Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 9ed821d7e5d875a3395740a9cc2545671fa429b7 / . / ap / app / iptables / extensions / libipt_ttl.c
blob: 019a556a7ab5b7a850a875d84b9cb4e2564c8fbd [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame^]1/* Shared library add-on to iptables to add TTL matching support
2 * (C) 2000 by Harald Welte <laforge@gnumonks.org>
3 *
4 * $Id$
5 *
6 * This program is released under the terms of GNU GPL */
7
8#include <stdio.h>
9#include <stdlib.h>
10#include <string.h>
11#include <getopt.h>
12#include <xtables.h>
13
14#include <linux/netfilter_ipv4/ipt_ttl.h>
15
16static void ttl_help(void)
17{
18 printf(
19"ttl match options:\n"
20" --ttl-eq value Match time to live value\n"
21" --ttl-lt value Match TTL < value\n"
22" --ttl-gt value Match TTL > value\n");
23}
24
25static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
26 const void *entry, struct xt_entry_match **match)
27{
28 struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
29 unsigned int value;
30
31 xtables_check_inverse(optarg, &invert, &optind, 0);
32
33 switch (c) {
34 case '2':
35 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
36 xtables_error(PARAMETER_PROBLEM,
37 "ttl: Expected value between 0 and 255");
38
39 if (invert)
40 info->mode = IPT_TTL_NE;
41 else
42 info->mode = IPT_TTL_EQ;
43
44 /* is 0 allowed? */
45 info->ttl = value;
46 break;
47 case '3':
48 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
49 xtables_error(PARAMETER_PROBLEM,
50 "ttl: Expected value between 0 and 255");
51
52 if (invert)
53 xtables_error(PARAMETER_PROBLEM,
54 "ttl: unexpected `!'");
55
56 info->mode = IPT_TTL_LT;
57 info->ttl = value;
58 break;
59 case '4':
60 if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
61 xtables_error(PARAMETER_PROBLEM,
62 "ttl: Expected value between 0 and 255");
63
64 if (invert)
65 xtables_error(PARAMETER_PROBLEM,
66 "ttl: unexpected `!'");
67
68 info->mode = IPT_TTL_GT;
69 info->ttl = value;
70 break;
71 default:
72 return 0;
73
74 }
75
76 if (*flags)
77 xtables_error(PARAMETER_PROBLEM,
78 "Can't specify TTL option twice");
79 *flags = 1;
80
81 return 1;
82}
83
84static void ttl_check(unsigned int flags)
85{
86 if (!flags)
87 xtables_error(PARAMETER_PROBLEM,
88 "TTL match: You must specify one of "
89 "`--ttl-eq', `--ttl-lt', `--ttl-gt");
90}
91
92static void ttl_print(const void *ip, const struct xt_entry_match *match,
93 int numeric)
94{
95 const struct ipt_ttl_info *info =
96 (struct ipt_ttl_info *) match->data;
97
98 printf("TTL match ");
99 switch (info->mode) {
100 case IPT_TTL_EQ:
101 printf("TTL == ");
102 break;
103 case IPT_TTL_NE:
104 printf("TTL != ");
105 break;
106 case IPT_TTL_LT:
107 printf("TTL < ");
108 break;
109 case IPT_TTL_GT:
110 printf("TTL > ");
111 break;
112 }
113 printf("%u ", info->ttl);
114}
115
116static void ttl_save(const void *ip, const struct xt_entry_match *match)
117{
118 const struct ipt_ttl_info *info =
119 (struct ipt_ttl_info *) match->data;
120
121 switch (info->mode) {
122 case IPT_TTL_EQ:
123 printf("--ttl-eq ");
124 break;
125 case IPT_TTL_NE:
126 printf("! --ttl-eq ");
127 break;
128 case IPT_TTL_LT:
129 printf("--ttl-lt ");
130 break;
131 case IPT_TTL_GT:
132 printf("--ttl-gt ");
133 break;
134 default:
135 /* error */
136 break;
137 }
138 printf("%u ", info->ttl);
139}
140
141static const struct option ttl_opts[] = {
142 { "ttl", 1, NULL, '2' },
143 { "ttl-eq", 1, NULL, '2'},
144 { "ttl-lt", 1, NULL, '3'},
145 { "ttl-gt", 1, NULL, '4'},
146 { .name = NULL }
147};
148
149static struct xtables_match ttl_mt_reg = {
150 .name = "ttl",
151 .version = XTABLES_VERSION,
152 .family = NFPROTO_IPV4,
153 .size = XT_ALIGN(sizeof(struct ipt_ttl_info)),
154 .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)),
155 .help = ttl_help,
156 .parse = ttl_parse,
157 .final_check = ttl_check,
158 .print = ttl_print,
159 .save = ttl_save,
160 .extra_opts = ttl_opts,
161};
162
163
164void _init(void)
165{
166 xtables_register_match(&ttl_mt_reg);
167}