[deliverable/linux.git] / net / ipv4 / netfilter / ipt_TTL.c

/* TTL modification target for IP tables
 * (C) 2000,2005 by Harald Welte <laforge@netfilter.org>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 */

#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <net/checksum.h>

#include <linux/netfilter/x_tables.h>
#include <linux/netfilter_ipv4/ipt_TTL.h>

MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_DESCRIPTION("Xtables: IPv4 TTL field modification target");
MODULE_LICENSE("GPL");

static unsigned int
ttl_tg(struct sk_buff *skb, const struct net_device *in,
       const struct net_device *out, unsigned int hooknum,
       const struct xt_target *target, const void *targinfo)
{
	struct iphdr *iph;
	const struct ipt_TTL_info *info = targinfo;
	int new_ttl;

	if (!skb_make_writable(skb, skb->len))
		return NF_DROP;

	iph = ip_hdr(skb);

	switch (info->mode) {
		case IPT_TTL_SET:
			new_ttl = info->ttl;
			break;
		case IPT_TTL_INC:
			new_ttl = iph->ttl + info->ttl;
			if (new_ttl > 255)
				new_ttl = 255;
			break;
		case IPT_TTL_DEC:
			new_ttl = iph->ttl - info->ttl;
			if (new_ttl < 0)
				new_ttl = 0;
			break;
		default:
			new_ttl = iph->ttl;
			break;
	}

	if (new_ttl != iph->ttl) {
		csum_replace2(&iph->check, htons(iph->ttl << 8),
					   htons(new_ttl << 8));
		iph->ttl = new_ttl;
	}

	return XT_CONTINUE;
}

static bool
ttl_tg_check(const char *tablename, const void *e,
             const struct xt_target *target, void *targinfo,
             unsigned int hook_mask)
{
	const struct ipt_TTL_info *info = targinfo;

	if (info->mode > IPT_TTL_MAXMODE) {
		printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n",
			info->mode);
		return false;
	}
	if (info->mode != IPT_TTL_SET && info->ttl == 0)
		return false;
	return true;
}

static struct xt_target ttl_tg_reg __read_mostly = {
	.name 		= "TTL",
	.family		= AF_INET,
	.target 	= ttl_tg,
	.targetsize	= sizeof(struct ipt_TTL_info),
	.table		= "mangle",
	.checkentry 	= ttl_tg_check,
	.me 		= THIS_MODULE,
};

static int __init ttl_tg_init(void)
{
	return xt_register_target(&ttl_tg_reg);
}

static void __exit ttl_tg_exit(void)
{
	xt_unregister_target(&ttl_tg_reg);
}

module_init(ttl_tg_init);
module_exit(ttl_tg_exit);
Commit	Line	Data
5f2c3b91 HW	1	/* TTL modification target for IP tables
	2	* (C) 2000,2005 by Harald Welte <laforge@netfilter.org>
	3	*
	4	* This program is free software; you can redistribute it and/or modify
	5	* it under the terms of the GNU General Public License version 2 as
	6	* published by the Free Software Foundation.
	7	*
	8	*/
	9
	10	#include <linux/module.h>
	11	#include <linux/skbuff.h>
	12	#include <linux/ip.h>
	13	#include <net/checksum.h>
	14
6709dbbb	15	#include <linux/netfilter/x_tables.h>
5f2c3b91 HW	16	#include <linux/netfilter_ipv4/ipt_TTL.h>
	17
	18	MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
2ae15b64	19	MODULE_DESCRIPTION("Xtables: IPv4 TTL field modification target");
5f2c3b91 HW	20	MODULE_LICENSE("GPL");
5f2c3b91 HW	21
e905a9ed	22	static unsigned int
d3c5ee6d JE	23	ttl_tg(struct sk_buff skb, const struct net_device in,
	24	const struct net_device *out, unsigned int hooknum,
	25	const struct xt_target target, const void targinfo)
5f2c3b91 HW	26	{
	27	struct iphdr *iph;
	28	const struct ipt_TTL_info *info = targinfo;
5f2c3b91 HW	29	int new_ttl;
5f2c3b91 HW	30
3db05fea	31	if (!skb_make_writable(skb, skb->len))
5f2c3b91 HW	32	return NF_DROP;
5f2c3b91 HW	33
3db05fea	34	iph = ip_hdr(skb);
5f2c3b91 HW	35
	36	switch (info->mode) {
	37	case IPT_TTL_SET:
	38	new_ttl = info->ttl;
	39	break;
	40	case IPT_TTL_INC:
	41	new_ttl = iph->ttl + info->ttl;
	42	if (new_ttl > 255)
	43	new_ttl = 255;
	44	break;
	45	case IPT_TTL_DEC:
	46	new_ttl = iph->ttl - info->ttl;
	47	if (new_ttl < 0)
	48	new_ttl = 0;
	49	break;
	50	default:
	51	new_ttl = iph->ttl;
	52	break;
	53	}
	54
	55	if (new_ttl != iph->ttl) {
be0ea7d5 PM	56	csum_replace2(&iph->check, htons(iph->ttl << 8),
be0ea7d5 PM	57	htons(new_ttl << 8));
5f2c3b91	58	iph->ttl = new_ttl;
5f2c3b91 HW	59	}
5f2c3b91 HW	60
6709dbbb	61	return XT_CONTINUE;
5f2c3b91 HW	62	}
5f2c3b91 HW	63
d3c5ee6d JE	64	static bool
	65	ttl_tg_check(const char tablename, const void e,
	66	const struct xt_target target, void targinfo,
	67	unsigned int hook_mask)
5f2c3b91	68	{
a47362a2	69	const struct ipt_TTL_info *info = targinfo;
5f2c3b91	70
5f2c3b91	71	if (info->mode > IPT_TTL_MAXMODE) {
e905a9ed	72	printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n",
5f2c3b91	73	info->mode);
e1931b78	74	return false;
5f2c3b91	75	}
7c4e36bc	76	if (info->mode != IPT_TTL_SET && info->ttl == 0)
e1931b78 JE	77	return false;
e1931b78 JE	78	return true;
5f2c3b91 HW	79	}
5f2c3b91 HW	80
d3c5ee6d	81	static struct xt_target ttl_tg_reg __read_mostly = {
5f2c3b91	82	.name = "TTL",
6709dbbb	83	.family = AF_INET,
d3c5ee6d	84	.target = ttl_tg,
1d5cd909 PM	85	.targetsize = sizeof(struct ipt_TTL_info),
1d5cd909 PM	86	.table = "mangle",
d3c5ee6d	87	.checkentry = ttl_tg_check,
5f2c3b91 HW	88	.me = THIS_MODULE,
	89	};
	90
d3c5ee6d	91	static int __init ttl_tg_init(void)
5f2c3b91	92	{
d3c5ee6d	93	return xt_register_target(&ttl_tg_reg);
5f2c3b91 HW	94	}
5f2c3b91 HW	95
d3c5ee6d	96	static void __exit ttl_tg_exit(void)
5f2c3b91	97	{
d3c5ee6d	98	xt_unregister_target(&ttl_tg_reg);
5f2c3b91 HW	99	}
5f2c3b91 HW	100
d3c5ee6d JE	101	module_init(ttl_tg_init);
d3c5ee6d JE	102	module_exit(ttl_tg_exit);