1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
* Patrick Schaaf <bof@bof.de>
3
* Martin Josefsson <gandalf@wlug.westbo.se>
4
* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License version 2 as
8
* published by the Free Software Foundation.
11
/* ipt_SET.c - netfilter target to manipulate IP sets */
13
#include <linux/types.h>
15
#include <linux/timer.h>
16
#include <linux/module.h>
17
#include <linux/netfilter.h>
18
#include <linux/netdevice.h>
20
#include <linux/inetdevice.h>
21
#include <linux/version.h>
22
#include <net/protocol.h>
23
#include <net/checksum.h>
24
#include <linux/netfilter_ipv4.h>
25
#include <linux/netfilter_ipv4/ip_tables.h>
29
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
30
target(struct sk_buff *skb,
32
target(struct sk_buff **pskb,
34
const struct net_device *in,
35
const struct net_device *out,
37
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
38
const struct xt_target *target,
40
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
47
const struct ipt_set_info_target *info = targinfo;
48
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,24)
49
struct sk_buff *skb = *pskb;
53
if (info->add_set.index != IP_SET_INVALID_ID)
54
ip_set_addip_kernel(info->add_set.index,
57
if (info->del_set.index != IP_SET_INVALID_ID)
58
ip_set_delip_kernel(info->del_set.index,
65
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
70
checkentry(const char *tablename,
71
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
74
const struct ipt_entry *e,
76
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
77
const struct xt_target *target,
80
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
81
unsigned int targinfosize,
83
unsigned int hook_mask)
85
struct ipt_set_info_target *info = targinfo;
88
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
89
if (targinfosize != IPT_ALIGN(sizeof(*info))) {
90
DP("bad target info size %u", targinfosize);
95
if (info->add_set.index != IP_SET_INVALID_ID) {
96
index = ip_set_get_byindex(info->add_set.index);
97
if (index == IP_SET_INVALID_ID) {
98
ip_set_printk("cannot find add_set index %u as target",
100
return 0; /* error */
104
if (info->del_set.index != IP_SET_INVALID_ID) {
105
index = ip_set_get_byindex(info->del_set.index);
106
if (index == IP_SET_INVALID_ID) {
107
ip_set_printk("cannot find del_set index %u as target",
108
info->del_set.index);
109
return 0; /* error */
112
if (info->add_set.flags[IP_SET_MAX_BINDINGS] != 0
113
|| info->del_set.flags[IP_SET_MAX_BINDINGS] != 0) {
114
ip_set_printk("That's nasty!");
115
return 0; /* error */
122
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
123
const struct xt_target *target,
125
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
126
void *targetinfo, unsigned int targetsize)
131
struct ipt_set_info_target *info = targetinfo;
133
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
134
if (targetsize != IPT_ALIGN(sizeof(struct ipt_set_info_target))) {
135
ip_set_printk("invalid targetsize %d", targetsize);
139
if (info->add_set.index != IP_SET_INVALID_ID)
140
ip_set_put(info->add_set.index);
141
if (info->del_set.index != IP_SET_INVALID_ID)
142
ip_set_put(info->del_set.index);
145
static struct ipt_target SET_target = {
147
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
151
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
152
.targetsize = sizeof(struct ipt_set_info_target),
154
.checkentry = checkentry,
159
MODULE_LICENSE("GPL");
160
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
161
MODULE_DESCRIPTION("iptables IP set target module");
163
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
164
#define ipt_register_target xt_register_target
165
#define ipt_unregister_target xt_unregister_target
168
static int __init ipt_SET_init(void)
170
return ipt_register_target(&SET_target);
173
static void __exit ipt_SET_fini(void)
175
ipt_unregister_target(&SET_target);
178
module_init(ipt_SET_init);
179
module_exit(ipt_SET_fini);