[deliverable/linux.git] / net / ipv6 / netfilter / ip6table_raw.c

/*
 * IPv6 raw table, a port of the IPv4 raw table to IPv6
 *
 * Copyright (C) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
 */
#include <linux/module.h>
#include <linux/netfilter_ipv6/ip6_tables.h>

#define RAW_VALID_HOOKS ((1 << NF_IP6_PRE_ROUTING) | (1 << NF_IP6_LOCAL_OUT))

static struct
{
	struct ip6t_replace repl;
	struct ip6t_standard entries[2];
	struct ip6t_error term;
} initial_table __initdata = {
	.repl = {
		.name = "raw",
		.valid_hooks = RAW_VALID_HOOKS,
		.num_entries = 3,
		.size = sizeof(struct ip6t_standard) * 2 + sizeof(struct ip6t_error),
		.hook_entry = {
			[NF_IP6_PRE_ROUTING] = 0,
			[NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard)
		},
		.underflow = {
			[NF_IP6_PRE_ROUTING] = 0,
			[NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard)
		},
	},
	.entries = {
		IP6T_STANDARD_INIT(NF_ACCEPT),	/* PRE_ROUTING */
		IP6T_STANDARD_INIT(NF_ACCEPT),	/* LOCAL_OUT */
	},
	.term = IP6T_ERROR_INIT,		/* ERROR */
};

static struct xt_table packet_raw = {
	.name = "raw",
	.valid_hooks = RAW_VALID_HOOKS,
	.lock = RW_LOCK_UNLOCKED,
	.me = THIS_MODULE,
	.af = AF_INET6,
};

/* The work comes in here from netfilter.c. */
static unsigned int
ip6t_hook(unsigned int hook,
	 struct sk_buff **pskb,
	 const struct net_device *in,
	 const struct net_device *out,
	 int (*okfn)(struct sk_buff *))
{
	return ip6t_do_table(pskb, hook, in, out, &packet_raw);
}

static struct nf_hook_ops ip6t_ops[] = {
	{
	  .hook = ip6t_hook,
	  .pf = PF_INET6,
	  .hooknum = NF_IP6_PRE_ROUTING,
	  .priority = NF_IP6_PRI_FIRST,
	  .owner = THIS_MODULE,
	},
	{
	  .hook = ip6t_hook,
	  .pf = PF_INET6,
	  .hooknum = NF_IP6_LOCAL_OUT,
	  .priority = NF_IP6_PRI_FIRST,
	  .owner = THIS_MODULE,
	},
};

static int __init ip6table_raw_init(void)
{
	int ret;

	/* Register table */
	ret = ip6t_register_table(&packet_raw, &initial_table.repl);
	if (ret < 0)
		return ret;

	/* Register hooks */
	ret = nf_register_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
	if (ret < 0)
		goto cleanup_table;

	return ret;

 cleanup_table:
	ip6t_unregister_table(&packet_raw);
	return ret;
}

static void __exit ip6table_raw_fini(void)
{
	nf_unregister_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
	ip6t_unregister_table(&packet_raw);
}

