| 1 | // SPDX-License-Identifier: GPL-2.0-only |
|---|---|
| 2 | /* IP tables module for matching the routing realm |
| 3 | * |
| 4 | * (C) 2003 by Sampsa Ranta <sampsa@netsonic.fi> |
| 5 | */ |
| 6 | |
| 7 | #include <linux/module.h> |
| 8 | #include <linux/skbuff.h> |
| 9 | #include <linux/netdevice.h> |
| 10 | #include <net/route.h> |
| 11 | |
| 12 | #include <linux/netfilter_ipv4.h> |
| 13 | #include <linux/netfilter/xt_realm.h> |
| 14 | #include <linux/netfilter/x_tables.h> |
| 15 | |
| 16 | MODULE_AUTHOR("Sampsa Ranta <sampsa@netsonic.fi>"); |
| 17 | MODULE_LICENSE("GPL"); |
| 18 | MODULE_DESCRIPTION("Xtables: Routing realm match"); |
| 19 | MODULE_ALIAS("ipt_realm"); |
| 20 | |
| 21 | static bool |
| 22 | realm_mt(const struct sk_buff *skb, struct xt_action_param *par) |
| 23 | { |
| 24 | const struct xt_realm_info *info = par->matchinfo; |
| 25 | const struct dst_entry *dst = skb_dst(skb); |
| 26 | |
| 27 | return (info->id == (dst->tclassid & info->mask)) ^ info->invert; |
| 28 | } |
| 29 | |
| 30 | static struct xt_match realm_mt_reg __read_mostly = { |
| 31 | .name = "realm", |
| 32 | .match = realm_mt, |
| 33 | .matchsize = sizeof(struct xt_realm_info), |
| 34 | .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) | |
| 35 | (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN), |
| 36 | .family = NFPROTO_UNSPEC, |
| 37 | .me = THIS_MODULE |
| 38 | }; |
| 39 | |
| 40 | static int __init realm_mt_init(void) |
| 41 | { |
| 42 | return xt_register_match(target: &realm_mt_reg); |
| 43 | } |
| 44 | |
| 45 | static void __exit realm_mt_exit(void) |
| 46 | { |
| 47 | xt_unregister_match(target: &realm_mt_reg); |
| 48 | } |
| 49 | |
| 50 | module_init(realm_mt_init); |
| 51 | module_exit(realm_mt_exit); |
| 52 |