[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / netfilter / xt_DSCP.c

/* x_tables module for setting the IPv4/IPv6 DSCP field, Version 1.8
 *
 * (C) 2002 by Harald Welte <laforge@netfilter.org>
 * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * See RFC2474 for a description of the DSCP field within the IP Header.
*/

#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/ipv6.h>
#include <net/dsfield.h>

#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_DSCP.h>
#include <linux/netfilter_ipv4/ipt_TOS.h>

MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_DESCRIPTION("x_tables DSCP modification module");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_DSCP");
MODULE_ALIAS("ip6t_DSCP");
MODULE_ALIAS("ipt_TOS");
MODULE_ALIAS("ip6t_TOS");

static unsigned int
dscp_tg(struct sk_buff *skb, const struct net_device *in,
        const struct net_device *out, unsigned int hooknum,
        const struct xt_target *target, const void *targinfo)
{
	const struct xt_DSCP_info *dinfo = targinfo;
	u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;

	if (dscp != dinfo->dscp) {
		if (!skb_make_writable(skb, sizeof(struct iphdr)))
			return NF_DROP;

		ipv4_change_dsfield(ip_hdr(skb), (__u8)(~XT_DSCP_MASK),
				    dinfo->dscp << XT_DSCP_SHIFT);

	}
	return XT_CONTINUE;
}

static unsigned int
dscp_tg6(struct sk_buff *skb, const struct net_device *in,
         const struct net_device *out, unsigned int hooknum,
         const struct xt_target *target, const void *targinfo)
{
	const struct xt_DSCP_info *dinfo = targinfo;
	u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;

	if (dscp != dinfo->dscp) {
		if (!skb_make_writable(skb, sizeof(struct ipv6hdr)))
			return NF_DROP;

		ipv6_change_dsfield(ipv6_hdr(skb), (__u8)(~XT_DSCP_MASK),
				    dinfo->dscp << XT_DSCP_SHIFT);
	}
	return XT_CONTINUE;
}

static bool
dscp_tg_check(const char *tablename, const void *e_void,
              const struct xt_target *target, void *targinfo,
              unsigned int hook_mask)
{
	const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;

	if (dscp > XT_DSCP_MAX) {
		printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
		return false;
	}
	return true;
}

static unsigned int
tos_tg_v0(struct sk_buff *skb, const struct net_device *in,
          const struct net_device *out, unsigned int hooknum,
          const struct xt_target *target, const void *targinfo)
{
	const struct ipt_tos_target_info *info = targinfo;
	struct iphdr *iph = ip_hdr(skb);
	u_int8_t oldtos;

	if ((iph->tos & IPTOS_TOS_MASK) != info->tos) {
		if (!skb_make_writable(skb, sizeof(struct iphdr)))
			return NF_DROP;

		iph      = ip_hdr(skb);
		oldtos   = iph->tos;
		iph->tos = (iph->tos & IPTOS_PREC_MASK) | info->tos;
		csum_replace2(&iph->check, htons(oldtos), htons(iph->tos));
	}

	return XT_CONTINUE;
}

static bool
tos_tg_check_v0(const char *tablename, const void *e_void,
                const struct xt_target *target, void *targinfo,
                unsigned int hook_mask)
{
	const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;

	if (tos != IPTOS_LOWDELAY && tos != IPTOS_THROUGHPUT &&
	    tos != IPTOS_RELIABILITY && tos != IPTOS_MINCOST &&
	    tos != IPTOS_NORMALSVC) {
		printk(KERN_WARNING "TOS: bad tos value %#x\n", tos);
		return false;
	}

	return true;
}

static unsigned int
tos_tg(struct sk_buff *skb, const struct net_device *in,
       const struct net_device *out, unsigned int hooknum,
       const struct xt_target *target, const void *targinfo)
{
	const struct xt_tos_target_info *info = targinfo;
	struct iphdr *iph = ip_hdr(skb);
	u_int8_t orig, nv;

	orig = ipv4_get_dsfield(iph);
	nv   = (orig & info->tos_mask) ^ info->tos_value;

