diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-03 13:58:15 +0100 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-03 13:58:15 +0100 |
commit | 4aca87515a5083ae0e31ce3177189fd43b6d05ac (patch) | |
tree | 7b1d9a31393ca090757dc6f0d3859b4fcd93f271 /release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c | |
parent | 008d0be72b2f160382c6e880765e96b64a050c65 (diff) | |
download | tomato-4aca87515a5083ae0e31ce3177189fd43b6d05ac.tar.gz tomato-4aca87515a5083ae0e31ce3177189fd43b6d05ac.tar.bz2 |
patch to Vanilla Tomato 1.28
Diffstat (limited to 'release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c')
-rw-r--r-- | release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c b/release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c new file mode 100644 index 00000000..63f93a14 --- /dev/null +++ b/release/src/linux/linux/net/ipv4/netfilter/ipt_bcount.c @@ -0,0 +1,59 @@ +/* + + bcount match (experimental) + Copyright (C) 2006 Jonathan Zarate + + Licensed under GNU GPL v2 or later. + +*/ +#include <linux/module.h> +#include <linux/skbuff.h> +#include <net/sock.h> +#include <linux/netfilter_ipv4/ip_tables.h> +#include <linux/netfilter_ipv4/ip_conntrack.h> +#include <linux/netfilter_ipv4/ipt_bcount.h> + +// #define LOG printk +#define LOG(...) do { } while (0); + + +static int match(const struct sk_buff *skb, const struct net_device *in, const struct net_device *out, + const void *matchinfo, int offset, const void *hdr, u_int16_t datalen, int *hotdrop) +{ + const struct ipt_bcount_match *info = matchinfo; + struct ip_conntrack *ct; + enum ip_conntrack_info ctinfo; + + ct = ip_conntrack_get((struct sk_buff *)skb, &ctinfo); + if (!ct) return !info->invert; + return ((ct->bcount >= info->min) && (ct->bcount <= info->max)) ^ info->invert; +} + +static int checkentry(const char *tablename, const struct ipt_ip *ip, void *matchinfo, + unsigned int matchsize, unsigned int hook_mask) +{ + return (matchsize == IPT_ALIGN(sizeof(struct ipt_bcount_match))); +} + + +static struct ipt_match bcount_match += { { NULL, NULL }, "bcount", &match, &checkentry, NULL, THIS_MODULE }; + +static int __init init(void) +{ + LOG(KERN_INFO "ipt_bcount <" __DATE__ " " __TIME__ "> loaded\n"); + return ipt_register_match(&bcount_match); +} + +static void __exit fini(void) +{ + ipt_unregister_match(&bcount_match); +} + +module_init(init); +module_exit(fini); + + +MODULE_AUTHOR("Jonathan Zarate"); +MODULE_DESCRIPTION("bcount match"); +MODULE_LICENSE("GPL"); |