1/* 2 * xt_mark - Netfilter module to match NFMARK value 3 * 4 * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 5 * Copyright © CC Computer Consultants GmbH, 2007 - 2008 6 * Jan Engelhardt <jengelh@medozas.de> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13#include <linux/module.h> 14#include <linux/skbuff.h> 15 16#include <linux/netfilter/xt_mark.h> 17#include <linux/netfilter/x_tables.h> 18 19MODULE_LICENSE("GPL"); 20MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); 21MODULE_DESCRIPTION("Xtables: packet mark match"); 22MODULE_ALIAS("ipt_mark"); 23MODULE_ALIAS("ip6t_mark"); 24 25static bool 26mark_mt(const struct sk_buff *skb, const struct xt_match_param *par) 27{ 28 const struct xt_mark_mtinfo1 *info = par->matchinfo; 29 30 return ((skb->mark & info->mask) == info->mark) ^ info->invert; 31} 32 33static struct xt_match mark_mt_reg __read_mostly = { 34 .name = "mark", 35 .revision = 1, 36 .family = NFPROTO_UNSPEC, 37 .match = mark_mt, 38 .matchsize = sizeof(struct xt_mark_mtinfo1), 39 .me = THIS_MODULE, 40}; 41 42static int __init mark_mt_init(void) 43{ 44 return xt_register_match(&mark_mt_reg); 45} 46 47static void __exit mark_mt_exit(void) 48{ 49 xt_unregister_match(&mark_mt_reg); 50} 51 52module_init(mark_mt_init); 53module_exit(mark_mt_exit); 54