search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
K2.6 patches and update.
[tomato.git] / release / src / router / iptables / extensions / libip6t_length.c
blob9f7ba16559afd838efdf840c77e7b0aee27e4c83
1 /* Shared library add-on to ip6tables to add packet length matching support. */
2
3 #include <stdio.h>
4 #include <netdb.h>
5 #include <string.h>
6 #include <stdlib.h>
7 #include <getopt.h>
8
9 #include <ip6tables.h>
10 #include <linux/netfilter_ipv6/ip6t_length.h>
11
12 /* Function which prints out usage message. */
13 static void
14 help(void)
15 {
16 printf(
17 "length v%s options:\n"
18 "[!] --length length[:length] Match packet length against value or range\n"
19 " of values (inclusive)\n",
20 IPTABLES_VERSION);
21
22 }
23
24 static struct option opts[] = {
25 { "length", 1, 0, '1' },
26 {0}
27 };
28
29 static u_int16_t
30 parse_length(const char *s)
31 {
32
33 unsigned int len;
34
35 if (string_to_number(s, 0, 0xFFFF, &len) == -1)
36 exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s);
37 else
38 return (u_int16_t )len;
39 }
40
41 /* If a single value is provided, min and max are both set to the value */
42 static void
43 parse_lengths(const char *s, struct ip6t_length_info *info)
44 {
45 char *buffer;
46 char *cp;
47
48 buffer = strdup(s);
49 if ((cp = strchr(buffer, ':')) == NULL)
50 info->min = info->max = parse_length(buffer);
51 else {
52 *cp = '\0';
53 cp++;
54
55 info->min = buffer[0] ? parse_length(buffer) : 0;
56 info->max = cp[0] ? parse_length(cp) : 0xFFFF;
57 }
58 free(buffer);
59
60 if (info->min > info->max)
61 exit_error(PARAMETER_PROBLEM,
62 "length min. range value `%u' greater than max. "
63 "range value `%u'", info->min, info->max);
64
65 }
66
67 /* Function which parses command options; returns true if it
68 ate an option */
69 static int
70 parse(int c, char **argv, int invert, unsigned int *flags,
71 const struct ip6t_entry *entry,
72 unsigned int *nfcache,
73 struct ip6t_entry_match **match)
74 {
75 struct ip6t_length_info *info = (struct ip6t_length_info *)(*match)->data;
76
77 switch (c) {
78 case '1':
79 if (*flags)
80 exit_error(PARAMETER_PROBLEM,
81 "length: `--length' may only be "
82 "specified once");
83 check_inverse(optarg, &invert, &optind, 0);
84 parse_lengths(argv[optind-1], info);
85 if (invert)
86 info->invert = 1;
87 *flags = 1;
88 break;
89
90 default:
91 return 0;
92 }
93 return 1;
94 }
95
96 /* Final check; must have specified --length. */
97 static void
98 final_check(unsigned int flags)
99 {
100 if (!flags)
101 exit_error(PARAMETER_PROBLEM,
102 "length: You must specify `--length'");
103 }
104
105 /* Common match printing code. */
106 static void
107 print_length(struct ip6t_length_info *info)
108 {
109 if (info->invert)
110 printf("! ");
111
112 if (info->max == info->min)
113 printf("%u ", info->min);
114 else
115 printf("%u:%u ", info->min, info->max);
116 }
117
118 /* Prints out the matchinfo. */
119 static void
120 print(const struct ip6t_ip6 *ip,
121 const struct ip6t_entry_match *match,
122 int numeric)
123 {
124 printf("length ");
125 print_length((struct ip6t_length_info *)match->data);
126 }
127
128 /* Saves the union ip6t_matchinfo in parsable form to stdout. */
129 static void
130 save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match)
131 {
132 printf("--length ");
133 print_length((struct ip6t_length_info *)match->data);
134 }
135
136 struct ip6tables_match length = {
137 .name = "length",
138 .version = IPTABLES_VERSION,
139 .size = IP6T_ALIGN(sizeof(struct ip6t_length_info)),
140 .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_length_info)),
141 .help = &help,
142 .parse = &parse,
143 .final_check = &final_check,
144 .print = &print,
145 .save = &save,
146 .extra_opts = opts,
147 };
148
149 void _init(void)
150 {
151 register_match6(&length);
152 }
Tomato firmware and modifications.