1 /* Shared library add-on to iptables to add MAC address support. */
7 #if defined(__GLIBC__) && __GLIBC__ == 2
8 #include <net/ethernet.h>
10 #include <linux/if_ether.h>
12 #include <ip6tables.h>
13 #include <linux/netfilter_ipv6/ip6t_mac.h>
15 /* Function which prints out usage message. */
21 " --mac-source [!] XX:XX:XX:XX:XX:XX\n"
22 " Match source MAC address\n"
23 "\n", IPTABLES_VERSION);
26 static struct option opts[] = {
27 { "mac-source", 1, 0, '1' },
32 parse_mac(const char *mac, struct ip6t_mac_info *info)
36 if (strlen(mac) != ETH_ALEN*3-1)
37 exit_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac);
39 for (i = 0; i < ETH_ALEN; i++) {
43 number = strtol(mac + i*3, &end, 16);
45 if (end == mac + i*3 + 2
48 info->srcaddr[i] = number;
50 exit_error(PARAMETER_PROBLEM,
51 "Bad mac address `%s'", mac);
55 /* Function which parses command options; returns true if it
58 parse(int c, char **argv, int invert, unsigned int *flags,
59 const struct ip6t_entry *entry,
60 unsigned int *nfcache,
61 struct ip6t_entry_match **match)
63 struct ip6t_mac_info *macinfo = (struct ip6t_mac_info *)(*match)->data;
67 check_inverse(optarg, &invert, &optind, 0);
68 parse_mac(argv[optind-1], macinfo);
81 static void print_mac(unsigned char macaddress[ETH_ALEN])
85 printf("%02X", macaddress[0]);
86 for (i = 1; i < ETH_ALEN; i++)
87 printf(":%02X", macaddress[i]);
91 /* Final check; must have specified --mac. */
92 static void final_check(unsigned int flags)
95 exit_error(PARAMETER_PROBLEM,
96 "You must specify `--mac-source'");
99 /* Prints out the matchinfo. */
101 print(const struct ip6t_ip6 *ip,
102 const struct ip6t_entry_match *match,
107 if (((struct ip6t_mac_info *)match->data)->invert)
110 print_mac(((struct ip6t_mac_info *)match->data)->srcaddr);
113 /* Saves the union ip6t_matchinfo in parsable form to stdout. */
114 static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match)
116 if (((struct ip6t_mac_info *)match->data)->invert)
119 printf("--mac-source ");
120 print_mac(((struct ip6t_mac_info *)match->data)->srcaddr);
123 static struct ip6tables_match mac = {
125 .version = IPTABLES_VERSION,
126 .size = IP6T_ALIGN(sizeof(struct ip6t_mac_info)),
127 .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_mac_info)),
130 .final_check = &final_check,
138 register_match6(&mac);