1 /* 2 * xt_mark - Netfilter module to match NFMARK value 3 * 4 * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 5 * Copyright © CC Computer Consultants GmbH, 2007 - 2008 6 * Jan Engelhardt <jengelh@medozas.de> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #include <linux/module.h> 14 #include <linux/skbuff.h> 15 16 #include <linux/netfilter/xt_mark.h> 17 #include <linux/netfilter/x_tables.h> 18 19 MODULE_LICENSE("GPL"); 20 MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); 21 MODULE_DESCRIPTION("Xtables: packet mark operations"); 22 MODULE_ALIAS("ipt_mark"); 23 MODULE_ALIAS("ip6t_mark"); 24 MODULE_ALIAS("ipt_MARK"); 25 MODULE_ALIAS("ip6t_MARK"); 26 MODULE_ALIAS("arpt_MARK"); 27 28 static unsigned int 29 mark_tg(struct sk_buff *skb, const struct xt_action_param *par) 30 { 31 const struct xt_mark_tginfo2 *info = par->targinfo; 32 33 skb->mark = (skb->mark & ~info->mask) ^ info->mark; 34 return XT_CONTINUE; 35 } 36 37 static bool 38 mark_mt(const struct sk_buff *skb, struct xt_action_param *par) 39 { 40 const struct xt_mark_mtinfo1 *info = par->matchinfo; 41 42 return ((skb->mark & info->mask) == info->mark) ^ info->invert; 43 } 44 45 static struct xt_target mark_tg_reg __read_mostly = { 46 .name = "MARK", 47 .revision = 2, 48 .family = NFPROTO_UNSPEC, 49 .target = mark_tg, 50 .targetsize = sizeof(struct xt_mark_tginfo2), 51 .me = THIS_MODULE, 52 }; 53 54 static struct xt_match mark_mt_reg __read_mostly = { 55 .name = "mark", 56 .revision = 1, 57 .family = NFPROTO_UNSPEC, 58 .match = mark_mt, 59 .matchsize = sizeof(struct xt_mark_mtinfo1), 60 .me = THIS_MODULE, 61 }; 62 63 static int __init mark_mt_init(void) 64 { 65 int ret; 66 67 ret = xt_register_target(&mark_tg_reg); 68 if (ret < 0) 69 return ret; 70 ret = xt_register_match(&mark_mt_reg); 71 if (ret < 0) { 72 xt_unregister_target(&mark_tg_reg); 73 return ret; 74 } 75 return 0; 76 } 77 78 static void __exit mark_mt_exit(void) 79 { 80 xt_unregister_match(&mark_mt_reg); 81 xt_unregister_target(&mark_tg_reg); 82 } 83 84 module_init(mark_mt_init); 85 module_exit(mark_mt_exit); 86