1/* IP tables module for matching the routing realm 2 * 3 * (C) 2003 by Sampsa Ranta <sampsa@netsonic.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 */ 9 10#include <linux/module.h> 11#include <linux/skbuff.h> 12#include <linux/netdevice.h> 13#include <net/route.h> 14 15#include <linux/netfilter_ipv4.h> 16#include <linux/netfilter/xt_realm.h> 17#include <linux/netfilter/x_tables.h> 18 19MODULE_AUTHOR("Sampsa Ranta <sampsa@netsonic.fi>"); 20MODULE_LICENSE("GPL"); 21MODULE_DESCRIPTION("Xtables: Routing realm match"); 22MODULE_ALIAS("ipt_realm"); 23 24static bool 25realm_mt(const struct sk_buff *skb, const struct xt_match_param *par) 26{ 27 const struct xt_realm_info *info = par->matchinfo; 28 const struct dst_entry *dst = skb_dst(skb); 29 30 return (info->id == (dst->tclassid & info->mask)) ^ info->invert; 31} 32 33static struct xt_match realm_mt_reg __read_mostly = { 34 .name = "realm", 35 .match = realm_mt, 36 .matchsize = sizeof(struct xt_realm_info), 37 .hooks = (1 << NF_INET_POST_ROUTING) | (1 << NF_INET_FORWARD) | 38 (1 << NF_INET_LOCAL_OUT) | (1 << NF_INET_LOCAL_IN), 39 .family = NFPROTO_UNSPEC, 40 .me = THIS_MODULE 41}; 42 43static int __init realm_mt_init(void) 44{ 45 return xt_register_match(&realm_mt_reg); 46} 47 48static void __exit realm_mt_exit(void) 49{ 50 xt_unregister_match(&realm_mt_reg); 51} 52 53module_init(realm_mt_init); 54module_exit(realm_mt_exit); 55