1 /* iptables module for the packet checksum mangling 2 * 3 * (C) 2002 by Harald Welte <laforge@netfilter.org> 4 * (C) 2010 Red Hat, Inc. 5 * 6 * Author: Michael S. Tsirkin <mst@redhat.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 13 #include <linux/module.h> 14 #include <linux/skbuff.h> 15 16 #include <linux/netfilter/x_tables.h> 17 #include <linux/netfilter/xt_CHECKSUM.h> 18 19 MODULE_LICENSE("GPL"); 20 MODULE_AUTHOR("Michael S. Tsirkin <mst@redhat.com>"); 21 MODULE_DESCRIPTION("Xtables: checksum modification"); 22 MODULE_ALIAS("ipt_CHECKSUM"); 23 MODULE_ALIAS("ip6t_CHECKSUM"); 24 25 static unsigned int 26 checksum_tg(struct sk_buff *skb, const struct xt_action_param *par) 27 { 28 if (skb->ip_summed == CHECKSUM_PARTIAL) 29 skb_checksum_help(skb); 30 31 return XT_CONTINUE; 32 } 33 34 static int checksum_tg_check(const struct xt_tgchk_param *par) 35 { 36 const struct xt_CHECKSUM_info *einfo = par->targinfo; 37 38 if (einfo->operation & ~XT_CHECKSUM_OP_FILL) { 39 pr_info("unsupported CHECKSUM operation %x\n", einfo->operation); 40 return -EINVAL; 41 } 42 if (!einfo->operation) { 43 pr_info("no CHECKSUM operation enabled\n"); 44 return -EINVAL; 45 } 46 return 0; 47 } 48 49 static struct xt_target checksum_tg_reg __read_mostly = { 50 .name = "CHECKSUM", 51 .family = NFPROTO_UNSPEC, 52 .target = checksum_tg, 53 .targetsize = sizeof(struct xt_CHECKSUM_info), 54 .table = "mangle", 55 .checkentry = checksum_tg_check, 56 .me = THIS_MODULE, 57 }; 58 59 static int __init checksum_tg_init(void) 60 { 61 return xt_register_target(&checksum_tg_reg); 62 } 63 64 static void __exit checksum_tg_exit(void) 65 { 66 xt_unregister_target(&checksum_tg_reg); 67 } 68 69 module_init(checksum_tg_init); 70 module_exit(checksum_tg_exit); 71