Commit | Line | Data |
---|---|---|
d2912cb1 | 1 | // SPDX-License-Identifier: GPL-2.0-only |
17b0d7ef JE |
2 | /* |
3 | * xt_mark - Netfilter module to match NFMARK value | |
4 | * | |
5 | * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> | |
6 | * Copyright © CC Computer Consultants GmbH, 2007 - 2008 | |
4725c728 | 7 | * Jan Engelhardt <jengelh@medozas.de> |
1da177e4 LT |
8 | */ |
9 | ||
10 | #include <linux/module.h> | |
11 | #include <linux/skbuff.h> | |
12 | ||
2e4e6a17 HW |
13 | #include <linux/netfilter/xt_mark.h> |
14 | #include <linux/netfilter/x_tables.h> | |
1da177e4 LT |
15 | |
16 | MODULE_LICENSE("GPL"); | |
17 | MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); | |
28b94988 | 18 | MODULE_DESCRIPTION("Xtables: packet mark operations"); |
2e4e6a17 HW |
19 | MODULE_ALIAS("ipt_mark"); |
20 | MODULE_ALIAS("ip6t_mark"); | |
28b94988 JE |
21 | MODULE_ALIAS("ipt_MARK"); |
22 | MODULE_ALIAS("ip6t_MARK"); | |
12b7ed29 | 23 | MODULE_ALIAS("arpt_MARK"); |
28b94988 JE |
24 | |
25 | static unsigned int | |
4b560b44 | 26 | mark_tg(struct sk_buff *skb, const struct xt_action_param *par) |
28b94988 JE |
27 | { |
28 | const struct xt_mark_tginfo2 *info = par->targinfo; | |
29 | ||
30 | skb->mark = (skb->mark & ~info->mask) ^ info->mark; | |
31 | return XT_CONTINUE; | |
32 | } | |
1da177e4 | 33 | |
1d93a9cb | 34 | static bool |
62fc8051 | 35 | mark_mt(const struct sk_buff *skb, struct xt_action_param *par) |
1da177e4 | 36 | { |
f7108a20 | 37 | const struct xt_mark_mtinfo1 *info = par->matchinfo; |
1da177e4 | 38 | |
82e91ffe | 39 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; |
1da177e4 LT |
40 | } |
41 | ||
28b94988 JE |
42 | static struct xt_target mark_tg_reg __read_mostly = { |
43 | .name = "MARK", | |
44 | .revision = 2, | |
45 | .family = NFPROTO_UNSPEC, | |
46 | .target = mark_tg, | |
47 | .targetsize = sizeof(struct xt_mark_tginfo2), | |
48 | .me = THIS_MODULE, | |
49 | }; | |
50 | ||
4725c728 JE |
51 | static struct xt_match mark_mt_reg __read_mostly = { |
52 | .name = "mark", | |
53 | .revision = 1, | |
54 | .family = NFPROTO_UNSPEC, | |
55 | .match = mark_mt, | |
56 | .matchsize = sizeof(struct xt_mark_mtinfo1), | |
57 | .me = THIS_MODULE, | |
1da177e4 LT |
58 | }; |
59 | ||
d3c5ee6d | 60 | static int __init mark_mt_init(void) |
1da177e4 | 61 | { |
28b94988 JE |
62 | int ret; |
63 | ||
64 | ret = xt_register_target(&mark_tg_reg); | |
65 | if (ret < 0) | |
66 | return ret; | |
67 | ret = xt_register_match(&mark_mt_reg); | |
68 | if (ret < 0) { | |
69 | xt_unregister_target(&mark_tg_reg); | |
70 | return ret; | |
71 | } | |
72 | return 0; | |
1da177e4 LT |
73 | } |
74 | ||
d3c5ee6d | 75 | static void __exit mark_mt_exit(void) |
1da177e4 | 76 | { |
4725c728 | 77 | xt_unregister_match(&mark_mt_reg); |
28b94988 | 78 | xt_unregister_target(&mark_tg_reg); |
1da177e4 LT |
79 | } |
80 | ||
d3c5ee6d JE |
81 | module_init(mark_mt_init); |
82 | module_exit(mark_mt_exit); |