net/ipv6/netfilter/ip6t_HL.c

   1 /*
   2  * Hop Limit modification target for ip6tables
   3  * Maciej Soltysiak <solt@dns.toxicfilms.tv>
   4  * Based on HW's TTL module
   5  *
   6  * This software is distributed under the terms of GNU GPL
   7  */
   8
   9 #include <linux/module.h>
  10 #include <linux/skbuff.h>
  11 #include <linux/ip.h>
  12 #include <linux/ipv6.h>
  13
  14 #include <linux/netfilter/x_tables.h>
  15 #include <linux/netfilter_ipv6/ip6t_HL.h>
  16
  17 MODULE_AUTHOR("Maciej Soltysiak <solt@dns.toxicfilms.tv>");
  18 MODULE_DESCRIPTION("Xtables: IPv6 Hop Limit field modification target");
  19 MODULE_LICENSE("GPL");
  20
  21 static unsigned int
  22 hl_tg6(struct sk_buff *skb, const struct xt_target_param *par)
  23 {
  24         struct ipv6hdr *ip6h;
  25         const struct ip6t_HL_info *info = par->targinfo;
  26         int new_hl;
  27
  28         if (!skb_make_writable(skb, skb->len))
  29                 return NF_DROP;
  30
  31         ip6h = ipv6_hdr(skb);
  32
  33         switch (info->mode) {
  34                 case IP6T_HL_SET:
  35                         new_hl = info->hop_limit;
  36                         break;
  37                 case IP6T_HL_INC:
  38                         new_hl = ip6h->hop_limit + info->hop_limit;
  39                         if (new_hl > 255)
  40                                 new_hl = 255;
  41                         break;
  42                 case IP6T_HL_DEC:
  43                         new_hl = ip6h->hop_limit - info->hop_limit;
  44                         if (new_hl < 0)
  45                                 new_hl = 0;
  46                         break;
  47                 default:
  48                         new_hl = ip6h->hop_limit;
  49                         break;
  50         }
  51
  52         ip6h->hop_limit = new_hl;
  53
  54         return XT_CONTINUE;
  55 }
  56
  57 static bool hl_tg6_check(const struct xt_tgchk_param *par)
  58 {
  59         const struct ip6t_HL_info *info = par->targinfo;
  60
  61         if (info->mode > IP6T_HL_MAXMODE) {
  62                 printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n",
  63                         info->mode);
  64                 return false;
  65         }
  66         if (info->mode != IP6T_HL_SET && info->hop_limit == 0) {
  67                 printk(KERN_WARNING "ip6t_HL: increment/decrement doesn't "
  68                         "make sense with value 0\n");
  69                 return false;
  70         }
  71         return true;
  72 }
  73
  74 static struct xt_target hl_tg6_reg __read_mostly = {
  75         .name           = "HL",
  76         .family         = NFPROTO_IPV6,
  77         .target         = hl_tg6,
  78         .targetsize     = sizeof(struct ip6t_HL_info),
  79         .table          = "mangle",
  80         .checkentry     = hl_tg6_check,
  81         .me             = THIS_MODULE
  82 };
  83
  84 static int __init hl_tg6_init(void)
  85 {
  86         return xt_register_target(&hl_tg6_reg);
  87 }
  88
  89 static void __exit hl_tg6_exit(void)
  90 {
  91         xt_unregister_target(&hl_tg6_reg);
  92 }
  93
  94 module_init(hl_tg6_init);
  95 module_exit(hl_tg6_exit);