1 /* 2 * Implements a dummy match to allow attaching comments to rules 3 * 4 * 2003-05-13 Brad Fisher (brad@info-link.net) 5 */ 6 7 #include <linux/module.h> 8 #include <linux/skbuff.h> 9 #include <linux/netfilter/x_tables.h> 10 #include <linux/netfilter/xt_comment.h> 11 12 MODULE_AUTHOR("Brad Fisher <brad@info-link.net>"); 13 MODULE_DESCRIPTION("Xtables: No-op match which can be tagged with a comment"); 14 MODULE_LICENSE("GPL"); 15 MODULE_ALIAS("ipt_comment"); 16 MODULE_ALIAS("ip6t_comment"); 17 18 static bool 19 comment_mt(const struct sk_buff *skb, const struct net_device *in, 20 const struct net_device *out, const struct xt_match *match, 21 const void *matchinfo, int offset, unsigned int protooff, 22 bool *hotdrop) 23 { 24 /* We always match */ 25 return true; 26 } 27 28 static struct xt_match comment_mt_reg[] __read_mostly = { 29 { 30 .name = "comment", 31 .family = NFPROTO_IPV4, 32 .match = comment_mt, 33 .matchsize = sizeof(struct xt_comment_info), 34 .me = THIS_MODULE 35 }, 36 { 37 .name = "comment", 38 .family = NFPROTO_IPV6, 39 .match = comment_mt, 40 .matchsize = sizeof(struct xt_comment_info), 41 .me = THIS_MODULE 42 }, 43 }; 44 45 static int __init comment_mt_init(void) 46 { 47 return xt_register_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg)); 48 } 49 50 static void __exit comment_mt_exit(void) 51 { 52 xt_unregister_matches(comment_mt_reg, ARRAY_SIZE(comment_mt_reg)); 53 } 54 55 module_init(comment_mt_init); 56 module_exit(comment_mt_exit); 57