1 /* Hop Limit matching module */ 2 3 /* (C) 2001-2002 Maciej Soltysiak <solt@dns.toxicfilms.tv> 4 * Based on HW's ttl module 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 */ 10 11 #include <linux/ipv6.h> 12 #include <linux/module.h> 13 #include <linux/skbuff.h> 14 15 #include <linux/netfilter_ipv6/ip6t_hl.h> 16 #include <linux/netfilter/x_tables.h> 17 18 MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>"); 19 MODULE_DESCRIPTION("Xtables: IPv6 Hop Limit field match"); 20 MODULE_LICENSE("GPL"); 21 hl_mt6(const struct sk_buff * skb,const struct xt_match_param * par)22static bool hl_mt6(const struct sk_buff *skb, const struct xt_match_param *par) 23 { 24 const struct ip6t_hl_info *info = par->matchinfo; 25 const struct ipv6hdr *ip6h = ipv6_hdr(skb); 26 27 switch (info->mode) { 28 case IP6T_HL_EQ: 29 return ip6h->hop_limit == info->hop_limit; 30 break; 31 case IP6T_HL_NE: 32 return ip6h->hop_limit != info->hop_limit; 33 break; 34 case IP6T_HL_LT: 35 return ip6h->hop_limit < info->hop_limit; 36 break; 37 case IP6T_HL_GT: 38 return ip6h->hop_limit > info->hop_limit; 39 break; 40 default: 41 printk(KERN_WARNING "ip6t_hl: unknown mode %d\n", 42 info->mode); 43 return false; 44 } 45 46 return false; 47 } 48 49 static struct xt_match hl_mt6_reg __read_mostly = { 50 .name = "hl", 51 .family = NFPROTO_IPV6, 52 .match = hl_mt6, 53 .matchsize = sizeof(struct ip6t_hl_info), 54 .me = THIS_MODULE, 55 }; 56 hl_mt6_init(void)57static int __init hl_mt6_init(void) 58 { 59 return xt_register_match(&hl_mt6_reg); 60 } 61 hl_mt6_exit(void)62static void __exit hl_mt6_exit(void) 63 { 64 xt_unregister_match(&hl_mt6_reg); 65 } 66 67 module_init(hl_mt6_init); 68 module_exit(hl_mt6_exit); 69