1 /* Shared library add-on to iptables to add TOS matching support. */
9 #include <linux/netfilter_ipv4/ipt_tos.h>
11 /* TOS names and values. */
18 { IPTOS_LOWDELAY, "Minimize-Delay" },
19 { IPTOS_THROUGHPUT, "Maximize-Throughput" },
20 { IPTOS_RELIABILITY, "Maximize-Reliability" },
21 { IPTOS_MINCOST, "Minimize-Cost" },
22 { IPTOS_NORMALSVC, "Normal-Service" },
25 /* Function which prints out usage message. */
32 "TOS match v%s options:\n"
33 "[!] --tos value Match Type of Service field from one of the\n"
34 " following numeric or descriptive values:\n",
37 for (i = 0; i < sizeof(TOS_values)/sizeof(struct TOS_value);i++)
38 printf(" %s %u (0x%02x)\n",
45 static struct option opts[] = {
51 parse_tos(const char *s, struct ipt_tos_info *info)
56 if (string_to_number(s, 0, 255, &tos) != -1) {
57 if (tos == IPTOS_LOWDELAY
58 || tos == IPTOS_THROUGHPUT
59 || tos == IPTOS_RELIABILITY
60 || tos == IPTOS_MINCOST
61 || tos == IPTOS_NORMALSVC) {
62 info->tos = (u_int8_t )tos;
66 for (i = 0; i<sizeof(TOS_values)/sizeof(struct TOS_value); i++)
67 if (strcasecmp(s,TOS_values[i].name) == 0) {
68 info->tos = TOS_values[i].TOS;
72 exit_error(PARAMETER_PROBLEM, "Bad TOS value `%s'", s);
75 /* Function which parses command options; returns true if it
78 parse(int c, char **argv, int invert, unsigned int *flags,
79 const struct ipt_entry *entry,
80 unsigned int *nfcache,
81 struct ipt_entry_match **match)
83 struct ipt_tos_info *tosinfo = (struct ipt_tos_info *)(*match)->data;
87 /* Ensure that `--tos' haven't been used yet. */
89 exit_error(PARAMETER_PROBLEM,
90 "tos match: only use --tos once!");
92 check_inverse(optarg, &invert, &optind, 0);
93 parse_tos(argv[optind-1], tosinfo);
106 print_tos(u_int8_t tos, int numeric)
111 for (i = 0; i<sizeof(TOS_values)/sizeof(struct TOS_value); i++)
112 if (TOS_values[i].TOS == tos) {
113 printf("%s ", TOS_values[i].name);
117 printf("0x%02x ", tos);
120 /* Final check; must have specified --tos. */
122 final_check(unsigned int flags)
125 exit_error(PARAMETER_PROBLEM,
126 "TOS match: You must specify `--tos'");
129 /* Prints out the matchinfo. */
131 print(const struct ipt_ip *ip,
132 const struct ipt_entry_match *match,
135 const struct ipt_tos_info *info = (const struct ipt_tos_info *)match->data;
137 printf("TOS match ");
140 print_tos(info->tos, numeric);
143 /* Saves the union ipt_matchinfo in parsable form to stdout. */
145 save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
147 const struct ipt_tos_info *info = (const struct ipt_tos_info *)match->data;
152 print_tos(info->tos, 0);
155 static struct iptables_match tos = {
158 .version = IPTABLES_VERSION,
159 .size = IPT_ALIGN(sizeof(struct ipt_tos_info)),
160 .userspacesize = IPT_ALIGN(sizeof(struct ipt_tos_info)),
163 .final_check = &final_check,
171 register_match(&tos);