12e4e6a17SHarald Welte /* Kernel module to match packet length. */ 22e4e6a17SHarald Welte /* (C) 1999-2001 James Morris <jmorros@intercode.com.au> 32e4e6a17SHarald Welte * 42e4e6a17SHarald Welte * This program is free software; you can redistribute it and/or modify 52e4e6a17SHarald Welte * it under the terms of the GNU General Public License version 2 as 62e4e6a17SHarald Welte * published by the Free Software Foundation. 72e4e6a17SHarald Welte */ 82e4e6a17SHarald Welte 92e4e6a17SHarald Welte #include <linux/module.h> 102e4e6a17SHarald Welte #include <linux/skbuff.h> 1137d8dc82SDavid S. Miller #include <linux/ipv6.h> 122e4e6a17SHarald Welte #include <net/ip.h> 132e4e6a17SHarald Welte 142e4e6a17SHarald Welte #include <linux/netfilter/xt_length.h> 152e4e6a17SHarald Welte #include <linux/netfilter/x_tables.h> 162e4e6a17SHarald Welte 172e4e6a17SHarald Welte MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>"); 182e4e6a17SHarald Welte MODULE_DESCRIPTION("IP tables packet length matching module"); 192e4e6a17SHarald Welte MODULE_LICENSE("GPL"); 202e4e6a17SHarald Welte MODULE_ALIAS("ipt_length"); 212e4e6a17SHarald Welte MODULE_ALIAS("ip6t_length"); 222e4e6a17SHarald Welte 231d93a9cbSJan Engelhardt static bool 242e4e6a17SHarald Welte match(const struct sk_buff *skb, 252e4e6a17SHarald Welte const struct net_device *in, 262e4e6a17SHarald Welte const struct net_device *out, 27c4986734SPatrick McHardy const struct xt_match *match, 282e4e6a17SHarald Welte const void *matchinfo, 292e4e6a17SHarald Welte int offset, 302e4e6a17SHarald Welte unsigned int protoff, 31cff533acSJan Engelhardt bool *hotdrop) 322e4e6a17SHarald Welte { 332e4e6a17SHarald Welte const struct xt_length_info *info = matchinfo; 34eddc9ec5SArnaldo Carvalho de Melo u_int16_t pktlen = ntohs(ip_hdr(skb)->tot_len); 352e4e6a17SHarald Welte 362e4e6a17SHarald Welte return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 372e4e6a17SHarald Welte } 382e4e6a17SHarald Welte 391d93a9cbSJan Engelhardt static bool 402e4e6a17SHarald Welte match6(const struct sk_buff *skb, 412e4e6a17SHarald Welte const struct net_device *in, 422e4e6a17SHarald Welte const struct net_device *out, 43c4986734SPatrick McHardy const struct xt_match *match, 442e4e6a17SHarald Welte const void *matchinfo, 452e4e6a17SHarald Welte int offset, 462e4e6a17SHarald Welte unsigned int protoff, 47cff533acSJan Engelhardt bool *hotdrop) 482e4e6a17SHarald Welte { 492e4e6a17SHarald Welte const struct xt_length_info *info = matchinfo; 500660e03fSArnaldo Carvalho de Melo const u_int16_t pktlen = (ntohs(ipv6_hdr(skb)->payload_len) + 510660e03fSArnaldo Carvalho de Melo sizeof(struct ipv6hdr)); 522e4e6a17SHarald Welte 532e4e6a17SHarald Welte return (pktlen >= info->min && pktlen <= info->max) ^ info->invert; 542e4e6a17SHarald Welte } 552e4e6a17SHarald Welte 564470bbc7SPatrick McHardy static struct xt_match xt_length_match[] = { 574470bbc7SPatrick McHardy { 582e4e6a17SHarald Welte .name = "length", 594470bbc7SPatrick McHardy .family = AF_INET, 605d04bff0SPatrick McHardy .match = match, 615d04bff0SPatrick McHardy .matchsize = sizeof(struct xt_length_info), 622e4e6a17SHarald Welte .me = THIS_MODULE, 634470bbc7SPatrick McHardy }, 644470bbc7SPatrick McHardy { 652e4e6a17SHarald Welte .name = "length", 664470bbc7SPatrick McHardy .family = AF_INET6, 675d04bff0SPatrick McHardy .match = match6, 685d04bff0SPatrick McHardy .matchsize = sizeof(struct xt_length_info), 692e4e6a17SHarald Welte .me = THIS_MODULE, 704470bbc7SPatrick McHardy }, 712e4e6a17SHarald Welte }; 722e4e6a17SHarald Welte 7365b4b4e8SAndrew Morton static int __init xt_length_init(void) 742e4e6a17SHarald Welte { 754470bbc7SPatrick McHardy return xt_register_matches(xt_length_match, 764470bbc7SPatrick McHardy ARRAY_SIZE(xt_length_match)); 772e4e6a17SHarald Welte } 782e4e6a17SHarald Welte 7965b4b4e8SAndrew Morton static void __exit xt_length_fini(void) 802e4e6a17SHarald Welte { 814470bbc7SPatrick McHardy xt_unregister_matches(xt_length_match, ARRAY_SIZE(xt_length_match)); 822e4e6a17SHarald Welte } 832e4e6a17SHarald Welte 8465b4b4e8SAndrew Morton module_init(xt_length_init); 8565b4b4e8SAndrew Morton module_exit(xt_length_fini); 86