Linux Kernel
3.7.1
Main Page
Related Pages
Modules
Namespaces
Data Structures
Files
File List
Globals
•
All
Data Structures
Namespaces
Files
Functions
Variables
Typedefs
Enumerations
Enumerator
Macros
Groups
Pages
net
netfilter
xt_devgroup.c
Go to the documentation of this file.
1
/*
2
* Copyright (c) 2011 Patrick McHardy <kaber@trash.net>
3
*
4
* This program is free software; you can redistribute it and/or modify
5
* it under the terms of the GNU General Public License version 2 as
6
* published by the Free Software Foundation.
7
*/
8
9
#include <linux/module.h>
10
#include <
linux/skbuff.h
>
11
#include <linux/netdevice.h>
12
13
#include <
linux/netfilter/xt_devgroup.h
>
14
#include <linux/netfilter/x_tables.h>
15
16
MODULE_AUTHOR
(
"Patrick McHardy <kaber@trash.net>"
);
17
MODULE_LICENSE
(
"GPL"
);
18
MODULE_DESCRIPTION
(
"Xtables: Device group match"
);
19
MODULE_ALIAS
(
"ipt_devgroup"
);
20
MODULE_ALIAS
(
"ip6t_devgroup"
);
21
22
static
bool
devgroup_mt(
const
struct
sk_buff
*
skb
,
struct
xt_action_param
*par)
23
{
24
const
struct
xt_devgroup_info
*
info
= par->
matchinfo
;
25
26
if
(info->
flags
&
XT_DEVGROUP_MATCH_SRC
&&
27
(((info->
src_group
^ par->
in
->group) & info->
src_mask
? 1 : 0) ^
28
((info->
flags
&
XT_DEVGROUP_INVERT_SRC
) ? 1 : 0)))
29
return
false
;
30
31
if
(info->
flags
&
XT_DEVGROUP_MATCH_DST
&&
32
(((info->
dst_group
^ par->
out
->group) & info->
dst_mask
? 1 : 0) ^
33
((info->
flags
&
XT_DEVGROUP_INVERT_DST
) ? 1 : 0)))
34
return
false
;
35
36
return
true
;
37
}
38
39
static
int
devgroup_mt_checkentry(
const
struct
xt_mtchk_param
*par)
40
{
41
const
struct
xt_devgroup_info
*info = par->
matchinfo
;
42
43
if
(info->
flags
& ~(
XT_DEVGROUP_MATCH_SRC
|
XT_DEVGROUP_INVERT_SRC
|
44
XT_DEVGROUP_MATCH_DST
|
XT_DEVGROUP_INVERT_DST
))
45
return
-
EINVAL
;
46
47
if
(info->
flags
&
XT_DEVGROUP_MATCH_SRC
&&
48
par->
hook_mask
& ~((1 <<
NF_INET_PRE_ROUTING
) |
49
(1 <<
NF_INET_LOCAL_IN
) |
50
(1 <<
NF_INET_FORWARD
)))
51
return
-
EINVAL
;
52
53
if
(info->
flags
&
XT_DEVGROUP_MATCH_DST
&&
54
par->
hook_mask
& ~((1 <<
NF_INET_FORWARD
) |
55
(1 <<
NF_INET_LOCAL_OUT
) |
56
(1 <<
NF_INET_POST_ROUTING
)))
57
return
-
EINVAL
;
58
59
return
0;
60
}
61
62
static
struct
xt_match
devgroup_mt_reg
__read_mostly
= {
63
.name =
"devgroup"
,
64
.match = devgroup_mt,
65
.checkentry = devgroup_mt_checkentry,
66
.matchsize =
sizeof
(
struct
xt_devgroup_info
),
67
.
family
=
NFPROTO_UNSPEC
,
68
.me =
THIS_MODULE
69
};
70
71
static
int
__init
devgroup_mt_init(
void
)
72
{
73
return
xt_register_match
(&devgroup_mt_reg);
74
}
75
76
static
void
__exit
devgroup_mt_exit(
void
)
77
{
78
xt_unregister_match
(&devgroup_mt_reg);
79
}
80
81
module_init
(devgroup_mt_init);
82
module_exit
(devgroup_mt_exit);
Generated on Thu Jan 10 2013 15:00:53 for Linux Kernel by
1.8.2
1.8.2