Commit 233f8451 authored by Bart De Schuymer's avatar Bart De Schuymer Committed by David S. Miller

[EBTABLES]: Add ebtables match for the pkt_type member of an skbuff.

parent 659a58e3
#ifndef __LINUX_BRIDGE_EBT_PKTTYPE_H
#define __LINUX_BRIDGE_EBT_PKTTYPE_H
struct ebt_pkttype_info
{
uint8_t pkt_type;
uint8_t invert;
};
#define EBT_PKTTYPE_MATCH "pkttype"
#endif
...@@ -49,7 +49,7 @@ config BRIDGE_EBT_LOG ...@@ -49,7 +49,7 @@ config BRIDGE_EBT_LOG
If you want to compile it as a module, say M here and read If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'. <file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_IPF config BRIDGE_EBT_IP
tristate "ebt: IP filter support" tristate "ebt: IP filter support"
depends on BRIDGE_NF_EBTABLES depends on BRIDGE_NF_EBTABLES
help help
...@@ -59,7 +59,7 @@ config BRIDGE_EBT_IPF ...@@ -59,7 +59,7 @@ config BRIDGE_EBT_IPF
If you want to compile it as a module, say M here and read If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'. <file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_ARPF config BRIDGE_EBT_ARP
tristate "ebt: ARP filter support" tristate "ebt: ARP filter support"
depends on BRIDGE_NF_EBTABLES depends on BRIDGE_NF_EBTABLES
help help
...@@ -69,7 +69,7 @@ config BRIDGE_EBT_ARPF ...@@ -69,7 +69,7 @@ config BRIDGE_EBT_ARPF
If you want to compile it as a module, say M here and read If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'. <file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_VLANF config BRIDGE_EBT_VLAN
tristate "ebt: 802.1Q VLAN filter support" tristate "ebt: 802.1Q VLAN filter support"
depends on BRIDGE_NF_EBTABLES depends on BRIDGE_NF_EBTABLES
help help
...@@ -79,7 +79,7 @@ config BRIDGE_EBT_VLANF ...@@ -79,7 +79,7 @@ config BRIDGE_EBT_VLANF
If you want to compile it as a module, say M here and read If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'. <file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_MARKF config BRIDGE_EBT_MARK
tristate "ebt: mark filter support" tristate "ebt: mark filter support"
depends on BRIDGE_NF_EBTABLES depends on BRIDGE_NF_EBTABLES
help help
...@@ -91,6 +91,18 @@ config BRIDGE_EBT_MARKF ...@@ -91,6 +91,18 @@ config BRIDGE_EBT_MARKF
If you want to compile it as a module, say M here and read If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'. <file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_PKTTYPE
tristate "ebt: packet type filter support"
depends on BRIDGE_NF_EBTABLES
help
This option adds the packet type match, which allows matching on the
type of packet based on its Ethernet "class" (as determined by
the generic networking code): broadcast, multicast,
for this host alone or for another host.
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
config BRIDGE_EBT_SNAT config BRIDGE_EBT_SNAT
tristate "ebt: snat target support" tristate "ebt: snat target support"
depends on BRIDGE_NF_EBTABLES depends on BRIDGE_NF_EBTABLES
......
...@@ -6,10 +6,11 @@ obj-$(CONFIG_BRIDGE_NF_EBTABLES) += ebtables.o ...@@ -6,10 +6,11 @@ obj-$(CONFIG_BRIDGE_NF_EBTABLES) += ebtables.o
obj-$(CONFIG_BRIDGE_EBT_T_FILTER) += ebtable_filter.o obj-$(CONFIG_BRIDGE_EBT_T_FILTER) += ebtable_filter.o
obj-$(CONFIG_BRIDGE_EBT_T_NAT) += ebtable_nat.o obj-$(CONFIG_BRIDGE_EBT_T_NAT) += ebtable_nat.o
obj-$(CONFIG_BRIDGE_EBT_BROUTE) += ebtable_broute.o obj-$(CONFIG_BRIDGE_EBT_BROUTE) += ebtable_broute.o
obj-$(CONFIG_BRIDGE_EBT_IPF) += ebt_ip.o obj-$(CONFIG_BRIDGE_EBT_IP) += ebt_ip.o
obj-$(CONFIG_BRIDGE_EBT_ARPF) += ebt_arp.o obj-$(CONFIG_BRIDGE_EBT_ARP) += ebt_arp.o
obj-$(CONFIG_BRIDGE_EBT_VLANF) += ebt_vlan.o obj-$(CONFIG_BRIDGE_EBT_VLAN) += ebt_vlan.o
obj-$(CONFIG_BRIDGE_EBT_MARKF) += ebt_mark_m.o obj-$(CONFIG_BRIDGE_EBT_MARK) += ebt_mark_m.o
obj-$(CONFIG_BRIDGE_EBT_PKTTYPE) += ebt_pkttype.o
obj-$(CONFIG_BRIDGE_EBT_LOG) += ebt_log.o obj-$(CONFIG_BRIDGE_EBT_LOG) += ebt_log.o
obj-$(CONFIG_BRIDGE_EBT_SNAT) += ebt_snat.o obj-$(CONFIG_BRIDGE_EBT_SNAT) += ebt_snat.o
obj-$(CONFIG_BRIDGE_EBT_DNAT) += ebt_dnat.o obj-$(CONFIG_BRIDGE_EBT_DNAT) += ebt_dnat.o
......
/*
* ebt_pkttype
*
* Authors:
* Bart De Schuymer <bdschuym@pandora.be>
*
* April, 2003
*
*/
#include <linux/netfilter_bridge/ebtables.h>
#include <linux/netfilter_bridge/ebt_pkttype.h>
#include <linux/module.h>
static int ebt_filter_pkttype(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const void *data,
unsigned int datalen)
{
struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data;
return (skb->pkt_type != info->pkt_type) ^ info->invert;
}
static int ebt_pkttype_check(const char *tablename, unsigned int hookmask,
const struct ebt_entry *e, void *data, unsigned int datalen)
{
struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data;
if (datalen != sizeof(struct ebt_pkttype_info))
return -EINVAL;
if (info->invert != 0 && info->invert != 1)
return -EINVAL;
/* Allow any pkt_type value */
return 0;
}
static struct ebt_match filter_pkttype =
{
.name = EBT_PKTTYPE_MATCH,
.match = ebt_filter_pkttype,
.check = ebt_pkttype_check,
.me = THIS_MODULE,
};
static int __init init(void)
{
return ebt_register_match(&filter_pkttype);
}
static void __exit fini(void)
{
ebt_unregister_match(&filter_pkttype);
}
module_init(init);
module_exit(fini);
MODULE_LICENSE("GPL");
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment