf9983b295e4bc659183d1fa6ef8e0 / . / net / netfilter / xt_dscp.c
blob: fb0169a8f9bbd3b03411a0287fb021042104afa9 [file] [log] [blame]
Thomas Gleixnerd2912cb2019-06-04 10:11:33 +0200[diff] [blame]1// SPDX-License-Identifier: GPL-2.0-only
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]2/* IP tables module for matching the value of the IPv4/IPv6 DSCP field
3 *
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]4 * (C) 2002 by Harald Welte <laforge@netfilter.org>
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]5 */
Jan Engelhardt8bee4ba2010-03-17 16:04:40 +0100[diff] [blame]6#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]7#include <linux/module.h>
8#include <linux/skbuff.h>
9#include <linux/ip.h>
10#include <linux/ipv6.h>
11#include <net/dsfield.h>
12
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]13#include <linux/netfilter/x_tables.h>
Jan Engelhardtc3b33e62007-12-04 23:37:54 -0800[diff] [blame]14#include <linux/netfilter/xt_dscp.h>
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]15
16MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
Jan Engelhardt2ae15b62008-01-14 23:42:28 -0800[diff] [blame]17MODULE_DESCRIPTION("Xtables: DSCP/TOS field match");
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]18MODULE_LICENSE("GPL");
19MODULE_ALIAS("ipt_dscp");
20MODULE_ALIAS("ip6t_dscp");
Jan Engelhardtc3b33e62007-12-04 23:37:54 -0800[diff] [blame]21MODULE_ALIAS("ipt_tos");
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]22MODULE_ALIAS("ip6t_tos");
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]23
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]24static bool
Jan Engelhardt62fc8052009-07-07 20:42:08 +0200[diff] [blame]25dscp_mt(const struct sk_buff *skb, struct xt_action_param *par)
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]26{
Jan Engelhardtf7108a202008-10-08 11:35:18 +0200[diff] [blame]27 const struct xt_dscp_info *info = par->matchinfo;
Jan Engelhardt1d93a9c2007-07-07 22:15:35 -0700[diff] [blame]28 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
29
30 return (dscp == info->dscp) ^ !!info->invert;
31}
32
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]33static bool
Jan Engelhardt62fc8052009-07-07 20:42:08 +0200[diff] [blame]34dscp_mt6(const struct sk_buff *skb, struct xt_action_param *par)
Jan Engelhardt1d93a9c2007-07-07 22:15:35 -0700[diff] [blame]35{
Jan Engelhardtf7108a202008-10-08 11:35:18 +0200[diff] [blame]36 const struct xt_dscp_info *info = par->matchinfo;
Arnaldo Carvalho de Melo0660e032007-04-25 17:54:47 -0700[diff] [blame]37 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]38
39 return (dscp == info->dscp) ^ !!info->invert;
40}
41
Jan Engelhardtb0f38452010-03-19 17:16:42 +0100[diff] [blame]42static int dscp_mt_check(const struct xt_mtchk_param *par)
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]43{
Jan Engelhardt9b4fce72008-10-08 11:35:18 +0200[diff] [blame]44 const struct xt_dscp_info *info = par->matchinfo;
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]45
Florian Westphal0cc95012018-02-09 15:51:59 +0100[diff] [blame]46 if (info->dscp > XT_DSCP_MAX)
Jan Engelhardt4a5a5c72010-03-19 17:32:59 +0100[diff] [blame]47 return -EDOM;
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]48
Jan Engelhardtbd414ee2010-03-23 16:35:56 +0100[diff] [blame]49 return 0;
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]50}
51
Jan Engelhardt62fc8052009-07-07 20:42:08 +0200[diff] [blame]52static bool tos_mt(const struct sk_buff *skb, struct xt_action_param *par)
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]53{
Jan Engelhardtf7108a202008-10-08 11:35:18 +0200[diff] [blame]54 const struct xt_tos_match_info *info = par->matchinfo;
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]55
Pablo Neira Ayuso613dbd92016-11-03 10:56:21 +0100[diff] [blame]56 if (xt_family(par) == NFPROTO_IPV4)
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]57 return ((ip_hdr(skb)->tos & info->tos_mask) ==
58 info->tos_value) ^ !!info->invert;
59 else
60 return ((ipv6_get_dsfield(ipv6_hdr(skb)) & info->tos_mask) ==
61 info->tos_value) ^ !!info->invert;
62}
63
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]64static struct xt_match dscp_mt_reg[] __read_mostly = {
Patrick McHardy4470bbc2006-08-22 00:34:04 -0700[diff] [blame]65 {
66 .name = "dscp",
Jan Engelhardtee999d82008-10-08 11:35:01 +0200[diff] [blame]67 .family = NFPROTO_IPV4,
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]68 .checkentry = dscp_mt_check,
69 .match = dscp_mt,
Patrick McHardy4470bbc2006-08-22 00:34:04 -0700[diff] [blame]70 .matchsize = sizeof(struct xt_dscp_info),
71 .me = THIS_MODULE,
72 },
73 {
74 .name = "dscp",
Jan Engelhardtee999d82008-10-08 11:35:01 +0200[diff] [blame]75 .family = NFPROTO_IPV6,
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]76 .checkentry = dscp_mt_check,
77 .match = dscp_mt6,
Patrick McHardy4470bbc2006-08-22 00:34:04 -0700[diff] [blame]78 .matchsize = sizeof(struct xt_dscp_info),
79 .me = THIS_MODULE,
80 },
Jan Engelhardtc3b33e62007-12-04 23:37:54 -0800[diff] [blame]81 {
82 .name = "tos",
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]83 .revision = 1,
Jan Engelhardtee999d82008-10-08 11:35:01 +0200[diff] [blame]84 .family = NFPROTO_IPV4,
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]85 .match = tos_mt,
86 .matchsize = sizeof(struct xt_tos_match_info),
87 .me = THIS_MODULE,
88 },
89 {
90 .name = "tos",
91 .revision = 1,
Jan Engelhardtee999d82008-10-08 11:35:01 +0200[diff] [blame]92 .family = NFPROTO_IPV6,
Jan Engelhardtf1095ab2007-12-04 23:38:30 -0800[diff] [blame]93 .match = tos_mt,
94 .matchsize = sizeof(struct xt_tos_match_info),
95 .me = THIS_MODULE,
96 },
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]97};
98
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]99static int __init dscp_mt_init(void)
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]100{
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]101 return xt_register_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]102}
103
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]104static void __exit dscp_mt_exit(void)
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]105{
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]106 xt_unregister_matches(dscp_mt_reg, ARRAY_SIZE(dscp_mt_reg));
Yasuyuki Kozakai9ba16272006-08-22 00:29:37 -0700[diff] [blame]107}
108
Jan Engelhardtd3c5ee62007-12-04 23:24:03 -0800[diff] [blame]109module_init(dscp_mt_init);
110module_exit(dscp_mt_exit);