1/* x_tables module for setting the IPv4/IPv6 DSCP field, Version 1.8
2 *
3 * (C) 2002 by Harald Welte <laforge@netfilter.org>
4 * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 *
10 * See RFC2474 for a description of the DSCP field within the IP Header.
11*/
12
13#include <linux/module.h>
14#include <linux/skbuff.h>
15#include <linux/ip.h>
16#include <linux/ipv6.h>
17#include <net/dsfield.h>
18
19#include <linux/netfilter/x_tables.h>
20#include <linux/netfilter/xt_DSCP.h>
21
22MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
23MODULE_DESCRIPTION("x_tables DSCP modification module");
24MODULE_LICENSE("GPL");
25MODULE_ALIAS("ipt_DSCP");
26MODULE_ALIAS("ip6t_DSCP");
27
28static unsigned int target(struct sk_buff **pskb,
29			   const struct net_device *in,
30			   const struct net_device *out,
31			   unsigned int hooknum,
32			   const struct xt_target *target,
33			   const void *targinfo)
34{
35	const struct xt_DSCP_info *dinfo = targinfo;
36	u_int8_t dscp = ipv4_get_dsfield(ip_hdr(*pskb)) >> XT_DSCP_SHIFT;
37
38	if (dscp != dinfo->dscp) {
39		if (!skb_make_writable(pskb, sizeof(struct iphdr)))
40			return NF_DROP;
41
42		ipv4_change_dsfield(ip_hdr(*pskb), (__u8)(~XT_DSCP_MASK),
43				    dinfo->dscp << XT_DSCP_SHIFT);
44
45	}
46	return XT_CONTINUE;
47}
48
49static unsigned int target6(struct sk_buff **pskb,
50			    const struct net_device *in,
51			    const struct net_device *out,
52			    unsigned int hooknum,
53			    const struct xt_target *target,
54			    const void *targinfo)
55{
56	const struct xt_DSCP_info *dinfo = targinfo;
57	u_int8_t dscp = ipv6_get_dsfield(ipv6_hdr(*pskb)) >> XT_DSCP_SHIFT;
58
59	if (dscp != dinfo->dscp) {
60		if (!skb_make_writable(pskb, sizeof(struct ipv6hdr)))
61			return NF_DROP;
62
63		ipv6_change_dsfield(ipv6_hdr(*pskb), (__u8)(~XT_DSCP_MASK),
64				    dinfo->dscp << XT_DSCP_SHIFT);
65	}
66	return XT_CONTINUE;
67}
68
69static int checkentry(const char *tablename,
70		      const void *e_void,
71		      const struct xt_target *target,
72		      void *targinfo,
73		      unsigned int hook_mask)
74{
75	const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp;
76
77	if ((dscp > XT_DSCP_MAX)) {
78		printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
79		return 0;
80	}
81	return 1;
82}
83
84static struct xt_target xt_dscp_target[] = {
85	{
86		.name		= "DSCP",
87		.family		= AF_INET,
88		.checkentry	= checkentry,
89		.target		= target,
90		.targetsize	= sizeof(struct xt_DSCP_info),
91		.table		= "mangle",
92		.me		= THIS_MODULE,
93	},
94	{
95		.name		= "DSCP",
96		.family		= AF_INET6,
97		.checkentry	= checkentry,
98		.target		= target6,
99		.targetsize	= sizeof(struct xt_DSCP_info),
100		.table		= "mangle",
101		.me		= THIS_MODULE,
102	},
103};
104
105static int __init xt_dscp_target_init(void)
106{
107	return xt_register_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
108}
109
110static void __exit xt_dscp_target_fini(void)
111{
112	xt_unregister_targets(xt_dscp_target, ARRAY_SIZE(xt_dscp_target));
113}
114
115module_init(xt_dscp_target_init);
116module_exit(xt_dscp_target_fini);
117