mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-07 21:25:12 +02:00
IPMARK: rebuild parameter structure (fixed-size types)
Rebuild the parameter structure to have fixed-size members only.
This commit is contained in:
Jan Engelhardt
@@ -40,12 +40,9 @@ static struct option opts[] = {
|
|||||||
static void
|
static void
|
||||||
init(struct xt_entry_target *t)
|
init(struct xt_entry_target *t)
|
||||||
{
|
{
|
||||||
struct ipt_ipmark_target_info *ipmarkinfo =
|
struct xt_ipmark_tginfo *info = (void *)t->data;
|
||||||
(struct ipt_ipmark_target_info *)t->data;
|
|
||||||
|
|
||||||
ipmarkinfo->andmask=0xffffffff;
|
|
||||||
ipmarkinfo->ormask=0;
|
|
||||||
|
|
||||||
|
info->andmask = ~0U;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Function which parses command options; returns true if it
|
/* Function which parses command options; returns true if it
|
||||||
@@ -54,14 +51,13 @@ static int
|
|||||||
parse(int c, char **argv, int invert, unsigned int *flags,
|
parse(int c, char **argv, int invert, unsigned int *flags,
|
||||||
const void *entry, struct xt_entry_target **target)
|
const void *entry, struct xt_entry_target **target)
|
||||||
{
|
{
|
||||||
struct ipt_ipmark_target_info *ipmarkinfo
|
struct xt_ipmark_tginfo *info = (void *)(*target)->data;
|
||||||
= (struct ipt_ipmark_target_info *)(*target)->data;
|
|
||||||
|
|
||||||
switch (c) {
|
switch (c) {
|
||||||
char *end;
|
char *end;
|
||||||
case '1':
|
case '1':
|
||||||
if(!strcmp(optarg, "src")) ipmarkinfo->addr=IPT_IPMARK_SRC;
|
if(!strcmp(optarg, "src")) info->selector=XT_IPMARK_SRC;
|
||||||
else if(!strcmp(optarg, "dst")) ipmarkinfo->addr=IPT_IPMARK_DST;
|
else if(!strcmp(optarg, "dst")) info->selector=XT_IPMARK_DST;
|
||||||
else exit_error(PARAMETER_PROBLEM, "Bad addr value `%s' - should be `src' or `dst'", optarg);
|
else exit_error(PARAMETER_PROBLEM, "Bad addr value `%s' - should be `src' or `dst'", optarg);
|
||||||
if (*flags & IPT_ADDR_USED)
|
if (*flags & IPT_ADDR_USED)
|
||||||
exit_error(PARAMETER_PROBLEM,
|
exit_error(PARAMETER_PROBLEM,
|
||||||
@@ -70,7 +66,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case '2':
|
case '2':
|
||||||
ipmarkinfo->andmask = strtoul(optarg, &end, 0);
|
info->andmask = strtoul(optarg, &end, 0);
|
||||||
if (*end != '\0' || end == optarg)
|
if (*end != '\0' || end == optarg)
|
||||||
exit_error(PARAMETER_PROBLEM, "Bad and-mask value `%s'", optarg);
|
exit_error(PARAMETER_PROBLEM, "Bad and-mask value `%s'", optarg);
|
||||||
if (*flags & IPT_AND_MASK_USED)
|
if (*flags & IPT_AND_MASK_USED)
|
||||||
@@ -79,7 +75,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
|
|||||||
*flags |= IPT_AND_MASK_USED;
|
*flags |= IPT_AND_MASK_USED;
|
||||||
break;
|
break;
|
||||||
case '3':
|
case '3':
|
||||||
ipmarkinfo->ormask = strtoul(optarg, &end, 0);
|
info->ormask = strtoul(optarg, &end, 0);
|
||||||
if (*end != '\0' || end == optarg)
|
if (*end != '\0' || end == optarg)
|
||||||
exit_error(PARAMETER_PROBLEM, "Bad or-mask value `%s'", optarg);
|
exit_error(PARAMETER_PROBLEM, "Bad or-mask value `%s'", optarg);
|
||||||
if (*flags & IPT_OR_MASK_USED)
|
if (*flags & IPT_OR_MASK_USED)
|
||||||
@@ -111,39 +107,38 @@ static void
|
|||||||
print(const void *entry, const struct xt_entry_target *target,
|
print(const void *entry, const struct xt_entry_target *target,
|
||||||
int numeric)
|
int numeric)
|
||||||
{
|
{
|
||||||
const struct ipt_ipmark_target_info *ipmarkinfo =
|
const struct xt_ipmark_tginfo *info = (const void *)target->data;
|
||||||
(const struct ipt_ipmark_target_info *)target->data;
|
|
||||||
|
|
||||||
if(ipmarkinfo->addr == IPT_IPMARK_SRC)
|
if (info->selector == XT_IPMARK_SRC)
|
||||||
printf("IPMARK src");
|
printf("IPMARK src");
|
||||||
else
|
else
|
||||||
printf("IPMARK dst");
|
printf("IPMARK dst");
|
||||||
printf(" ip and 0x%lx or 0x%lx", ipmarkinfo->andmask, ipmarkinfo->ormask);
|
printf(" ip and 0x%x or 0x%x",
|
||||||
