1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* |
3 | * ebt_arpreply |
4 | * |
5 | * Authors: |
6 | * Grzegorz Borowiak <grzes@gnu.univ.gda.pl> |
7 | * Bart De Schuymer <bdschuym@pandora.be> |
8 | * |
9 | * August, 2003 |
10 | * |
11 | */ |
12 | #include <linux/if_arp.h> |
13 | #include <net/arp.h> |
14 | #include <linux/module.h> |
15 | #include <linux/netfilter/x_tables.h> |
16 | #include <linux/netfilter_bridge/ebtables.h> |
17 | #include <linux/netfilter_bridge/ebt_arpreply.h> |
18 | |
19 | static unsigned int |
20 | ebt_arpreply_tg(struct sk_buff *skb, const struct xt_action_param *par) |
21 | { |
22 | const struct ebt_arpreply_info *info = par->targinfo; |
23 | const __be32 *siptr, *diptr; |
24 | __be32 _sip, _dip; |
25 | const struct arphdr *ap; |
26 | struct arphdr _ah; |
27 | const unsigned char *shp; |
28 | unsigned char _sha[ETH_ALEN]; |
29 | |
30 | ap = skb_header_pointer(skb, offset: 0, len: sizeof(_ah), buffer: &_ah); |
31 | if (ap == NULL) |
32 | return EBT_DROP; |
33 | |
34 | if (ap->ar_op != htons(ARPOP_REQUEST) || |
35 | ap->ar_hln != ETH_ALEN || |
36 | ap->ar_pro != htons(ETH_P_IP) || |
37 | ap->ar_pln != 4) |
38 | return EBT_CONTINUE; |
39 | |
40 | shp = skb_header_pointer(skb, offset: sizeof(_ah), ETH_ALEN, buffer: &_sha); |
41 | if (shp == NULL) |
42 | return EBT_DROP; |
43 | |
44 | siptr = skb_header_pointer(skb, offset: sizeof(_ah) + ETH_ALEN, |
45 | len: sizeof(_sip), buffer: &_sip); |
46 | if (siptr == NULL) |
47 | return EBT_DROP; |
48 | |
49 | diptr = skb_header_pointer(skb, |
50 | offset: sizeof(_ah) + 2 * ETH_ALEN + sizeof(_sip), |
51 | len: sizeof(_dip), buffer: &_dip); |
52 | if (diptr == NULL) |
53 | return EBT_DROP; |
54 | |
55 | arp_send(ARPOP_REPLY, ETH_P_ARP, dest_ip: *siptr, |
56 | dev: (struct net_device *)xt_in(par), |
57 | src_ip: *diptr, dest_hw: shp, src_hw: info->mac, th: shp); |
58 | |
59 | return info->target; |
60 | } |
61 | |
62 | static int ebt_arpreply_tg_check(const struct xt_tgchk_param *par) |
63 | { |
64 | const struct ebt_arpreply_info *info = par->targinfo; |
65 | const struct ebt_entry *e = par->entryinfo; |
66 | |
67 | if (BASE_CHAIN && info->target == EBT_RETURN) |
68 | return -EINVAL; |
69 | if (e->ethproto != htons(ETH_P_ARP) || |
70 | e->invflags & EBT_IPROTO) |
71 | return -EINVAL; |
72 | if (ebt_invalid_target(target: info->target)) |
73 | return -EINVAL; |
74 | |
75 | return 0; |
76 | } |
77 | |
78 | static struct xt_target ebt_arpreply_tg_reg __read_mostly = { |
79 | .name = "arpreply" , |
80 | .revision = 0, |
81 | .family = NFPROTO_BRIDGE, |
82 | .table = "nat" , |
83 | .hooks = (1 << NF_BR_NUMHOOKS) | (1 << NF_BR_PRE_ROUTING), |
84 | .target = ebt_arpreply_tg, |
85 | .checkentry = ebt_arpreply_tg_check, |
86 | .targetsize = sizeof(struct ebt_arpreply_info), |
87 | .me = THIS_MODULE, |
88 | }; |
89 | |
90 | static int __init ebt_arpreply_init(void) |
91 | { |
92 | return xt_register_target(target: &ebt_arpreply_tg_reg); |
93 | } |
94 | |
95 | static void __exit ebt_arpreply_fini(void) |
96 | { |
97 | xt_unregister_target(target: &ebt_arpreply_tg_reg); |
98 | } |
99 | |
100 | module_init(ebt_arpreply_init); |
101 | module_exit(ebt_arpreply_fini); |
102 | MODULE_DESCRIPTION("Ebtables: ARP reply target" ); |
103 | MODULE_LICENSE("GPL" ); |
104 | |