	if (orig != nv) {
		if (!skb_make_writable(skb, sizeof(struct iphdr)))
			return NF_DROP;
		iph = ip_hdr(skb);
		ipv4_change_dsfield(iph, ~0, nv);
	}

	return XT_CONTINUE;
}

static unsigned int
tos_tg6(struct sk_buff *skb, const struct net_device *in,
        const struct net_device *out, unsigned int hooknum,
        const struct xt_target *target, const void *targinfo)
{
	const struct xt_tos_target_info *info = targinfo;
	struct ipv6hdr *iph = ipv6_hdr(skb);
	u_int8_t orig, nv;

	orig = ipv6_get_dsfield(iph);
	nv   = (orig & info->tos_mask) ^ info->tos_value;

	if (orig != nv) {
		if (!skb_make_writable(skb, sizeof(struct iphdr)))
			return NF_DROP;
		iph = ipv6_hdr(skb);
		ipv6_change_dsfield(iph, ~0, nv);
	}

	return XT_CONTINUE;
}

static struct xt_target dscp_tg_reg[] __read_mostly = {
	{
		.name		= "DSCP",
		.family		= AF_INET,
		.checkentry	= dscp_tg_check,
		.target		= dscp_tg,
		.targetsize	= sizeof(struct xt_DSCP_info),
		.table		= "mangle",
		.me		= THIS_MODULE,
	},
	{
		.name		= "DSCP",
		.family		= AF_INET6,
		.checkentry	= dscp_tg_check,
		.target		= dscp_tg6,
		.targetsize	= sizeof(struct xt_DSCP_info),
		.table		= "mangle",
		.me		= THIS_MODULE,
	},
	{
		.name		= "TOS",
		.revision	= 0,
		.family		= AF_INET,
		.table		= "mangle",
		.target		= tos_tg_v0,
		.targetsize	= sizeof(struct ipt_tos_target_info),
		.checkentry	= tos_tg_check_v0,
		.me		= THIS_MODULE,
	},
	{
		.name		= "TOS",
		.revision	= 1,
		.family		= AF_INET,
		.table		= "mangle",
		.target		= tos_tg,
		.targetsize	= sizeof(struct xt_tos_target_info),
		.me		= THIS_MODULE,
	},
	{
		.name		= "TOS",
		.revision	= 1,
		.family		= AF_INET6,
		.table		= "mangle",
		.target		= tos_tg6,
		.targetsize	= sizeof(struct xt_tos_target_info),
		.me		= THIS_MODULE,
	},
};

static int __init dscp_tg_init(void)
{
	return xt_register_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
}

static void __exit dscp_tg_exit(void)
{
	xt_unregister_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
}

