1 /* Shared library add-on to iptables to add IPMARK target support.
2 * (C) 2003 by Grzegorz Janoszka <Grzegorz.Janoszka@pro.onet.pl>
4 * based on original MARK target
6 * This program is distributed under the terms of GNU GPL
14 #include <linux/netfilter_ipv4/ip_tables.h>
15 #include <linux/netfilter_ipv4/ipt_IPMARK.h>
17 #define IPT_ADDR_USED 1
18 #define IPT_AND_MASK_USED 2
19 #define IPT_OR_MASK_USED 4
22 struct ipt_entry_target t;
23 struct ipt_ipmark_target_info ipmark;
26 /* Function which prints out usage message. */
31 "IPMARK target v%s options:\n"
32 " --addr src/dst use source or destination ip address\n"
33 " --and-mask value logical AND ip address with this value becomes MARK\n"
34 " --or-mask value logical OR ip address with this value becomes MARK\n"
39 static struct option opts[] = {
40 { "addr", 1, 0, '1' },
41 { "and-mask", 1, 0, '2' },
42 { "or-mask", 1, 0, '3' },
46 /* Initialize the target. */
48 init(struct ipt_entry_target *t, unsigned int *nfcache)
50 struct ipt_ipmark_target_info *ipmarkinfo =
51 (struct ipt_ipmark_target_info *)t->data;
53 ipmarkinfo->andmask=0xffffffff;
56 *nfcache |= NFC_UNKNOWN;
59 /* Function which parses command options; returns true if it
62 parse(int c, char **argv, int invert, unsigned int *flags,
63 const struct ipt_entry *entry,
64 struct ipt_entry_target **target)
66 struct ipt_ipmark_target_info *ipmarkinfo
67 = (struct ipt_ipmark_target_info *)(*target)->data;
72 if(!strcmp(optarg, "src")) ipmarkinfo->addr=IPT_IPMARK_SRC;
73 else if(!strcmp(optarg, "dst")) ipmarkinfo->addr=IPT_IPMARK_DST;
74 else exit_error(PARAMETER_PROBLEM, "Bad addr value `%s' - should be `src' or `dst'", optarg);
75 if (*flags & IPT_ADDR_USED)
76 exit_error(PARAMETER_PROBLEM,
77 "IPMARK target: Can't specify --addr twice");
78 *flags |= IPT_ADDR_USED;
82 ipmarkinfo->andmask = strtoul(optarg, &end, 0);
83 if (*end != '\0' || end == optarg)
84 exit_error(PARAMETER_PROBLEM, "Bad and-mask value `%s'", optarg);
85 if (*flags & IPT_AND_MASK_USED)
86 exit_error(PARAMETER_PROBLEM,
87 "IPMARK target: Can't specify --and-mask twice");
88 *flags |= IPT_AND_MASK_USED;
91 ipmarkinfo->ormask = strtoul(optarg, &end, 0);
92 if (*end != '\0' || end == optarg)
93 exit_error(PARAMETER_PROBLEM, "Bad or-mask value `%s'", optarg);
94 if (*flags & IPT_OR_MASK_USED)
95 exit_error(PARAMETER_PROBLEM,
96 "IPMARK target: Can't specify --or-mask twice");
97 *flags |= IPT_OR_MASK_USED;
108 final_check(unsigned int flags)
110 if (!(flags & IPT_ADDR_USED))
111 exit_error(PARAMETER_PROBLEM,
112 "IPMARK target: Parameter --addr is required");
113 if (!(flags & (IPT_AND_MASK_USED | IPT_OR_MASK_USED)))
114 exit_error(PARAMETER_PROBLEM,
115 "IPMARK target: Parameter --and-mask or --or-mask is required");
118 /* Prints out the targinfo. */
120 print(const struct ipt_ip *ip,
121 const struct ipt_entry_target *target,
124 const struct ipt_ipmark_target_info *ipmarkinfo =
125 (const struct ipt_ipmark_target_info *)target->data;
127 if(ipmarkinfo->addr == IPT_IPMARK_SRC)
128 printf("IPMARK src");
130 printf("IPMARK dst");
131 printf(" ip and 0x%lx or 0x%lx", ipmarkinfo->andmask, ipmarkinfo->ormask);
134 /* Saves the union ipt_targinfo in parsable form to stdout. */
136 save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
138 const struct ipt_ipmark_target_info *ipmarkinfo =
139 (const struct ipt_ipmark_target_info *)target->data;
141 if(ipmarkinfo->addr == IPT_IPMARK_SRC)
142 printf("--addr=src ");
144 printf("--addr=dst ");
145 if(ipmarkinfo->andmask != 0xffffffff)
146 printf("--and-mask 0x%lx ", ipmarkinfo->andmask);
147 if(ipmarkinfo->ormask != 0)
148 printf("--or-mask 0x%lx ", ipmarkinfo->ormask);
152 struct iptables_target ipmark
156 IPT_ALIGN(sizeof(struct ipt_ipmark_target_info)),
157 IPT_ALIGN(sizeof(struct ipt_ipmark_target_info)),
169 register_target(&ipmark);