1 /* Shared library add-on to iptables to add MARK target support. */
2 #include <stdio.h>
3 #include <string.h>
4 #include <stdlib.h>
5 #include <getopt.h>
6
7 #include <ip6tables.h>
8 #include <linux/netfilter_ipv6/ip6_tables.h>
9 /* For 64bit kernel / 32bit userspace */
10 #include "../include/linux/netfilter_ipv6/ip6t_MARK.h"
11
12 /* Function which prints out usage message. */
13 static void
help(void)14 help(void)
15 {
16 printf(
17 "MARK target v%s options:\n"
18 " --set-mark value Set nfmark value\n"
19 "\n",
20 IPTABLES_VERSION);
21 }
22
23 static struct option opts[] = {
24 { .name = "set-mark", .has_arg = 1, .flag = 0, .val = '1' },
25 { .name = 0 }
26 };
27
28 /* Initialize the target. */
29 static void
init(struct ip6t_entry_target * t,unsigned int * nfcache)30 init(struct ip6t_entry_target *t, unsigned int *nfcache)
31 {
32 }
33
34 /* Function which parses command options; returns true if it
35 ate an option */
36 static int
parse(int c,char ** argv,int invert,unsigned int * flags,const struct ip6t_entry * entry,struct ip6t_entry_target ** target)37 parse(int c, char **argv, int invert, unsigned int *flags,
38 const struct ip6t_entry *entry,
39 struct ip6t_entry_target **target)
40 {
41 struct ip6t_mark_target_info *markinfo
42 = (struct ip6t_mark_target_info *)(*target)->data;
43
44 switch (c) {
45 case '1':
46 #ifdef KERNEL_64_USERSPACE_32
47 if (string_to_number_ll(optarg, 0, 0,
48 &markinfo->mark))
49 #else
50 if (string_to_number_l(optarg, 0, 0,
51 &markinfo->mark))
52 #endif
53 exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
54 if (*flags)
55 exit_error(PARAMETER_PROBLEM,
56 "MARK target: Can't specify --set-mark twice");
57 *flags = 1;
58 break;
59
60 default:
61 return 0;
62 }
63
64 return 1;
65 }
66
67 static void
final_check(unsigned int flags)68 final_check(unsigned int flags)
69 {
70 if (!flags)
71 exit_error(PARAMETER_PROBLEM,
72 "MARK target: Parameter --set-mark is required");
73 }
74
75 #ifdef KERNEL_64_USERSPACE_32
76 static void
print_mark(unsigned long long mark)77 print_mark(unsigned long long mark)
78 {
79 printf("0x%llx ", mark);
80 }
81 #else
82 static void
print_mark(unsigned long mark)83 print_mark(unsigned long mark)
84 {
85 printf("0x%lx ", mark);
86 }
87 #endif
88
89 /* Prints out the targinfo. */
90 static void
print(const struct ip6t_ip6 * ip,const struct ip6t_entry_target * target,int numeric)91 print(const struct ip6t_ip6 *ip,
92 const struct ip6t_entry_target *target,
93 int numeric)
94 {
95 const struct ip6t_mark_target_info *markinfo =
96 (const struct ip6t_mark_target_info *)target->data;
97
98 printf("MARK set ");
99 print_mark(markinfo->mark);
100 }
101
102 /* Saves the union ipt_targinfo in parsable form to stdout. */
103 static void
save(const struct ip6t_ip6 * ip,const struct ip6t_entry_target * target)104 save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
105 {
106 const struct ip6t_mark_target_info *markinfo =
107 (const struct ip6t_mark_target_info *)target->data;
108
109 printf("--set-mark ");
110 print_mark(markinfo->mark);
111 }
112
113 static
114 struct ip6tables_target mark = {
115 .name = "MARK",
116 .version = IPTABLES_VERSION,
117 .size = IP6T_ALIGN(sizeof(struct ip6t_mark_target_info)),
118 .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_mark_target_info)),
119 .help = &help,
120 .init = &init,
121 .parse = &parse,
122 .final_check = &final_check,
123 .print = &print,
124 .save = &save,
125 .extra_opts = opts
126 };
127
_init(void)128 void _init(void)
129 {
130 register_target6(&mark);
131 }
132