module_init(dscp_tg_init);
module_exit(dscp_tg_exit);
Commit	Line	Data
a468701d YK	1	/* x_tables module for setting the IPv4/IPv6 DSCP field, Version 1.8
	2	*
	3	* (C) 2002 by Harald Welte <laforge@netfilter.org>
	4	* based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License version 2 as
	8	* published by the Free Software Foundation.
	9	*
	10	* See RFC2474 for a description of the DSCP field within the IP Header.
a468701d YK	11	*/
	12
	13	#include <linux/module.h>
	14	#include <linux/skbuff.h>
	15	#include <linux/ip.h>
	16	#include <linux/ipv6.h>
	17	#include <net/dsfield.h>
	18
	19	#include <linux/netfilter/x_tables.h>
	20	#include <linux/netfilter/xt_DSCP.h>
c9fd4968	21	#include <linux/netfilter_ipv4/ipt_TOS.h>
a468701d YK	22
	23	MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
	24	MODULE_DESCRIPTION("x_tables DSCP modification module");
	25	MODULE_LICENSE("GPL");
	26	MODULE_ALIAS("ipt_DSCP");
	27	MODULE_ALIAS("ip6t_DSCP");
c9fd4968	28	MODULE_ALIAS("ipt_TOS");
5c350e5a	29	MODULE_ALIAS("ip6t_TOS");
a468701d	30
d3c5ee6d JE	31	static unsigned int
	32	dscp_tg(struct sk_buff skb, const struct net_device in,
	33	const struct net_device *out, unsigned int hooknum,
	34	const struct xt_target target, const void targinfo)
a468701d YK	35	{
a468701d YK	36	const struct xt_DSCP_info *dinfo = targinfo;
3db05fea	37	u_int8_t dscp = ipv4_get_dsfield(ip_hdr(skb)) >> XT_DSCP_SHIFT;
a468701d YK	38
a468701d YK	39	if (dscp != dinfo->dscp) {
3db05fea	40	if (!skb_make_writable(skb, sizeof(struct iphdr)))
a468701d YK	41	return NF_DROP;
a468701d YK	42
3db05fea	43	ipv4_change_dsfield(ip_hdr(skb), (__u8)(~XT_DSCP_MASK),
a468701d YK	44	dinfo->dscp << XT_DSCP_SHIFT);
	45
	46	}
	47	return XT_CONTINUE;
	48	}
	49
d3c5ee6d JE	50	static unsigned int
	51	dscp_tg6(struct sk_buff skb, const struct net_device in,
	52	const struct net_device *out, unsigned int hooknum,
	53	const struct xt_target target, const void targinfo)
a468701d YK	54	{
a468701d YK	55	const struct xt_DSCP_info *dinfo = targinfo;
3db05fea	56	u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(skb)) >> XT_DSCP_SHIFT;
a468701d YK	57
a468701d YK	58	if (dscp != dinfo->dscp) {
3db05fea	59	if (!skb_make_writable(skb, sizeof(struct ipv6hdr)))
a468701d YK	60	return NF_DROP;
a468701d YK	61
3db05fea	62	ipv6_change_dsfield(ipv6_hdr(skb), (__u8)(~XT_DSCP_MASK),
a468701d YK	63	dinfo->dscp << XT_DSCP_SHIFT);
	64	}
	65	return XT_CONTINUE;
	66	}
	67
d3c5ee6d JE	68	static bool
	69	dscp_tg_check(const char tablename, const void e_void,
	70	const struct xt_target target, void targinfo,
	71	unsigned int hook_mask)
a468701d YK	72	{
	73	const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
	74
7c4e36bc	75	if (dscp > XT_DSCP_MAX) {
a468701d	76	printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
e1931b78	77	return false;
a468701d	78	}
e1931b78	79	return true;
a468701d YK	80	}
a468701d YK	81
c9fd4968 JE	82	static unsigned int
	83	tos_tg_v0(struct sk_buff skb, const struct net_device in,
	84	const struct net_device *out, unsigned int hooknum,
	85	const struct xt_target target, const void targinfo)
	86	{
	87	const struct ipt_tos_target_info *info = targinfo;
	88	struct iphdr *iph = ip_hdr(skb);
	89	u_int8_t oldtos;
	90
	91	if ((iph->tos & IPTOS_TOS_MASK) != info->tos) {
	92	if (!skb_make_writable(skb, sizeof(struct iphdr)))
	93	return NF_DROP;
	94
	95	iph = ip_hdr(skb);
	96	oldtos = iph->tos;
	97	iph->tos = (iph->tos & IPTOS_PREC_MASK) \| info->tos;
	98	csum_replace2(&iph->check, htons(oldtos), htons(iph->tos));
	99	}
	100
	101	return XT_CONTINUE;
