1 /* 2 * Implements a dummy match to allow attaching comments to rules 3 * 4 * 2003-05-13 Brad Fisher (brad@info-link.net) 5 */ 6 7 #include <linux/module.h> 8 #include <linux/skbuff.h> 9 #include <linux/netfilter/x_tables.h> 10 #include <linux/netfilter/xt_comment.h> 11 12 MODULE_AUTHOR("Brad Fisher <brad@info-link.net>"); 13 MODULE_DESCRIPTION("iptables comment match module"); 14 MODULE_LICENSE("GPL"); 15 MODULE_ALIAS("ipt_comment"); 16 MODULE_ALIAS("ip6t_comment"); 17 18 static int 19 match(const struct sk_buff *skb, 20 const struct net_device *in, 21 const struct net_device *out, 22 const void *matchinfo, 23 int offset, 24 unsigned int protooff, 25 int *hotdrop) 26 { 27 /* We always match */ 28 return 1; 29 } 30 31 static int 32 checkentry(const char *tablename, 33 const void *ip, 34 void *matchinfo, 35 unsigned int matchsize, 36 unsigned int hook_mask) 37 { 38 /* Check the size */ 39 if (matchsize != XT_ALIGN(sizeof(struct xt_comment_info))) 40 return 0; 41 return 1; 42 } 43 44 static struct xt_match comment_match = { 45 .name = "comment", 46 .match = match, 47 .checkentry = checkentry, 48 .me = THIS_MODULE 49 }; 50 51 static struct xt_match comment6_match = { 52 .name = "comment", 53 .match = match, 54 .checkentry = checkentry, 55 .me = THIS_MODULE 56 }; 57 58 static int __init init(void) 59 { 60 int ret; 61 62 ret = xt_register_match(AF_INET, &comment_match); 63 if (ret) 64 return ret; 65 66 ret = xt_register_match(AF_INET6, &comment6_match); 67 if (ret) 68 xt_unregister_match(AF_INET, &comment_match); 69 70 return ret; 71 } 72 73 static void __exit fini(void) 74 { 75 xt_unregister_match(AF_INET, &comment_match); 76 xt_unregister_match(AF_INET6, &comment6_match); 77 } 78 79 module_init(init); 80 module_exit(fini); 81