[deliverable/linux.git] / net / bridge / netfilter / ebt_arpreply.c

/*
 *  ebt_arpreply
 *
 *	Authors:
 *	Grzegorz Borowiak <grzes@gnu.univ.gda.pl>
 *	Bart De Schuymer <bdschuym@pandora.be>
 *
 *  August, 2003
 *
 */

#include <linux/netfilter_bridge/ebtables.h>
#include <linux/netfilter_bridge/ebt_arpreply.h>
#include <linux/if_arp.h>
#include <net/arp.h>
#include <linux/module.h>

static int ebt_target_reply(struct sk_buff *skb, unsigned int hooknr,
   const struct net_device *in, const struct net_device *out,
   const void *data, unsigned int datalen)
{
	struct ebt_arpreply_info *info = (struct ebt_arpreply_info *)data;
	__be32 _sip, *siptr, _dip, *diptr;
	struct arphdr _ah, *ap;
	unsigned char _sha[ETH_ALEN], *shp;

	ap = skb_header_pointer(skb, 0, sizeof(_ah), &_ah);
	if (ap == NULL)
		return EBT_DROP;

	if (ap->ar_op != htons(ARPOP_REQUEST) ||
	    ap->ar_hln != ETH_ALEN ||
	    ap->ar_pro != htons(ETH_P_IP) ||
	    ap->ar_pln != 4)
		return EBT_CONTINUE;

	shp = skb_header_pointer(skb, sizeof(_ah), ETH_ALEN, &_sha);
	if (shp == NULL)
		return EBT_DROP;

	siptr = skb_header_pointer(skb, sizeof(_ah) + ETH_ALEN,
				   sizeof(_sip), &_sip);
	if (siptr == NULL)
		return EBT_DROP;

	diptr = skb_header_pointer(skb,
				   sizeof(_ah) + 2 * ETH_ALEN + sizeof(_sip),
				   sizeof(_dip), &_dip);
	if (diptr == NULL)
		return EBT_DROP;

	arp_send(ARPOP_REPLY, ETH_P_ARP, *siptr, (struct net_device *)in,
		 *diptr, shp, info->mac, shp);

	return info->target;
}

static int ebt_target_reply_check(const char *tablename, unsigned int hookmask,
   const struct ebt_entry *e, void *data, unsigned int datalen)
{
	struct ebt_arpreply_info *info = (struct ebt_arpreply_info *)data;

	if (datalen != EBT_ALIGN(sizeof(struct ebt_arpreply_info)))
		return -EINVAL;
	if (BASE_CHAIN && info->target == EBT_RETURN)
		return -EINVAL;
	if (e->ethproto != htons(ETH_P_ARP) ||
	    e->invflags & EBT_IPROTO)
		return -EINVAL;
	CLEAR_BASE_CHAIN_BIT;
	if (strcmp(tablename, "nat") || hookmask & ~(1 << NF_BR_PRE_ROUTING))
		return -EINVAL;
	return 0;
}

static struct ebt_target reply_target =
{
	.name		= EBT_ARPREPLY_TARGET,
	.target		= ebt_target_reply,
	.check		= ebt_target_reply_check,
	.me		= THIS_MODULE,
};

static int __init ebt_arpreply_init(void)
{
	return ebt_register_target(&reply_target);
}

static void __exit ebt_arpreply_fini(void)
{
	ebt_unregister_target(&reply_target);
}

