release/src-rt/linux/linux-2.6/net/ipv4/netfilter/ipt_bcount.c

   1 /*
   2
   3         bcount match (experimental)
   4         Copyright (C) 2006 Jonathan Zarate
   5
   6         Licensed under GNU GPL v2 or later.
   7
   8 */
   9 #include <linux/module.h>
  10 #include <linux/skbuff.h>
  11 #include <linux/version.h>
  12 #include <net/sock.h>
  13 #include <net/netfilter/nf_conntrack.h>
  14 #include <linux/netfilter_ipv4/ip_tables.h>
  15 #include <linux/netfilter_ipv4/ipt_bcount.h>
  16
  17 //      #define LOG                     printk
  18 #define LOG(...)        do { } while (0);
  19
  20
  21 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
  22 static int
  23 #else
  24 static bool
  25 #endif
  26 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28)
  27 match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out,
  28         const struct xt_match *match, const void *matchinfo, int offset,
  29         unsigned int protoff, int *hotdrop)
  30 #else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) */
  31 match(const struct sk_buff *skb, const struct xt_match_param *par)
  32 #endif
  33 {
  34         const struct ipt_bcount_match *info;
  35         struct nf_conn *ct;
  36         enum ip_conntrack_info ctinfo;
  37
  38 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28)
  39         info = matchinfo;
  40 #else
  41         info = par->matchinfo;
  42 #endif
  43         ct = nf_ct_get((struct sk_buff *)skb, &ctinfo);
  44         if (!ct) return !info->invert;
  45         return ((ct->bcount >= info->min) && (ct->bcount <= info->max)) ^ info->invert;
  46 }
  47
  48 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
  49 static int
  50 #else
  51 static bool
  52 #endif
  53 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28)
  54 checkentry(const char *tablename, const void *inf, const struct xt_match *match,
  55         void *matchinfo, unsigned int hook_mask)
  56 #else
  57 checkentry(const struct xt_mtchk_param *par)
  58 #endif
  59 {
  60         return 1;
  61 }
  62
  63 static struct xt_match bcount_match = {
  64         .name           = "bcount",
  65         .family         = AF_INET,
  66         .match          = &match,
  67         .matchsize      = sizeof(struct ipt_bcount_match),
  68         .checkentry     = &checkentry,
  69         .destroy        = NULL,
  70         .me             = THIS_MODULE
  71 };
  72
  73 static int __init init(void)
  74 {
  75         LOG(KERN_INFO "ipt_bcount <" __DATE__ " " __TIME__ "> loaded\n");
  76         return xt_register_match(&bcount_match);
  77 }
  78
  79 static void __exit fini(void)
  80 {
  81         xt_unregister_match(&bcount_match);
  82 }
  83
  84 module_init(init);
  85 module_exit(fini);
  86
  87
  88 MODULE_AUTHOR("Jonathan Zarate");
  89 MODULE_DESCRIPTION("bcount match");
  90 MODULE_LICENSE("GPL");