1 /* Kernel module to match MAC address parameters. */
3 /* (C) 1999-2001 Paul `Rusty' Russell
4 * (C) 2002-2004 Netfilter Core Team <coreteam@netfilter.org>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
11 #include <linux/module.h>
12 #include <linux/skbuff.h>
13 #include <linux/if_ether.h>
15 #include <linux/netfilter_ipv6/ip6t_mac.h>
16 #include <linux/netfilter_ipv6/ip6_tables.h>
18 MODULE_LICENSE("GPL");
19 MODULE_DESCRIPTION("MAC address matching module for IPv6");
20 MODULE_AUTHOR("Netfilter Core Teaam <coreteam@netfilter.org>");
23 match(const struct sk_buff
*skb
,
24 const struct net_device
*in
,
25 const struct net_device
*out
,
26 const void *matchinfo
,
32 const struct ip6t_mac_info
*info
= matchinfo
;
34 /* Is mac pointer valid? */
35 return (skb
->mac
.raw
>= skb
->head
36 && (skb
->mac
.raw
+ ETH_HLEN
) <= skb
->data
37 /* If so, compare... */
38 && ((memcmp(eth_hdr(skb
)->h_source
, info
->srcaddr
, ETH_ALEN
)
39 == 0) ^ info
->invert
));
43 ip6t_mac_checkentry(const char *tablename
,
44 const struct ip6t_ip6
*ip
,
46 unsigned int matchsize
,
47 unsigned int hook_mask
)
50 & ~((1 << NF_IP6_PRE_ROUTING
) | (1 << NF_IP6_LOCAL_IN
)
51 | (1 << NF_IP6_FORWARD
))) {
52 printk("ip6t_mac: only valid for PRE_ROUTING, LOCAL_IN or"
57 if (matchsize
!= IP6T_ALIGN(sizeof(struct ip6t_mac_info
)))
63 static struct ip6t_match mac_match
= {
66 .checkentry
= &ip6t_mac_checkentry
,
70 static int __init
init(void)
72 return ip6t_register_match(&mac_match
);
75 static void __exit
fini(void)
77 ip6t_unregister_match(&mac_match
);