xt_mark.c (1970B)
1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * xt_mark - Netfilter module to match NFMARK value 4 * 5 * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 6 * Copyright © CC Computer Consultants GmbH, 2007 - 2008 7 * Jan Engelhardt <jengelh@medozas.de> 8 */ 9 10#include <linux/module.h> 11#include <linux/skbuff.h> 12 13#include <linux/netfilter/xt_mark.h> 14#include <linux/netfilter/x_tables.h> 15 16MODULE_LICENSE("GPL"); 17MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>"); 18MODULE_DESCRIPTION("Xtables: packet mark operations"); 19MODULE_ALIAS("ipt_mark"); 20MODULE_ALIAS("ip6t_mark"); 21MODULE_ALIAS("ipt_MARK"); 22MODULE_ALIAS("ip6t_MARK"); 23MODULE_ALIAS("arpt_MARK"); 24 25static unsigned int 26mark_tg(struct sk_buff *skb, const struct xt_action_param *par) 27{ 28 const struct xt_mark_tginfo2 *info = par->targinfo; 29 30 skb->mark = (skb->mark & ~info->mask) ^ info->mark; 31 return XT_CONTINUE; 32} 33 34static bool 35mark_mt(const struct sk_buff *skb, struct xt_action_param *par) 36{ 37 const struct xt_mark_mtinfo1 *info = par->matchinfo; 38 39 return ((skb->mark & info->mask) == info->mark) ^ info->invert; 40} 41 42static struct xt_target mark_tg_reg __read_mostly = { 43 .name = "MARK", 44 .revision = 2, 45 .family = NFPROTO_UNSPEC, 46 .target = mark_tg, 47 .targetsize = sizeof(struct xt_mark_tginfo2), 48 .me = THIS_MODULE, 49}; 50 51static struct xt_match mark_mt_reg __read_mostly = { 52 .name = "mark", 53 .revision = 1, 54 .family = NFPROTO_UNSPEC, 55 .match = mark_mt, 56 .matchsize = sizeof(struct xt_mark_mtinfo1), 57 .me = THIS_MODULE, 58}; 59 60static int __init mark_mt_init(void) 61{ 62 int ret; 63 64 ret = xt_register_target(&mark_tg_reg); 65 if (ret < 0) 66 return ret; 67 ret = xt_register_match(&mark_mt_reg); 68 if (ret < 0) { 69 xt_unregister_target(&mark_tg_reg); 70 return ret; 71 } 72 return 0; 73} 74 75static void __exit mark_mt_exit(void) 76{ 77 xt_unregister_match(&mark_mt_reg); 78 xt_unregister_target(&mark_tg_reg); 79} 80 81module_init(mark_mt_init); 82module_exit(mark_mt_exit);