2 * IPv6 Hop Limit matching module
3 * Maciej Soltysiak <solt@dns.toxicfilms.tv>
4 * Based on HW's ttl match
5 * This program is released under the terms of GNU GPL
6 * Cleanups by Stephane Ouellette <ouellettes@videotron.ca>
13 #include <ip6tables.h>
15 #include <linux/netfilter_ipv6/ip6_tables.h>
16 #include <linux/netfilter_ipv6/ip6t_hl.h>
18 static void hl_help(void)
22 " --hl-eq [!] value Match hop limit value\n"
23 " --hl-lt value Match HL < value\n"
24 " --hl-gt value Match HL > value\n");
27 static int hl_parse(int c, char **argv, int invert, unsigned int *flags,
28 const void *entry, struct xt_entry_match **match)
30 struct ip6t_hl_info *info = (struct ip6t_hl_info *) (*match)->data;
33 check_inverse(optarg, &invert, &optind, 0);
34 value = atoi(argv[optind-1]);
37 exit_error(PARAMETER_PROBLEM,
38 "Can't specify HL option twice");
41 exit_error(PARAMETER_PROBLEM,
42 "hl: You must specify a value");
46 info->mode = IP6T_HL_NE;
48 info->mode = IP6T_HL_EQ;
51 info->hop_limit = value;
57 exit_error(PARAMETER_PROBLEM,
58 "hl: unexpected `!'");
60 info->mode = IP6T_HL_LT;
61 info->hop_limit = value;
67 exit_error(PARAMETER_PROBLEM,
68 "hl: unexpected `!'");
70 info->mode = IP6T_HL_GT;
71 info->hop_limit = value;
82 static void hl_check(unsigned int flags)
85 exit_error(PARAMETER_PROBLEM,
86 "HL match: You must specify one of "
87 "`--hl-eq', `--hl-lt', `--hl-gt'");
90 static void hl_print(const void *ip, const struct xt_entry_match *match,
93 static const char *op[] = {
99 const struct ip6t_hl_info *info =
100 (struct ip6t_hl_info *) match->data;
102 printf("HL match HL %s %u ", op[info->mode], info->hop_limit);
105 static void hl_save(const void *ip, const struct xt_entry_match *match)
107 static const char *op[] = {
109 [IP6T_HL_NE] = "eq !",
111 [IP6T_HL_GT] = "gt" };
113 const struct ip6t_hl_info *info =
114 (struct ip6t_hl_info *) match->data;
116 printf("--hl-%s %u ", op[info->mode], info->hop_limit);
119 static const struct option hl_opts[] = {
120 { .name = "hl", .has_arg = 1, .val = '2' },
121 { .name = "hl-eq", .has_arg = 1, .val = '2' },
122 { .name = "hl-lt", .has_arg = 1, .val = '3' },
123 { .name = "hl-gt", .has_arg = 1, .val = '4' },
127 static struct xtables_match hl_mt6_reg = {
129 .version = XTABLES_VERSION,
131 .size = XT_ALIGN(sizeof(struct ip6t_hl_info)),
132 .userspacesize = XT_ALIGN(sizeof(struct ip6t_hl_info)),
135 .final_check = hl_check,
138 .extra_opts = hl_opts,
144 xtables_register_match(&hl_mt6_reg);