[deliverable/linux.git] / net / netfilter / xt_statistic.c

/*
 * Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * Based on ipt_random and ipt_nth by Fabrice MARIE <fabrice@netfilter.org>.
 */

#include <linux/init.h>
#include <linux/spinlock.h>
#include <linux/skbuff.h>
#include <linux/net.h>

#include <linux/netfilter/xt_statistic.h>
#include <linux/netfilter/x_tables.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
MODULE_DESCRIPTION("Xtables: statistics-based matching (\"Nth\", random)");
MODULE_ALIAS("ipt_statistic");
MODULE_ALIAS("ip6t_statistic");

static DEFINE_SPINLOCK(nth_lock);

static bool
statistic_mt(const struct sk_buff *skb, const struct xt_match_param *par)
{
	struct xt_statistic_info *info = (void *)par->matchinfo;
	bool ret = info->flags & XT_STATISTIC_INVERT;

	switch (info->mode) {
	case XT_STATISTIC_MODE_RANDOM:
		if ((net_random() & 0x7FFFFFFF) < info->u.random.probability)
			ret = !ret;
		break;
	case XT_STATISTIC_MODE_NTH:
		info = info->master;
		spin_lock_bh(&nth_lock);
		if (info->u.nth.count++ == info->u.nth.every) {
			info->u.nth.count = 0;
			ret = !ret;
		}
		spin_unlock_bh(&nth_lock);
		break;
	}

	return ret;
}

static bool statistic_mt_check(const struct xt_mtchk_param *par)
{
	struct xt_statistic_info *info = par->matchinfo;

	if (info->mode > XT_STATISTIC_MODE_MAX ||
	    info->flags & ~XT_STATISTIC_MASK)
		return false;
	info->master = info;
	return true;
}

static struct xt_match xt_statistic_mt_reg __read_mostly = {
	.name       = "statistic",
	.revision   = 0,
	.family     = NFPROTO_UNSPEC,
	.match      = statistic_mt,
	.checkentry = statistic_mt_check,
	.matchsize  = sizeof(struct xt_statistic_info),
	.me         = THIS_MODULE,
};

static int __init statistic_mt_init(void)
{
	return xt_register_match(&xt_statistic_mt_reg);
}

static void __exit statistic_mt_exit(void)
{
	xt_unregister_match(&xt_statistic_mt_reg);
}

module_init(statistic_mt_init);
module_exit(statistic_mt_exit);
Commit	Line	Data
f3389805 PM	1	/*
	2	* Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
	3	*
	4	* This program is free software; you can redistribute it and/or modify
	5	* it under the terms of the GNU General Public License version 2 as
	6	* published by the Free Software Foundation.
	7	*
	8	* Based on ipt_random and ipt_nth by Fabrice MARIE <fabrice@netfilter.org>.
	9	*/
	10
	11	#include <linux/init.h>
	12	#include <linux/spinlock.h>
	13	#include <linux/skbuff.h>
	14	#include <linux/net.h>
	15
	16	#include <linux/netfilter/xt_statistic.h>
	17	#include <linux/netfilter/x_tables.h>
	18
	19	MODULE_LICENSE("GPL");
	20	MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
2ae15b64	21	MODULE_DESCRIPTION("Xtables: statistics-based matching (\"Nth\", random)");
f3389805 PM	22	MODULE_ALIAS("ipt_statistic");
	23	MODULE_ALIAS("ip6t_statistic");
	24
	25	static DEFINE_SPINLOCK(nth_lock);
	26
1d93a9cb	27	static bool
f7108a20	28	statistic_mt(const struct sk_buff skb, const struct xt_match_param par)
f3389805	29	{
f7108a20	30	struct xt_statistic_info info = (void )par->matchinfo;
1d93a9cb	31	bool ret = info->flags & XT_STATISTIC_INVERT;
f3389805 PM	32
	33	switch (info->mode) {
	34	case XT_STATISTIC_MODE_RANDOM:
	35	if ((net_random() & 0x7FFFFFFF) < info->u.random.probability)
1d93a9cb	36	ret = !ret;
f3389805 PM	37	break;
	38	case XT_STATISTIC_MODE_NTH:
	39	info = info->master;
	40	spin_lock_bh(&nth_lock);
	41	if (info->u.nth.count++ == info->u.nth.every) {
	42	info->u.nth.count = 0;
1d93a9cb	43	ret = !ret;
f3389805 PM	44	}
	45	spin_unlock_bh(&nth_lock);
	46	break;
	47	}
	48
	49	return ret;
	50	}
	51
9b4fce7a	52	static bool statistic_mt_check(const struct xt_mtchk_param *par)
f3389805	53	{
9b4fce7a	54	struct xt_statistic_info *info = par->matchinfo;
f3389805 PM	55
	56	if (info->mode > XT_STATISTIC_MODE_MAX \|\|
	57	info->flags & ~XT_STATISTIC_MASK)
ccb79bdc	58	return false;
f3389805	59	info->master = info;
ccb79bdc	60	return true;
f3389805 PM	61	}
f3389805 PM	62
55b69e91 JE	63	static struct xt_match xt_statistic_mt_reg __read_mostly = {
	64	.name = "statistic",
	65	.revision = 0,
	66	.family = NFPROTO_UNSPEC,
	67	.match = statistic_mt,
	68	.checkentry = statistic_mt_check,
	69	.matchsize = sizeof(struct xt_statistic_info),
	70	.me = THIS_MODULE,
f3389805 PM	71	};
f3389805 PM	72
d3c5ee6d	73	static int __init statistic_mt_init(void)
f3389805	74	{
55b69e91	75	return xt_register_match(&xt_statistic_mt_reg);
f3389805 PM	76	}
f3389805 PM	77
d3c5ee6d	78	static void __exit statistic_mt_exit(void)
f3389805	79	{
55b69e91	80	xt_unregister_match(&xt_statistic_mt_reg);
f3389805 PM	81	}
f3389805 PM	82
d3c5ee6d JE	83	module_init(statistic_mt_init);
d3c5ee6d JE	84	module_exit(statistic_mt_exit);