OpenCores
URL https://opencores.org/ocsvn/or1k/or1k/trunk

Subversion Repositories or1k

[/] [or1k/] [trunk/] [linux/] [linux-2.4/] [net/] [ipv6/] [netfilter/] [ip6t_ipv6header.c] - Blame information for rev 1765

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 1275 phoenix 
/* ipv6header match - matches IPv6 packets based
2 
on whether they contain certain headers */
3 
 
4 
/* Original idea: Brad Chapman
5 
 * Rewritten by: Andras Kis-Szabo <kisza@sch.bme.hu> */
6 
 
7 
#include <linux/module.h>
8 
#include <linux/skbuff.h>
9 
#include <linux/ipv6.h>
10 
#include <linux/types.h>
11 
#include <net/checksum.h>
12 
#include <net/ipv6.h>
13 
 
14 
#include <linux/netfilter_ipv6/ip6_tables.h>
15 
#include <linux/netfilter_ipv6/ip6t_ipv6header.h>
16 
 
17 
EXPORT_NO_SYMBOLS;
18 
MODULE_LICENSE("GPL");
19 
MODULE_DESCRIPTION("IPv6 headers match");
20 
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
21 
 
22 
static int
23 
ipv6header_match(const struct sk_buff *skb,
24 
                 const struct net_device *in,
25 
                 const struct net_device *out,
26 
                 const void *matchinfo,
27 
                 int offset,
28 
                 const void *protohdr,
29 
                 u_int16_t datalen,
30 
                 int *hotdrop)
31 
{
32 
        const struct ip6t_ipv6header_info *info = matchinfo;
33 
        unsigned int temp;
34 
        int len;
35 
        u8 nexthdr;
36 
        unsigned int ptr;
37 
 
38 
        /* Make sure this isn't an evil packet */
39 
 
40 
        /* type of the 1st exthdr */
41 
        nexthdr = skb->nh.ipv6h->nexthdr;
42 
        /* pointer to the 1st exthdr */
43 
        ptr = sizeof(struct ipv6hdr);
44 
        /* available length */
45 
        len = skb->len - ptr;
46 
        temp = 0;
47 
 
48 
        while (ip6t_ext_hdr(nexthdr)) {
49 
                struct ipv6_opt_hdr *hdr;
50 
                int hdrlen;
51 
 
52 
                /* Is there enough space for the next ext header? */
53 
                if (len < (int)sizeof(struct ipv6_opt_hdr))
54 
                        return 0;
55 
                /* No more exthdr -> evaluate */
56 
                if (nexthdr == NEXTHDR_NONE) {
57 
                        temp |= MASK_NONE;
58 
                        break;
59 
                }
60 
                /* ESP -> evaluate */
61 
                if (nexthdr == NEXTHDR_ESP) {
62 
                        temp |= MASK_ESP;
63 
                        break;
64 
                }
65 
 
66 
                hdr=(struct ipv6_opt_hdr *)skb->data+ptr;
67 
 
68 
                /* Calculate the header length */
69 
                if (nexthdr == NEXTHDR_FRAGMENT) {
70 
                        hdrlen = 8;
71 
                } else if (nexthdr == NEXTHDR_AUTH)
72 
                        hdrlen = (hdr->hdrlen+2)<<2;
73 
                else
74 
                        hdrlen = ipv6_optlen(hdr);
75 
 
76 
                /* set the flag */
77 
                switch (nexthdr){
78 
                        case NEXTHDR_HOP:
79 
                                temp |= MASK_HOPOPTS;
80 
                                break;
81 
                        case NEXTHDR_ROUTING:
82 
                                temp |= MASK_ROUTING;
83 
                                break;
84 
                        case NEXTHDR_FRAGMENT:
85 
                                temp |= MASK_FRAGMENT;
86 
                                break;
87 
                        case NEXTHDR_AUTH:
88 
                                temp |= MASK_AH;
89 
                                break;
90 
                        case NEXTHDR_DEST:
91 
                                temp |= MASK_DSTOPTS;
92 
                                break;
93 
                        default:
94 
                                return 0;
95 
                                break;
96 
                }
97 
 
98 
                nexthdr = hdr->nexthdr;
99 
                len -= hdrlen;
100 
                ptr += hdrlen;
101 
                if ( ptr > skb->len ) {
102 
                        break;
103 
                }
104 
        }
105 
 
106 
        if ( (nexthdr != NEXTHDR_NONE ) && (nexthdr != NEXTHDR_ESP) )
107 
                temp |= MASK_PROTO;
108 
 
109 
        if (info->modeflag)
110 
                return (!( (temp & info->matchflags)
111 
                        ^ info->matchflags) ^ info->invflags);
112 
        else
113 
                return (!( temp ^ info->matchflags) ^ info->invflags);
114 
}
115 
 
116 
static int
117 
ipv6header_checkentry(const char *tablename,
118 
                      const struct ip6t_ip6 *ip,
119 
                      void *matchinfo,
120 
                      unsigned int matchsize,
121 
                      unsigned int hook_mask)
122 
{
123 
        /* Check for obvious errors */
124 
        /* This match is valid in all hooks! */
125 
        if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_ipv6header_info))) {
126 
                return 0;
127 
        }
128 
 
129 
        return 1;
130 
}
131 
 
132 
static struct ip6t_match
133 
ip6t_ipv6header_match = {
134 
        { NULL, NULL },
135 
        "ipv6header",
136 
        &ipv6header_match,
137 
        &ipv6header_checkentry,
138 
        NULL,
139 
        THIS_MODULE
140 
};
141 
 
142 
static int  __init ipv6header_init(void)
143 
{
144 
        return ip6t_register_match(&ip6t_ipv6header_match);
145 
}
146 
 
147 
static void __exit ipv6header_exit(void)
148 
{
149 
        ip6t_unregister_match(&ip6t_ipv6header_match);
150 
}
151 
 
152 
module_init(ipv6header_init);
153 
module_exit(ipv6header_exit);
154 
 

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.