netfilter: Combine ipt_ttl and ip6t_hl source
Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Jan Engelhardt
committed by
Patrick McHardy
Patrick McHardy
parent
563d36eb3f
commit
cfac5ef7b9
@@ -92,15 +92,6 @@ config IP_NF_MATCH_ECN
|
||||
|
||||
To compile it as a module, choose M here. If unsure, say N.
|
||||
|
||||
config IP_NF_MATCH_TTL
|
||||
tristate '"ttl" match support'
|
||||
depends on NETFILTER_ADVANCED
|
||||
help
|
||||
This adds CONFIG_IP_NF_MATCH_TTL option, which enabled the user
|
||||
to match packets by their TTL value.
|
||||
|
||||
To compile it as a module, choose M here. If unsure, say N.
|
||||
|
||||
# `filter', generic and specific targets
|
||||
config IP_NF_FILTER
|
||||
tristate "Packet filtering"
|
||||
|
||||
@@ -51,7 +51,6 @@ obj-$(CONFIG_IP_NF_SECURITY) += iptable_security.o
|
||||
obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
|
||||
obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
|
||||
obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o
|
||||
obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
|
||||
|
||||
# targets
|
||||
obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
|
||||
|
||||
@@ -1,63 +0,0 @@
|
||||
/* IP tables module for matching the value of the TTL
|
||||
*
|
||||
* (C) 2000,2001 by Harald Welte <laforge@netfilter.org>
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License version 2 as
|
||||
* published by the Free Software Foundation.
|
||||
*/
|
||||
|
||||
#include <linux/ip.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/skbuff.h>
|
||||
|
||||
#include <linux/netfilter_ipv4/ipt_ttl.h>
|
||||
#include <linux/netfilter/x_tables.h>
|
||||
|
||||
MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
|
||||
MODULE_DESCRIPTION("Xtables: IPv4 TTL field match");
|
||||
MODULE_LICENSE("GPL");
|
||||
|
||||
static bool ttl_mt(const struct sk_buff *skb, const struct xt_match_param *par)
|
||||
{
|
||||
const struct ipt_ttl_info *info = par->matchinfo;
|
||||
const u8 ttl = ip_hdr(skb)->ttl;
|
||||
|
||||
switch (info->mode) {
|
||||
case IPT_TTL_EQ:
|
||||
return ttl == info->ttl;
|
||||
case IPT_TTL_NE:
|
||||
return ttl != info->ttl;
|
||||
case IPT_TTL_LT:
|
||||
return ttl < info->ttl;
|
||||
case IPT_TTL_GT:
|
||||
return ttl > info->ttl;
|
||||
default:
|
||||
printk(KERN_WARNING "ipt_ttl: unknown mode %d\n",
|
||||
info->mode);
|
||||
return false;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
static struct xt_match ttl_mt_reg __read_mostly = {
|
||||
.name = "ttl",
|
||||
.family = NFPROTO_IPV4,
|
||||
.match = ttl_mt,
|
||||
.matchsize = sizeof(struct ipt_ttl_info),
|
||||
.me = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init ttl_mt_init(void)
|
||||
{
|
||||
return xt_register_match(&ttl_mt_reg);
|
||||
}
|
||||
|
||||
static void __exit ttl_mt_exit(void)
|
||||
{
|
||||
xt_unregister_match(&ttl_mt_reg);
|
||||
}
|
||||
|
||||
module_init(ttl_mt_init);
|
||||
module_exit(ttl_mt_exit);
|
||||
Reference in New Issue
Block a user