1/* x_tables module for setting the IPv4/IPv6 DSCP field, Version 1.8 2 * 3 * (C) 2002 by Harald Welte <laforge@netfilter.org> 4 * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com> 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 as 8 * published by the Free Software Foundation. 9 * 10 * See RFC2474 for a description of the DSCP field within the IP Header. 11*/ 12 13#include <linux/module.h> 14#include <linux/skbuff.h> 15#include <linux/ip.h> 16#include <linux/ipv6.h> 17#include <net/dsfield.h> 18 19#include <linux/netfilter/x_tables.h> 20#include <linux/netfilter/xt_DSCP.h> 21 22MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); 23MODULE_DESCRIPTION("x_tables DSCP modification module"); 24MODULE_LICENSE("GPL"); 25MODULE_ALIAS("ipt_DSCP"); 26MODULE_ALIAS("ip6t_DSCP"); 27 28static unsigned int target(struct sk_buff **pskb, 29 const struct net_device *in, 30 const struct net_device *out, 31 unsigned int hooknum, 32 const struct xt_target *target, 33 const void *targinfo) 34{ 35 const struct xt_DSCP_info *dinfo = targinfo; 36 u_int8_t dscp = ipv4_get_dsfield(ip_hdr(*pskb)) >> XT_DSCP_SHIFT; 37 38 if (dscp != dinfo->dscp) { 39 if (!skb_make_writable(pskb, sizeof(struct iphdr))) 40 return NF_DROP; 41 42 ipv4_change_dsfield(ip_hdr(*pskb), (__u8)(~XT_DSCP_MASK), 43 dinfo->dscp << XT_DSCP_SHIFT); 44 45 } 46 return XT_CONTINUE; 47} 48 49static unsigned int target6(struct sk_buff **pskb, 50 const struct net_device *in, 51 const struct net_device *out, 52 unsigned int hooknum, 53 const struct xt_target *target, 54 const void *targinfo) 55{ 56 const struct xt_DSCP_info *dinfo = targinfo; 57 u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(*pskb)) >> XT_DSCP_SHIFT; 58 59 if (dscp != dinfo->dscp) { 60 if (!skb_make_writable(pskb, sizeof(struct ipv6hdr))) 61 return NF_DROP; 62 63 ipv6_change_dsfield(ipv6_hdr(*pskb), (__u8)(~XT_DSCP_MASK), 64 dinfo->dscp << XT_DSCP_SHIFT); 65 } 66 return XT_CONTINUE; 67} 68 69static int checkentry(const char *tablename, 70 const void *e_void, 71 const struct xt_target *target, 72 void *targinfo, 73 unsigned int hook_mask) 74{ 75 const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; 76 77 if ((dscp > XT_DSCP_MAX)) { 78 printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp); 79 return 0; 80 } 81 return 1; 82} 83 84static struct xt_target xt_dscp_target[] = { 85 { 86 .name = "DSCP", 87 .family = AF_INET, 88 .checkentry = checkentry, 89 .target = target, 90 .targetsize = sizeof(struct xt_DSCP_info), 91 .table = "mangle", 92 .me = THIS_MODULE, 93 }, 94 { 95 .name = "DSCP", 96 .family = AF_INET6, 97 .checkentry = checkentry, 98 .target = target6, 99 .targetsize = sizeof(struct xt_DSCP_info), 100 .table = "mangle", 101 .me = THIS_MODULE, 102 }, 103}; 104 105static int __init xt_dscp_target_init(void) 106{ 107 return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target)); 108} 109 110static void __exit xt_dscp_target_fini(void) 111{ 112 xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target)); 113} 114 115module_init(xt_dscp_target_init); 116module_exit(xt_dscp_target_fini); 117