module_init(ip6table_raw_init);
module_exit(ip6table_raw_fini);
MODULE_LICENSE("GPL");
Commit	Line	Data
1da177e4 LT	1	/*
	2	* IPv6 raw table, a port of the IPv4 raw table to IPv6
	3	*
	4	* Copyright (C) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	5	*/
	6	#include <linux/module.h>
	7	#include <linux/netfilter_ipv6/ip6_tables.h>
	8
	9	#define RAW_VALID_HOOKS ((1 << NF_IP6_PRE_ROUTING) \| (1 << NF_IP6_LOCAL_OUT))
	10
1da177e4 LT	11	static struct
	12	{
	13	struct ip6t_replace repl;
	14	struct ip6t_standard entries[2];
	15	struct ip6t_error term;
	16	} initial_table __initdata = {
	17	.repl = {
	18	.name = "raw",
	19	.valid_hooks = RAW_VALID_HOOKS,
	20	.num_entries = 3,
	21	.size = sizeof(struct ip6t_standard) * 2 + sizeof(struct ip6t_error),
	22	.hook_entry = {
	23	[NF_IP6_PRE_ROUTING] = 0,
	24	[NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard)
	25	},
	26	.underflow = {
	27	[NF_IP6_PRE_ROUTING] = 0,
	28	[NF_IP6_LOCAL_OUT] = sizeof(struct ip6t_standard)
	29	},
	30	},
	31	.entries = {
3c2ad469 PM	32	IP6T_STANDARD_INIT(NF_ACCEPT), /* PRE_ROUTING */
3c2ad469 PM	33	IP6T_STANDARD_INIT(NF_ACCEPT), /* LOCAL_OUT */
1da177e4	34	},
3c2ad469	35	.term = IP6T_ERROR_INIT, /* ERROR */
1da177e4 LT	36	};
1da177e4 LT	37
1ab1457c YH	38	static struct xt_table packet_raw = {
	39	.name = "raw",
	40	.valid_hooks = RAW_VALID_HOOKS,
	41	.lock = RW_LOCK_UNLOCKED,
2e4e6a17 HW	42	.me = THIS_MODULE,
2e4e6a17 HW	43	.af = AF_INET6,
1da177e4 LT	44	};
	45
	46	/* The work comes in here from netfilter.c. */
	47	static unsigned int
	48	ip6t_hook(unsigned int hook,
	49	struct sk_buff **pskb,
	50	const struct net_device *in,
	51	const struct net_device *out,
	52	int (okfn)(struct sk_buff ))
	53	{
fe1cb108	54	return ip6t_do_table(pskb, hook, in, out, &packet_raw);
1da177e4 LT	55	}
1da177e4 LT	56
1ab1457c	57	static struct nf_hook_ops ip6t_ops[] = {
1da177e4	58	{
1ab1457c	59	.hook = ip6t_hook,
1da177e4 LT	60	.pf = PF_INET6,
1da177e4 LT	61	.hooknum = NF_IP6_PRE_ROUTING,
97216c79 PM	62	.priority = NF_IP6_PRI_FIRST,
97216c79 PM	63	.owner = THIS_MODULE,
1da177e4 LT	64	},
1da177e4 LT	65	{
1ab1457c YH	66	.hook = ip6t_hook,
1ab1457c YH	67	.pf = PF_INET6,
1da177e4	68	.hooknum = NF_IP6_LOCAL_OUT,
97216c79 PM	69	.priority = NF_IP6_PRI_FIRST,
97216c79 PM	70	.owner = THIS_MODULE,
1da177e4 LT	71	},
	72	};
	73
65b4b4e8	74	static int __init ip6table_raw_init(void)
1da177e4 LT	75	{
	76	int ret;
	77
	78	/* Register table */
	79	ret = ip6t_register_table(&packet_raw, &initial_table.repl);
	80	if (ret < 0)
	81	return ret;
	82
	83	/* Register hooks */
964ddaa1	84	ret = nf_register_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
1da177e4 LT	85	if (ret < 0)
	86	goto cleanup_table;
	87
1da177e4 LT	88	return ret;
1da177e4 LT	89
1da177e4 LT	90	cleanup_table:
1da177e4 LT	91	ip6t_unregister_table(&packet_raw);
1da177e4 LT	92	return ret;
	93	}
	94
65b4b4e8	95	static void __exit ip6table_raw_fini(void)
1da177e4	96	{
964ddaa1	97	nf_unregister_hooks(ip6t_ops, ARRAY_SIZE(ip6t_ops));
1da177e4 LT	98	ip6t_unregister_table(&packet_raw);
	99	}
	100
65b4b4e8 AM	101	module_init(ip6table_raw_init);
65b4b4e8 AM	102	module_exit(ip6table_raw_fini);
1da177e4	103	MODULE_LICENSE("GPL");