1/* This is a module which is used for setting the TOS field of a packet. */
2
3/* (C) 1999-2001 Paul `Rusty' Russell
4 * (C) 2002-2004 Netfilter Core Team <coreteam@netfilter.org>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 */
10
11#include <linux/module.h>
12#include <linux/skbuff.h>
13#include <linux/ip.h>
14#include <net/checksum.h>
15
16#include <linux/netfilter/x_tables.h>
17#include <linux/netfilter_ipv4/ipt_TOS.h>
18
19MODULE_LICENSE("GPL");
20MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
21MODULE_DESCRIPTION("iptables TOS mangling module");
22
23static unsigned int
24target(struct sk_buff **pskb,
25       const struct net_device *in,
26       const struct net_device *out,
27       unsigned int hooknum,
28       const struct xt_target *target,
29       const void *targinfo)
30{
31	const struct ipt_tos_target_info *tosinfo = targinfo;
32	struct iphdr *iph = ip_hdr(*pskb);
33
34	if ((iph->tos & IPTOS_TOS_MASK) != tosinfo->tos) {
35		__u8 oldtos;
36		if (!skb_make_writable(pskb, sizeof(struct iphdr)))
37			return NF_DROP;
38		iph = ip_hdr(*pskb);
39		oldtos = iph->tos;
40		iph->tos = (iph->tos & IPTOS_PREC_MASK) | tosinfo->tos;
41		nf_csum_replace2(&iph->check, htons(oldtos), htons(iph->tos));
42	}
43	return XT_CONTINUE;
44}
45
46static int
47checkentry(const char *tablename,
48	   const void *e_void,
49	   const struct xt_target *target,
50	   void *targinfo,
51	   unsigned int hook_mask)
52{
53	const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos;
54
55	if (tos != IPTOS_LOWDELAY
56	    && tos != IPTOS_THROUGHPUT
57	    && tos != IPTOS_RELIABILITY
58	    && tos != IPTOS_MINCOST
59	    && tos != IPTOS_NORMALSVC) {
60		printk(KERN_WARNING "TOS: bad tos value %#x\n", tos);
61		return 0;
62	}
63	return 1;
64}
65
66static struct xt_target ipt_tos_reg = {
67	.name		= "TOS",
68	.family		= AF_INET,
69	.target		= target,
70	.targetsize	= sizeof(struct ipt_tos_target_info),
71	.table		= "mangle",
72	.checkentry	= checkentry,
73	.me		= THIS_MODULE,
74};
75
76static int __init ipt_tos_init(void)
77{
78	return xt_register_target(&ipt_tos_reg);
79}
80
81static void __exit ipt_tos_fini(void)
82{
83	xt_unregister_target(&ipt_tos_reg);
84}
85
86module_init(ipt_tos_init);
87module_exit(ipt_tos_fini);
88