duprintf("Chunk num: %d\toffset: %d\ttype: %d\tlength: %d\tflags: %x\n",
++i, offset, sch->type, htons(sch->length), sch->flags);
- offset += (htons(sch->length) + 3) & ~3;
+ offset += (ntohs(sch->length) + 3) & ~3;
duprintf("skb->len: %d\toffset: %d\n", skb->len, offset);
match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
+ const struct xt_match *match,
const void *matchinfo,
int offset,
unsigned int protoff,
int *hotdrop)
{
- const struct xt_sctp_info *info;
+ const struct xt_sctp_info *info = matchinfo;
sctp_sctphdr_t _sh, *sh;
- info = (const struct xt_sctp_info *)matchinfo;
-
if (offset) {
duprintf("Dropping non-first fragment.. FIXME\n");
return 0;
&& SCCHECK(((ntohs(sh->dest) >= info->dpts[0])
&& (ntohs(sh->dest) <= info->dpts[1])),
XT_SCTP_DEST_PORTS, info->flags, info->invflags)
- && SCCHECK(match_packet(skb, protoff,
+ && SCCHECK(match_packet(skb, protoff + sizeof (sctp_sctphdr_t),
info->chunkmap, info->chunk_match_type,
info->flag_info, info->flag_count,
hotdrop),
static int
checkentry(const char *tablename,
const void *inf,
+ const struct xt_match *match,
void *matchinfo,
- unsigned int matchsize,
unsigned int hook_mask)
{
- const struct xt_sctp_info *info;
- const struct ipt_ip *ip = inf;
-
- info = (const struct xt_sctp_info *)matchinfo;
+ const struct xt_sctp_info *info = matchinfo;
- return ip->proto == IPPROTO_SCTP
- && !(ip->invflags & XT_INV_PROTO)
- && matchsize == XT_ALIGN(sizeof(struct xt_sctp_info))
- && !(info->flags & ~XT_SCTP_VALID_FLAGS)
+ return !(info->flags & ~XT_SCTP_VALID_FLAGS)
&& !(info->invflags & ~XT_SCTP_VALID_FLAGS)
&& !(info->invflags & ~info->flags)
&& ((!(info->flags & XT_SCTP_CHUNK_TYPES)) ||
| SCTP_CHUNK_MATCH_ONLY)));
}
-static int
-checkentry6(const char *tablename,
- const void *inf,
- void *matchinfo,
- unsigned int matchsize,
- unsigned int hook_mask)
-{
- const struct xt_sctp_info *info;
- const struct ip6t_ip6 *ip = inf;
-
- info = (const struct xt_sctp_info *)matchinfo;
-
- return ip->proto == IPPROTO_SCTP
- && !(ip->invflags & XT_INV_PROTO)
- && matchsize == XT_ALIGN(sizeof(struct xt_sctp_info))
- && !(info->flags & ~XT_SCTP_VALID_FLAGS)
- && !(info->invflags & ~XT_SCTP_VALID_FLAGS)
- && !(info->invflags & ~info->flags)
- && ((!(info->flags & XT_SCTP_CHUNK_TYPES)) ||
- (info->chunk_match_type &
- (SCTP_CHUNK_MATCH_ALL
- | SCTP_CHUNK_MATCH_ANY
- | SCTP_CHUNK_MATCH_ONLY)));
-}
-
-
-static struct xt_match sctp_match =
-{
- .name = "sctp",
- .match = &match,
- .checkentry = &checkentry,
- .me = THIS_MODULE
-};
-static struct xt_match sctp6_match =
-{
- .name = "sctp",
- .match = &match,
- .checkentry = &checkentry6,
- .me = THIS_MODULE
+static struct xt_match xt_sctp_match[] = {
+ {
+ .name = "sctp",
+ .family = AF_INET,
+ .checkentry = checkentry,
+ .match = match,
+ .matchsize = sizeof(struct xt_sctp_info),
+ .proto = IPPROTO_SCTP,
+ .me = THIS_MODULE
+ },
+ {
+ .name = "sctp",
+ .family = AF_INET6,
+ .checkentry = checkentry,
+ .match = match,
+ .matchsize = sizeof(struct xt_sctp_info),
+ .proto = IPPROTO_SCTP,
+ .me = THIS_MODULE
+ },
};
-
-static int __init init(void)
+static int __init xt_sctp_init(void)
{
- int ret;
- ret = xt_register_match(AF_INET, &sctp_match);
- if (ret)
- return ret;
-
- ret = xt_register_match(AF_INET6, &sctp6_match);
- if (ret)
- xt_unregister_match(AF_INET, &sctp_match);
-
- return ret;
+ return xt_register_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
}
-static void __exit fini(void)
+static void __exit xt_sctp_fini(void)
{
- xt_unregister_match(AF_INET6, &sctp6_match);
- xt_unregister_match(AF_INET, &sctp_match);
+ xt_unregister_matches(xt_sctp_match, ARRAY_SIZE(xt_sctp_match));
}
-module_init(init);
-module_exit(fini);
+module_init(xt_sctp_init);
+module_exit(xt_sctp_fini);