+++ /dev/null
-#ifndef _IPT_TOS_H_target
-#define _IPT_TOS_H_target
-
-#ifndef IPTOS_NORMALSVC
-#define IPTOS_NORMALSVC 0
-#endif
-
-struct ipt_tos_target_info {
- u_int8_t tos;
-};
-
-#endif /*_IPT_TOS_H_target*/
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_DSCP.h>
-#include <linux/netfilter_ipv4/ipt_TOS.h>
MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_DESCRIPTION("Xtables: DSCP/TOS field modification");
return true;
}
-static unsigned int
-tos_tg_v0(struct sk_buff *skb, const struct xt_target_param *par)
-{
- const struct ipt_tos_target_info *info = par->targinfo;
- struct iphdr *iph = ip_hdr(skb);
- u_int8_t oldtos;
-
- if ((iph->tos & IPTOS_TOS_MASK) != info->tos) {
- if (!skb_make_writable(skb, sizeof(struct iphdr)))
- return NF_DROP;
-
- iph = ip_hdr(skb);
- oldtos = iph->tos;
- iph->tos = (iph->tos & IPTOS_PREC_MASK) | info->tos;
- csum_replace2(&iph->check, htons(oldtos), htons(iph->tos));
- }
-
- return XT_CONTINUE;
-}
-
-static bool tos_tg_check_v0(const struct xt_tgchk_param *par)
-{
- const struct ipt_tos_target_info *info = par->targinfo;
- const uint8_t tos = info->tos;
-
- if (tos != IPTOS_LOWDELAY && tos != IPTOS_THROUGHPUT &&
- tos != IPTOS_RELIABILITY && tos != IPTOS_MINCOST &&
- tos != IPTOS_NORMALSVC) {
- printk(KERN_WARNING "TOS: bad tos value %#x\n", tos);
- return false;
- }
-
- return true;
-}
-
static unsigned int
tos_tg(struct sk_buff *skb, const struct xt_target_param *par)
{
.table = "mangle",
.me = THIS_MODULE,
},
- {
- .name = "TOS",
- .revision = 0,
- .family = NFPROTO_IPV4,
- .table = "mangle",
- .target = tos_tg_v0,
- .targetsize = sizeof(struct ipt_tos_target_info),
- .checkentry = tos_tg_check_v0,
- .me = THIS_MODULE,
- },
{
.name = "TOS",
.revision = 1,
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter/xt_dscp.h>
-#include <linux/netfilter_ipv4/ipt_tos.h>
MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
MODULE_DESCRIPTION("Xtables: DSCP/TOS field match");
return true;
}
-static bool
-tos_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par)
-{
- const struct ipt_tos_info *info = par->matchinfo;
-
- return (ip_hdr(skb)->tos == info->tos) ^ info->invert;
-}
-
static bool tos_mt(const struct sk_buff *skb, const struct xt_match_param *par)
{
const struct xt_tos_match_info *info = par->matchinfo;
.matchsize = sizeof(struct xt_dscp_info),
.me = THIS_MODULE,
},
- {
- .name = "tos",
- .revision = 0,
- .family = NFPROTO_IPV4,
- .match = tos_mt_v0,
- .matchsize = sizeof(struct ipt_tos_info),
- .me = THIS_MODULE,
- },
{
.name = "tos",
.revision = 1,