1/* (C) 1999-2001 Michal Ludvig <michal@logix.cz> 2 * 3 * This program is free software; you can redistribute it and/or modify 4 * it under the terms of the GNU General Public License version 2 as 5 * published by the Free Software Foundation. 6 */ 7 8#include <linux/module.h> 9#include <linux/skbuff.h> 10#include <linux/if_ether.h> 11#include <linux/if_packet.h> 12#include <linux/in.h> 13#include <linux/ip.h> 14#include <linux/ipv6.h> 15 16#include <linux/netfilter/xt_pkttype.h> 17#include <linux/netfilter/x_tables.h> 18 19MODULE_LICENSE("GPL"); 20MODULE_AUTHOR("Michal Ludvig <michal@logix.cz>"); 21MODULE_DESCRIPTION("Xtables: link layer packet type match"); 22MODULE_ALIAS("ipt_pkttype"); 23MODULE_ALIAS("ip6t_pkttype"); 24 25static bool 26pkttype_mt(const struct sk_buff *skb, struct xt_action_param *par) 27{ 28 const struct xt_pkttype_info *info = par->matchinfo; 29 u_int8_t type; 30 31 if (skb->pkt_type != PACKET_LOOPBACK) 32 type = skb->pkt_type; 33 else if (par->family == NFPROTO_IPV4 && 34 ipv4_is_multicast(ip_hdr(skb)->daddr)) 35 type = PACKET_MULTICAST; 36 else if (par->family == NFPROTO_IPV6 && 37 ipv6_hdr(skb)->daddr.s6_addr[0] == 0xFF) 38 type = PACKET_MULTICAST; 39 else 40 type = PACKET_BROADCAST; 41 42 return (type == info->pkttype) ^ info->invert; 43} 44 45static struct xt_match pkttype_mt_reg __read_mostly = { 46 .name = "pkttype", 47 .revision = 0, 48 .family = NFPROTO_UNSPEC, 49 .match = pkttype_mt, 50 .matchsize = sizeof(struct xt_pkttype_info), 51 .me = THIS_MODULE, 52}; 53 54static int __init pkttype_mt_init(void) 55{ 56 return xt_register_match(&pkttype_mt_reg); 57} 58 59static void __exit pkttype_mt_exit(void) 60{ 61 xt_unregister_match(&pkttype_mt_reg); 62} 63 64module_init(pkttype_mt_init); 65module_exit(pkttype_mt_exit); 66