1 /* Shared library add-on to iptables to add MAC address support. */
7 #if defined(__GLIBC__) && __GLIBC__ == 2
8 #include <net/ethernet.h>
10 #include <linux/if_ether.h>
12 #include <ip6tables.h>
13 #include <linux/netfilter_ipv6/ip6t_mac.h>
15 /* Function which prints out usage message. */
21 " --mac-source [!] XX:XX:XX:XX:XX:XX\n"
22 " Match source MAC address\n"
23 "\n", IPTABLES_VERSION);
26 static struct option opts[] = {
27 { "mac-source", 1, 0, '1' },
31 /* Initialize the match. */
33 init(struct ip6t_entry_match *m, unsigned int *nfcache)
35 /* Can't cache this */
36 *nfcache |= NFC_UNKNOWN;
40 parse_mac(const char *mac, struct ip6t_mac_info *info)
44 if (strlen(mac) != ETH_ALEN*3-1)
45 exit_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac);
47 for (i = 0; i < ETH_ALEN; i++) {
51 number = strtol(mac + i*3, &end, 16);
53 if (end == mac + i*3 + 2
56 info->srcaddr[i] = number;
58 exit_error(PARAMETER_PROBLEM,
59 "Bad mac address `%s'", mac);
63 /* Function which parses command options; returns true if it
66 parse(int c, char **argv, int invert, unsigned int *flags,
67 const struct ip6t_entry *entry,
68 unsigned int *nfcache,
69 struct ip6t_entry_match **match)
71 struct ip6t_mac_info *macinfo = (struct ip6t_mac_info *)(*match)->data;
75 check_inverse(optarg, &invert, &optind, 0);
76 parse_mac(argv[optind-1], macinfo);
89 static void print_mac(unsigned char macaddress[ETH_ALEN])
93 printf("%02X", macaddress[0]);
94 for (i = 1; i < ETH_ALEN; i++)
95 printf(":%02X", macaddress[i]);
99 /* Final check; must have specified --mac. */
100 static void final_check(unsigned int flags)
103 exit_error(PARAMETER_PROBLEM,
104 "You must specify `--mac-source'");
107 /* Prints out the matchinfo. */
109 print(const struct ip6t_ip6 *ip,
110 const struct ip6t_entry_match *match,
115 if (((struct ip6t_mac_info *)match->data)->invert)
118 print_mac(((struct ip6t_mac_info *)match->data)->srcaddr);
121 /* Saves the union ip6t_matchinfo in parsable form to stdout. */
122 static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match)
124 if (((struct ip6t_mac_info *)match->data)->invert)
127 printf("--mac-source ");
128 print_mac(((struct ip6t_mac_info *)match->data)->srcaddr);
132 struct ip6tables_match mac
136 IP6T_ALIGN(sizeof(struct ip6t_mac_info)),
137 IP6T_ALIGN(sizeof(struct ip6t_mac_info)),
149 register_match6(&mac);