1 /*
2 * Shared library add-on to iptables to match
3 * packets by their type (BROADCAST, UNICAST, MULTICAST).
4 *
5 * Michal Ludvig <michal@logix.cz>
6 */
7 #include <stdio.h>
8 #include <string.h>
9 #include <xtables.h>
10 #include <linux/if_packet.h>
11 #include <linux/netfilter/xt_pkttype.h>
12
13 enum {
14 O_PKTTYPE = 0,
15 };
16
17 struct pkttypes {
18 const char *name;
19 unsigned char pkttype;
20 unsigned char printhelp;
21 const char *help;
22 };
23
24 static const struct pkttypes supported_types[] = {
25 {"unicast", PACKET_HOST, 1, "to us"},
26 {"broadcast", PACKET_BROADCAST, 1, "to all"},
27 {"multicast", PACKET_MULTICAST, 1, "to group"},
28 /*
29 {"otherhost", PACKET_OTHERHOST, 1, "to someone else"},
30 {"outgoing", PACKET_OUTGOING, 1, "outgoing of any type"},
31 */
32 /* aliases */
33 {"bcast", PACKET_BROADCAST, 0, NULL},
34 {"mcast", PACKET_MULTICAST, 0, NULL},
35 {"host", PACKET_HOST, 0, NULL}
36 };
37
print_types(void)38 static void print_types(void)
39 {
40 unsigned int i;
41
42 printf("Valid packet types:\n");
43 for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
44 if(supported_types[i].printhelp == 1)
45 printf("\t%-14s\t\t%s\n", supported_types[i].name, supported_types[i].help);
46 printf("\n");
47 }
48
pkttype_help(void)49 static void pkttype_help(void)
50 {
51 printf(
52 "pkttype match options:\n"
53 "[!] --pkt-type packettype match packet type\n");
54 print_types();
55 }
56
57 static const struct xt_option_entry pkttype_opts[] = {
58 {.name = "pkt-type", .id = O_PKTTYPE, .type = XTTYPE_STRING,
59 .flags = XTOPT_MAND | XTOPT_INVERT},
60 XTOPT_TABLEEND,
61 };
62
parse_pkttype(const char * pkttype,struct xt_pkttype_info * info)63 static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info)
64 {
65 unsigned int i;
66
67 for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
68 if(strcasecmp(pkttype, supported_types[i].name)==0)
69 {
70 info->pkttype=supported_types[i].pkttype;
71 return;
72 }
73
74 xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype);
75 }
76
pkttype_parse(struct xt_option_call * cb)77 static void pkttype_parse(struct xt_option_call *cb)
78 {
79 struct xt_pkttype_info *info = cb->data;
80
81 xtables_option_parse(cb);
82 parse_pkttype(cb->arg, info);
83 if (cb->invert)
84 info->invert = 1;
85 }
86
print_pkttype(const struct xt_pkttype_info * info)87 static void print_pkttype(const struct xt_pkttype_info *info)
88 {
89 unsigned int i;
90
91 for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
92 if(supported_types[i].pkttype==info->pkttype)
93 {
94 printf("%s", supported_types[i].name);
95 return;
96 }
97
98 printf("%d", info->pkttype); /* in case we didn't find an entry in named-packtes */
99 }
100
pkttype_print(const void * ip,const struct xt_entry_match * match,int numeric)101 static void pkttype_print(const void *ip, const struct xt_entry_match *match,
102 int numeric)
103 {
104 const struct xt_pkttype_info *info = (const void *)match->data;
105
106 printf(" PKTTYPE %s= ", info->invert ? "!" : "");
107 print_pkttype(info);
108 }
109
pkttype_save(const void * ip,const struct xt_entry_match * match)110 static void pkttype_save(const void *ip, const struct xt_entry_match *match)
111 {
112 const struct xt_pkttype_info *info = (const void *)match->data;
113
114 printf("%s --pkt-type ", info->invert ? " !" : "");
115 print_pkttype(info);
116 }
117
118 static struct xtables_match pkttype_match = {
119 .family = NFPROTO_UNSPEC,
120 .name = "pkttype",
121 .version = XTABLES_VERSION,
122 .size = XT_ALIGN(sizeof(struct xt_pkttype_info)),
123 .userspacesize = XT_ALIGN(sizeof(struct xt_pkttype_info)),
124 .help = pkttype_help,
125 .print = pkttype_print,
126 .save = pkttype_save,
127 .x6_parse = pkttype_parse,
128 .x6_options = pkttype_opts,
129 };
130
_init(void)131 void _init(void)
132 {
133 xtables_register_match(&pkttype_match);
134 }
135