Merge master.kernel.org:/pub/scm/linux/kernel/git/herbert/crypto-2.6
[linux-2.6] / net / netfilter / xt_DSCP.c
1 /* x_tables module for setting the IPv4/IPv6 DSCP field, Version 1.8
2  *
3  * (C) 2002 by Harald Welte <laforge@netfilter.org>
4  * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License version 2 as
8  * published by the Free Software Foundation.
9  *
10  * See RFC2474 for a description of the DSCP field within the IP Header.
11 */
12
13 #include <linux/module.h>
14 #include <linux/skbuff.h>
15 #include <linux/ip.h>
16 #include <linux/ipv6.h>
17 #include <net/dsfield.h>
18
19 #include <linux/netfilter/x_tables.h>
20 #include <linux/netfilter/xt_DSCP.h>
21
22 MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
23 MODULE_DESCRIPTION("x_tables DSCP modification module");
24 MODULE_LICENSE("GPL");
25 MODULE_ALIAS("ipt_DSCP");
26 MODULE_ALIAS("ip6t_DSCP");
27
28 static unsigned int target(struct sk_buff **pskb,
29                            const struct net_device *in,
30                            const struct net_device *out,
31                            unsigned int hooknum,
32                            const struct xt_target *target,
33                            const void *targinfo)
34 {
35         const struct xt_DSCP_info *dinfo = targinfo;
36         u_int8_t dscp = ipv4_get_dsfield(ip_hdr(*pskb)) >> XT_DSCP_SHIFT;
37
38         if (dscp != dinfo->dscp) {
39                 if (!skb_make_writable(pskb, sizeof(struct iphdr)))
40                         return NF_DROP;
41
42                 ipv4_change_dsfield(ip_hdr(*pskb), (__u8)(~XT_DSCP_MASK),
43                                     dinfo->dscp << XT_DSCP_SHIFT);
44
45         }
46         return XT_CONTINUE;
47 }
48
49 static unsigned int target6(struct sk_buff **pskb,
50                             const struct net_device *in,
51                             const struct net_device *out,
52                             unsigned int hooknum,
53                             const struct xt_target *target,
54                             const void *targinfo)
55 {
56         const struct xt_DSCP_info *dinfo = targinfo;
57         u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(*pskb)) >> XT_DSCP_SHIFT;
58
59         if (dscp != dinfo->dscp) {
60                 if (!skb_make_writable(pskb, sizeof(struct ipv6hdr)))
61                         return NF_DROP;
62
63                 ipv6_change_dsfield(ipv6_hdr(*pskb), (__u8)(~XT_DSCP_MASK),
64                                     dinfo->dscp << XT_DSCP_SHIFT);
65         }
66         return XT_CONTINUE;
67 }
68
69 static bool checkentry(const char *tablename,
70                        const void *e_void,
71                        const struct xt_target *target,
72                        void *targinfo,
73                        unsigned int hook_mask)
74 {
75         const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
76
77         if (dscp > XT_DSCP_MAX) {
78                 printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
79                 return false;
80         }
81         return true;
82 }
83
84 static struct xt_target xt_dscp_target[] __read_mostly = {
85         {
86                 .name           = "DSCP",
87                 .family         = AF_INET,
88                 .checkentry     = checkentry,
89                 .target         = target,
90                 .targetsize     = sizeof(struct xt_DSCP_info),
91                 .table          = "mangle",
92                 .me             = THIS_MODULE,
93         },
94         {
95                 .name           = "DSCP",
96                 .family         = AF_INET6,
97                 .checkentry     = checkentry,
98                 .target         = target6,
99                 .targetsize     = sizeof(struct xt_DSCP_info),
100                 .table          = "mangle",
101                 .me             = THIS_MODULE,
102         },
103 };
104
105 static int __init xt_dscp_target_init(void)
106 {
107         return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
108 }
109
110 static void __exit xt_dscp_target_fini(void)
111 {
112         xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
113 }
114
115 module_init(xt_dscp_target_init);
116 module_exit(xt_dscp_target_fini);