|
(unsigned int)info->andmask, (unsigned int)info->ormask);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Saves the union ipt_targinfo in parsable form to stdout. */
|
/* Saves the union ipt_targinfo in parsable form to stdout. */
|
||||||
static void
|
static void
|
||||||
save(const void *entry, const struct xt_entry_target *target)
|
save(const void *entry, const struct xt_entry_target *target)
|
||||||
{
|
{
|
||||||
const struct ipt_ipmark_target_info *ipmarkinfo =
|
const struct xt_ipmark_tginfo *info = (const void *)target->data;
|
||||||
(const struct ipt_ipmark_target_info *)target->data;
|
|
||||||
|
|
||||||
if(ipmarkinfo->addr == IPT_IPMARK_SRC)
|
if (info->selector == XT_IPMARK_SRC)
|
||||||
printf("--addr=src ");
|
printf("--addr=src ");
|
||||||
else
|
else
|
||||||
printf("--addr=dst ");
|
printf("--addr=dst ");
|
||||||
if(ipmarkinfo->andmask != 0xffffffff)
|
if (info->andmask != ~0U)
|
||||||
printf("--and-mask 0x%lx ", ipmarkinfo->andmask);
|
printf("--and-mask 0x%x ", (unsigned int)info->andmask);
|
||||||
if(ipmarkinfo->ormask != 0)
|
if (info->ormask != 0)
|
||||||
printf("--or-mask 0x%lx ", ipmarkinfo->ormask);
|
printf("--or-mask 0x%x ", (unsigned int)info->ormask);
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct xtables_target ipmark = {
|
static struct xtables_target ipmark = {
|
||||||
.next = NULL,
|
.next = NULL,
|
||||||
.name = "IPMARK",
|
.name = "IPMARK",
|
||||||
.version = XTABLES_VERSION,
|
.version = XTABLES_VERSION,
|
||||||
.size = XT_ALIGN(sizeof(struct ipt_ipmark_target_info)),
|
.size = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||||
.userspacesize = XT_ALIGN(sizeof(struct ipt_ipmark_target_info)),
|
.userspacesize = XT_ALIGN(sizeof(struct xt_ipmark_tginfo)),
|
||||||
.help = &help,
|
.help = &help,
|
||||||
.init = &init,
|
.init = &init,
|
||||||
.parse = &parse,
|
.parse = &parse,
|
||||||
|
|||||||
@@ -20,14 +20,14 @@ ipmark_tg(struct sk_buff *skb,
|
|||||||
const struct xt_target *target,
|
const struct xt_target *target,
|
||||||
const void *targinfo)
|
const void *targinfo)
|
||||||
{
|
{
|
||||||
const struct ipt_ipmark_target_info *ipmarkinfo = targinfo;
|
const struct xt_ipmark_tginfo *ipmarkinfo = targinfo;
|
||||||
struct iphdr *iph = ip_hdr(skb);
|
struct iphdr *iph = ip_hdr(skb);
|
||||||
unsigned long mark;
|
__u32 mark;
|
||||||
|
|
||||||
if (ipmarkinfo->addr == IPT_IPMARK_SRC)
|
if (ipmarkinfo->selector == XT_IPMARK_SRC)
|
||||||
mark = (unsigned long) ntohl(iph->saddr);
|
mark = ntohl(iph->saddr);
|
||||||
else
|
else
|
||||||
mark = (unsigned long) ntohl(iph->daddr);
|
mark = ntohl(iph->daddr);
|
||||||
|
|
||||||
mark &= ipmarkinfo->andmask;
|
mark &= ipmarkinfo->andmask;
|
||||||
mark |= ipmarkinfo->ormask;
|
mark |= ipmarkinfo->ormask;
|
||||||
@@ -41,7 +41,7 @@ static struct xt_target ipt_ipmark_reg = {
|
|||||||
.family = AF_INET,
|
.family = AF_INET,
|
||||||
.table = "mangle",
|
.table = "mangle",
|
||||||
.target = ipmark_tg,
|
.target = ipmark_tg,
|
||||||
.targetsize = sizeof(struct ipt_ipmark_target_info),
|
.targetsize = sizeof(struct xt_ipmark_tginfo),
|
||||||
.me = THIS_MODULE
|
.me = THIS_MODULE
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -1,13 +1,15 @@
|
|||||||
#ifndef _IPT_IPMARK_H_target
|
#ifndef _LINUX_NETFILTER_XT_IPMARK_H
|
||||||
#define _IPT_IPMARK_H_target
|
#define _LINUX_NETFILTER_XT_IPMARK_H 1
|
||||||
|
|
||||||
struct ipt_ipmark_target_info {
|
enum {
|
||||||
unsigned long andmask;
|
XT_IPMARK_SRC,
|
||||||
unsigned long ormask;
|
XT_IPMARK_DST,
|
||||||
unsigned char addr;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
#define IPT_IPMARK_SRC 0
|
struct xt_ipmark_tginfo {
|
||||||
#define IPT_IPMARK_DST 1
|
__u32 andmask;
|
||||||
|
__u32 ormask;
|
||||||
|
__u8 selector;
|
||||||
|
};
|
||||||
|
|
||||||
#endif /*_IPT_IPMARK_H_target*/
|
#endif /* _LINUX_NETFILTER_XT_IPMARK_H */
|
||||||
|
|||||||
Reference in New Issue
Block a user