	102	}
	103
	104	static bool
	105	tos_tg_check_v0(const char tablename, const void e_void,
	106	const struct xt_target target, void targinfo,
	107	unsigned int hook_mask)
	108	{
	109	const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;
	110
	111	if (tos != IPTOS_LOWDELAY && tos != IPTOS_THROUGHPUT &&
	112	tos != IPTOS_RELIABILITY && tos != IPTOS_MINCOST &&
	113	tos != IPTOS_NORMALSVC) {
	114	printk(KERN_WARNING "TOS: bad tos value %#x\n", tos);
	115	return false;
	116	}
	117
	118	return true;
	119	}
	120
5c350e5a JE	121	static unsigned int
	122	tos_tg(struct sk_buff skb, const struct net_device in,
	123	const struct net_device *out, unsigned int hooknum,
	124	const struct xt_target target, const void targinfo)
	125	{
	126	const struct xt_tos_target_info *info = targinfo;
	127	struct iphdr *iph = ip_hdr(skb);
	128	u_int8_t orig, nv;
	129
	130	orig = ipv4_get_dsfield(iph);
	131	nv = (orig & info->tos_mask) ^ info->tos_value;
	132
	133	if (orig != nv) {
	134	if (!skb_make_writable(skb, sizeof(struct iphdr)))
	135	return NF_DROP;
	136	iph = ip_hdr(skb);
	137	ipv4_change_dsfield(iph, ~0, nv);
	138	}
	139
	140	return XT_CONTINUE;
	141	}
	142
	143	static unsigned int
	144	tos_tg6(struct sk_buff skb, const struct net_device in,
	145	const struct net_device *out, unsigned int hooknum,
	146	const struct xt_target target, const void targinfo)
	147	{
	148	const struct xt_tos_target_info *info = targinfo;
	149	struct ipv6hdr *iph = ipv6_hdr(skb);
	150	u_int8_t orig, nv;
	151
	152	orig = ipv6_get_dsfield(iph);
	153	nv = (orig & info->tos_mask) ^ info->tos_value;
	154
	155	if (orig != nv) {
	156	if (!skb_make_writable(skb, sizeof(struct iphdr)))
	157	return NF_DROP;
	158	iph = ipv6_hdr(skb);
	159	ipv6_change_dsfield(iph, ~0, nv);
	160	}
	161
	162	return XT_CONTINUE;
	163	}
	164
d3c5ee6d	165	static struct xt_target dscp_tg_reg[] __read_mostly = {
4470bbc7 PM	166	{
	167	.name = "DSCP",
	168	.family = AF_INET,
d3c5ee6d JE	169	.checkentry = dscp_tg_check,
d3c5ee6d JE	170	.target = dscp_tg,
4470bbc7 PM	171	.targetsize = sizeof(struct xt_DSCP_info),
	172	.table = "mangle",
	173	.me = THIS_MODULE,
	174	},
	175	{
	176	.name = "DSCP",
	177	.family = AF_INET6,
d3c5ee6d JE	178	.checkentry = dscp_tg_check,
d3c5ee6d JE	179	.target = dscp_tg6,
4470bbc7 PM	180	.targetsize = sizeof(struct xt_DSCP_info),
	181	.table = "mangle",
	182	.me = THIS_MODULE,
	183	},
c9fd4968 JE	184	{
	185	.name = "TOS",
	186	.revision = 0,
	187	.family = AF_INET,
	188	.table = "mangle",
	189	.target = tos_tg_v0,
	190	.targetsize = sizeof(struct ipt_tos_target_info),
	191	.checkentry = tos_tg_check_v0,
	192	.me = THIS_MODULE,
	193	},
5c350e5a JE	194	{
	195	.name = "TOS",
	196	.revision = 1,
	197	.family = AF_INET,
	198	.table = "mangle",
	199	.target = tos_tg,
	200	.targetsize = sizeof(struct xt_tos_target_info),
	201	.me = THIS_MODULE,
	202	},
	203	{
	204	.name = "TOS",
	205	.revision = 1,
	206	.family = AF_INET6,
	207	.table = "mangle",
	208	.target = tos_tg6,
	209	.targetsize = sizeof(struct xt_tos_target_info),
	210	.me = THIS_MODULE,
	211	},
a468701d YK	212	};
a468701d YK	213
d3c5ee6d	214	static int __init dscp_tg_init(void)
a468701d	215	{
d3c5ee6d	216	return xt_register_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
a468701d YK	217	}
a468701d YK	218
d3c5ee6d	219	static void __exit dscp_tg_exit(void)
a468701d	220	{
d3c5ee6d	221	xt_unregister_targets(dscp_tg_reg, ARRAY_SIZE(dscp_tg_reg));
a468701d YK	222	}
a468701d YK	223
d3c5ee6d JE	224	module_init(dscp_tg_init);
d3c5ee6d JE	225	module_exit(dscp_tg_exit);