Commit | Line | Data |
---|---|---|
5f2c3b91 HW |
1 | /* TTL modification target for IP tables |
2 | * (C) 2000,2005 by Harald Welte <laforge@netfilter.org> | |
3 | * | |
4 | * This program is free software; you can redistribute it and/or modify | |
5 | * it under the terms of the GNU General Public License version 2 as | |
6 | * published by the Free Software Foundation. | |
7 | * | |
8 | */ | |
9 | ||
10 | #include <linux/module.h> | |
11 | #include <linux/skbuff.h> | |
12 | #include <linux/ip.h> | |
13 | #include <net/checksum.h> | |
14 | ||
6709dbbb | 15 | #include <linux/netfilter/x_tables.h> |
5f2c3b91 HW |
16 | #include <linux/netfilter_ipv4/ipt_TTL.h> |
17 | ||
18 | MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); | |
19 | MODULE_DESCRIPTION("IP tables TTL modification module"); | |
20 | MODULE_LICENSE("GPL"); | |
21 | ||
22 | static unsigned int | |
c4986734 PM |
23 | ipt_ttl_target(struct sk_buff **pskb, |
24 | const struct net_device *in, const struct net_device *out, | |
25 | unsigned int hooknum, const struct xt_target *target, | |
fe1cb108 | 26 | const void *targinfo) |
5f2c3b91 HW |
27 | { |
28 | struct iphdr *iph; | |
29 | const struct ipt_TTL_info *info = targinfo; | |
5f2c3b91 HW |
30 | int new_ttl; |
31 | ||
32 | if (!skb_make_writable(pskb, (*pskb)->len)) | |
33 | return NF_DROP; | |
34 | ||
35 | iph = (*pskb)->nh.iph; | |
36 | ||
37 | switch (info->mode) { | |
38 | case IPT_TTL_SET: | |
39 | new_ttl = info->ttl; | |
40 | break; | |
41 | case IPT_TTL_INC: | |
42 | new_ttl = iph->ttl + info->ttl; | |
43 | if (new_ttl > 255) | |
44 | new_ttl = 255; | |
45 | break; | |
46 | case IPT_TTL_DEC: | |
47 | new_ttl = iph->ttl - info->ttl; | |
48 | if (new_ttl < 0) | |
49 | new_ttl = 0; | |
50 | break; | |
51 | default: | |
52 | new_ttl = iph->ttl; | |
53 | break; | |
54 | } | |
55 | ||
56 | if (new_ttl != iph->ttl) { | |
43bc0ca7 AV |
57 | nf_csum_replace2(&iph->check, htons(iph->ttl << 8), |
58 | htons(new_ttl << 8)); | |
5f2c3b91 | 59 | iph->ttl = new_ttl; |
5f2c3b91 HW |
60 | } |
61 | ||
6709dbbb | 62 | return XT_CONTINUE; |
5f2c3b91 HW |
63 | } |
64 | ||
65 | static int ipt_ttl_checkentry(const char *tablename, | |
2e4e6a17 | 66 | const void *e, |
c4986734 | 67 | const struct xt_target *target, |
5f2c3b91 | 68 | void *targinfo, |
5f2c3b91 HW |
69 | unsigned int hook_mask) |
70 | { | |
71 | struct ipt_TTL_info *info = targinfo; | |
72 | ||
5f2c3b91 HW |
73 | if (info->mode > IPT_TTL_MAXMODE) { |
74 | printk(KERN_WARNING "ipt_TTL: invalid or unknown Mode %u\n", | |
75 | info->mode); | |
76 | return 0; | |
77 | } | |
5f2c3b91 HW |
78 | if ((info->mode != IPT_TTL_SET) && (info->ttl == 0)) |
79 | return 0; | |
5f2c3b91 HW |
80 | return 1; |
81 | } | |
82 | ||
6709dbbb | 83 | static struct xt_target ipt_TTL = { |
5f2c3b91 | 84 | .name = "TTL", |
6709dbbb | 85 | .family = AF_INET, |
5f2c3b91 | 86 | .target = ipt_ttl_target, |
1d5cd909 PM |
87 | .targetsize = sizeof(struct ipt_TTL_info), |
88 | .table = "mangle", | |
5f2c3b91 HW |
89 | .checkentry = ipt_ttl_checkentry, |
90 | .me = THIS_MODULE, | |
91 | }; | |
92 | ||
65b4b4e8 | 93 | static int __init ipt_ttl_init(void) |
5f2c3b91 | 94 | { |
6709dbbb | 95 | return xt_register_target(&ipt_TTL); |
5f2c3b91 HW |
96 | } |
97 | ||
65b4b4e8 | 98 | static void __exit ipt_ttl_fini(void) |
5f2c3b91 | 99 | { |
6709dbbb | 100 | xt_unregister_target(&ipt_TTL); |
5f2c3b91 HW |
101 | } |
102 | ||
65b4b4e8 AM |
103 | module_init(ipt_ttl_init); |
104 | module_exit(ipt_ttl_fini); |