ip6table_raw.c source code [linux/net/ipv6/netfilter/ip6table_raw.c]

1	// SPDX-License-Identifier: GPL-2.0-only
2	/*
3	* IPv6 raw table, a port of the IPv4 raw table to IPv6
4	*
5	* Copyright (C) 2003 Jozsef Kadlecsik <kadlec@netfilter.org>
6	*/
7	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
8	#include <linux/module.h>
9	#include <linux/netfilter_ipv6/ip6_tables.h>
10	#include <linux/slab.h>
11
12	#define RAW_VALID_HOOKS ((1 << NF_INET_PRE_ROUTING) \| (1 << NF_INET_LOCAL_OUT))
13
14	static bool raw_before_defrag __read_mostly;
15	MODULE_PARM_DESC(raw_before_defrag, "Enable raw table before defrag");
16	module_param(raw_before_defrag, bool, `0000`);
17
18	static const struct xt_table packet_raw = {
19	.name = "raw",
20	.valid_hooks = RAW_VALID_HOOKS,
21	.me = THIS_MODULE,
22	.af = NFPROTO_IPV6,
23	.priority = NF_IP6_PRI_RAW,
24	};
25
26	static const struct xt_table packet_raw_before_defrag = {
27	.name = "raw",
28	.valid_hooks = RAW_VALID_HOOKS,
29	.me = THIS_MODULE,
30	.af = NFPROTO_IPV6,
31	.priority = NF_IP6_PRI_RAW_BEFORE_DEFRAG,
32	};
33
34	static struct nf_hook_ops *rawtable_ops __read_mostly;
35
36	static int ip6table_raw_table_init(struct net *net)
37	{
38	struct ip6t_replace *repl;
39	const struct xt_table *table = &packet_raw;
40	int ret;
41
42	if (raw_before_defrag)
43	table = &packet_raw_before_defrag;
44
45	repl = ip6t_alloc_initial_table(table);
46	if (repl == NULL)
47	return -ENOMEM;
48	ret = ip6t_register_table(net, table, repl, ops: rawtable_ops);
49	kfree(objp: repl);
50	return ret;
51	}
52
53	static void __net_exit ip6table_raw_net_pre_exit(struct net *net)
54	{
55	ip6t_unregister_table_pre_exit(net, name: "raw");
56	}
57
58	static void __net_exit ip6table_raw_net_exit(struct net *net)
59	{
60	ip6t_unregister_table_exit(net, name: "raw");
61	}
62
63	static struct pernet_operations ip6table_raw_net_ops = {
64	.pre_exit = ip6table_raw_net_pre_exit,
65	.exit = ip6table_raw_net_exit,
66	};
67
68	static int __init ip6table_raw_init(void)
69	{
70	const struct xt_table *table = &packet_raw;
71	int ret;
72
73	if (raw_before_defrag) {
74	table = &packet_raw_before_defrag;
75	pr_info("Enabling raw table before defrag\n");
76	}
77
78	ret = xt_register_template(t: table, table_init: ip6table_raw_table_init);
79	if (ret < `0`)
80	return ret;
81
82	/ Register hooks /
83	rawtable_ops = xt_hook_ops_alloc(table, ip6t_do_table);
84	if (IS_ERR(ptr: rawtable_ops)) {
85	xt_unregister_template(t: table);
86	return PTR_ERR(ptr: rawtable_ops);
87	}
88
89	ret = register_pernet_subsys(&ip6table_raw_net_ops);
90	if (ret < `0`) {
91	kfree(objp: rawtable_ops);
92	xt_unregister_template(t: table);
93	return ret;
94	}
95
96	return ret;
97	}
98
99	static void __exit ip6table_raw_fini(void)
100	{
101	unregister_pernet_subsys(&ip6table_raw_net_ops);
102	xt_unregister_template(t: &packet_raw);
103	kfree(objp: rawtable_ops);
104	}
105
106	module_init(ip6table_raw_init);
107	module_exit(ip6table_raw_fini);
108	MODULE_LICENSE("GPL");
109	MODULE_DESCRIPTION("Ip6tables legacy raw table");
110

source code of linux/net/ipv6/netfilter/ip6table_raw.c