Release 4.7 net/ipv6/netfilter/ip6t_ipv6header.c
/* ipv6header match - matches IPv6 packets based
on whether they contain certain headers */
/* Original idea: Brad Chapman
* Rewritten by: Andras Kis-Szabo <kisza@sch.bme.hu> */
/* (C) 2001-2002 Andras Kis-Szabo <kisza@sch.bme.hu>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/ipv6.h>
#include <linux/types.h>
#include <net/checksum.h>
#include <net/ipv6.h>
#include <linux/netfilter/x_tables.h>
#include <linux/netfilter_ipv6/ip6_tables.h>
#include <linux/netfilter_ipv6/ip6t_ipv6header.h>
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Xtables: IPv6 header types match");
MODULE_AUTHOR("Andras Kis-Szabo <kisza@sch.bme.hu>");
static bool
ipv6header_mt6(const struct sk_buff *skb, struct xt_action_param *par)
{
const struct ip6t_ipv6header_info *info = par->matchinfo;
unsigned int temp;
int len;
u8 nexthdr;
unsigned int ptr;
/* Make sure this isn't an evil packet */
/* type of the 1st exthdr */
nexthdr = ipv6_hdr(skb)->nexthdr;
/* pointer to the 1st exthdr */
ptr = sizeof(struct ipv6hdr);
/* available length */
len = skb->len - ptr;
temp = 0;
while (ip6t_ext_hdr(nexthdr)) {
const struct ipv6_opt_hdr *hp;
struct ipv6_opt_hdr _hdr;
int hdrlen;
/* No more exthdr -> evaluate */
if (nexthdr == NEXTHDR_NONE) {
temp |= MASK_NONE;
break;
}
/* Is there enough space for the next ext header? */
if (len < (int)sizeof(struct ipv6_opt_hdr))
return false;
/* ESP -> evaluate */
if (nexthdr == NEXTHDR_ESP) {
temp |= MASK_ESP;
break;
}
hp = skb_header_pointer(skb, ptr, sizeof(_hdr), &_hdr);
BUG_ON(hp == NULL);
/* Calculate the header length */
if (nexthdr == NEXTHDR_FRAGMENT)
hdrlen = 8;
else if (nexthdr == NEXTHDR_AUTH)
hdrlen = (hp->hdrlen + 2) << 2;
else
hdrlen = ipv6_optlen(hp);
/* set the flag */
switch (nexthdr) {
case NEXTHDR_HOP:
temp |= MASK_HOPOPTS;
break;
case NEXTHDR_ROUTING:
temp |= MASK_ROUTING;
break;
case NEXTHDR_FRAGMENT:
temp |= MASK_FRAGMENT;
break;
case NEXTHDR_AUTH:
temp |= MASK_AH;
break;
case NEXTHDR_DEST:
temp |= MASK_DSTOPTS;
break;
default:
return false;
}
nexthdr = hp->nexthdr;
len -= hdrlen;
ptr += hdrlen;
if (ptr > skb->len)
break;
}
if (nexthdr != NEXTHDR_NONE && nexthdr != NEXTHDR_ESP)
temp |= MASK_PROTO;
if (info->modeflag)
return !((temp ^ info->matchflags ^ info->invflags)
& info->matchflags);
else {
if (info->invflags)
return temp != info->matchflags;
else
return temp == info->matchflags;
}
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| harald welte | harald welte | 267 | 78.30% | 1 | 9.09% |
| yasuyuki kozakai | yasuyuki kozakai | 43 | 12.61% | 2 | 18.18% |
| christoph paasch | christoph paasch | 14 | 4.11% | 1 | 9.09% |
| jan engelhardt | jan engelhardt | 13 | 3.81% | 5 | 45.45% |
| arnaldo carvalho de melo | arnaldo carvalho de melo | 3 | 0.88% | 1 | 9.09% |
| adrian bunk | adrian bunk | 1 | 0.29% | 1 | 9.09% |
| Total | 341 | 100.00% | 11 | 100.00% |
static int ipv6header_mt6_check(const struct xt_mtchk_param *par)
{
const struct ip6t_ipv6header_info *info = par->matchinfo;
/* invflags is 0 or 0xff in hard mode */
if ((!info->modeflag) && info->invflags != 0x00 &&
info->invflags != 0xFF)
return -EINVAL;
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| yasuyuki kozakai | yasuyuki kozakai | 32 | 62.75% | 1 | 14.29% |
| jan engelhardt | jan engelhardt | 9 | 17.65% | 4 | 57.14% |
| harald welte | harald welte | 8 | 15.69% | 1 | 14.29% |
| patrick mchardy | patrick mchardy | 2 | 3.92% | 1 | 14.29% |
| Total | 51 | 100.00% | 7 | 100.00% |
static struct xt_match ipv6header_mt6_reg __read_mostly = {
.name = "ipv6header",
.family = NFPROTO_IPV6,
.match = ipv6header_mt6,
.matchsize = sizeof(struct ip6t_ipv6header_info),
.checkentry = ipv6header_mt6_check,
.destroy = NULL,
.me = THIS_MODULE,
};
static int __init ipv6header_mt6_init(void)
{
return xt_register_match(&ipv6header_mt6_reg);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| harald welte | harald welte | 13 | 81.25% | 1 | 33.33% |
| jan engelhardt | jan engelhardt | 3 | 18.75% | 2 | 66.67% |
| Total | 16 | 100.00% | 3 | 100.00% |
static void __exit ipv6header_mt6_exit(void)
{
xt_unregister_match(&ipv6header_mt6_reg);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| harald welte | harald welte | 12 | 80.00% | 1 | 33.33% |
| jan engelhardt | jan engelhardt | 3 | 20.00% | 2 | 66.67% |
| Total | 15 | 100.00% | 3 | 100.00% |
module_init(ipv6header_mt6_init);
module_exit(ipv6header_mt6_exit);
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| harald welte | harald welte | 360 | 68.57% | 3 | 12.50% |
| yasuyuki kozakai | yasuyuki kozakai | 75 | 14.29% | 2 | 8.33% |
| jan engelhardt | jan engelhardt | 43 | 8.19% | 11 | 45.83% |
| art haas | art haas | 16 | 3.05% | 1 | 4.17% |
| christoph paasch | christoph paasch | 14 | 2.67% | 1 | 4.17% |
| patrick mchardy | patrick mchardy | 12 | 2.29% | 3 | 12.50% |
| arnaldo carvalho de melo | arnaldo carvalho de melo | 3 | 0.57% | 1 | 4.17% |
| adrian bunk | adrian bunk | 1 | 0.19% | 1 | 4.17% |
| hideaki yoshifuji | hideaki yoshifuji | 1 | 0.19% | 1 | 4.17% |
| Total | 525 | 100.00% | 24 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.