module_init(ebt_arpreply_init);
module_exit(ebt_arpreply_fini);
MODULE_LICENSE("GPL");
Commit	Line	Data
1da177e4 LT	1	/*
	2	* ebt_arpreply
	3	*
	4	* Authors:
	5	* Grzegorz Borowiak <grzes@gnu.univ.gda.pl>
	6	* Bart De Schuymer <bdschuym@pandora.be>
	7	*
	8	* August, 2003
	9	*
	10	*/
	11
	12	#include <linux/netfilter_bridge/ebtables.h>
	13	#include <linux/netfilter_bridge/ebt_arpreply.h>
	14	#include <linux/if_arp.h>
	15	#include <net/arp.h>
	16	#include <linux/module.h>
	17
3db05fea	18	static int ebt_target_reply(struct sk_buff *skb, unsigned int hooknr,
1da177e4 LT	19	const struct net_device in, const struct net_device out,
	20	const void *data, unsigned int datalen)
	21	{
	22	struct ebt_arpreply_info info = (struct ebt_arpreply_info )data;
ed9bad06	23	__be32 _sip, siptr, _dip, diptr;
1da177e4 LT	24	struct arphdr _ah, *ap;
1da177e4 LT	25	unsigned char _sha[ETH_ALEN], *shp;
1da177e4 LT	26
	27	ap = skb_header_pointer(skb, 0, sizeof(_ah), &_ah);
	28	if (ap == NULL)
	29	return EBT_DROP;
	30
	31	if (ap->ar_op != htons(ARPOP_REQUEST) \|\|
	32	ap->ar_hln != ETH_ALEN \|\|
	33	ap->ar_pro != htons(ETH_P_IP) \|\|
	34	ap->ar_pln != 4)
	35	return EBT_CONTINUE;
	36
	37	shp = skb_header_pointer(skb, sizeof(_ah), ETH_ALEN, &_sha);
	38	if (shp == NULL)
	39	return EBT_DROP;
	40
	41	siptr = skb_header_pointer(skb, sizeof(_ah) + ETH_ALEN,
	42	sizeof(_sip), &_sip);
	43	if (siptr == NULL)
	44	return EBT_DROP;
	45
	46	diptr = skb_header_pointer(skb,
	47	sizeof(_ah) + 2 * ETH_ALEN + sizeof(_sip),
	48	sizeof(_dip), &_dip);
	49	if (diptr == NULL)
	50	return EBT_DROP;
	51
	52	arp_send(ARPOP_REPLY, ETH_P_ARP, siptr, (struct net_device )in,
9d6f229f	53	*diptr, shp, info->mac, shp);
1da177e4 LT	54
	55	return info->target;
	56	}
	57
	58	static int ebt_target_reply_check(const char *tablename, unsigned int hookmask,
	59	const struct ebt_entry e, void data, unsigned int datalen)
	60	{
	61	struct ebt_arpreply_info info = (struct ebt_arpreply_info )data;
	62
	63	if (datalen != EBT_ALIGN(sizeof(struct ebt_arpreply_info)))
	64	return -EINVAL;
	65	if (BASE_CHAIN && info->target == EBT_RETURN)
	66	return -EINVAL;
	67	if (e->ethproto != htons(ETH_P_ARP) \|\|
	68	e->invflags & EBT_IPROTO)
	69	return -EINVAL;
	70	CLEAR_BASE_CHAIN_BIT;
	71	if (strcmp(tablename, "nat") \|\| hookmask & ~(1 << NF_BR_PRE_ROUTING))
	72	return -EINVAL;
	73	return 0;
	74	}
	75
	76	static struct ebt_target reply_target =
	77	{
	78	.name = EBT_ARPREPLY_TARGET,
	79	.target = ebt_target_reply,
	80	.check = ebt_target_reply_check,
	81	.me = THIS_MODULE,
	82	};
	83
65b4b4e8	84	static int __init ebt_arpreply_init(void)
1da177e4 LT	85	{
	86	return ebt_register_target(&reply_target);
	87	}
	88
65b4b4e8	89	static void __exit ebt_arpreply_fini(void)
1da177e4 LT	90	{
	91	ebt_unregister_target(&reply_target);
	92	}
	93
65b4b4e8 AM	94	module_init(ebt_arpreply_init);
65b4b4e8 AM	95	module_exit(ebt_arpreply_fini);
1da177e4	96	MODULE_LICENSE("GPL");