extensions/libipt_ttl.c

   1 /* Shared library add-on to iptables to add TTL matching support
   2  * (C) 2000 by Harald Welte <laforge@gnumonks.org>
   3  *
   4  * $Id$
   5  *
   6  * This program is released under the terms of GNU GPL */
   7
   8 #include <stdio.h>
   9 #include <stdlib.h>
  10 #include <string.h>
  11 #include <getopt.h>
  12 #include <xtables.h>
  13
  14 #include <linux/netfilter_ipv4/ipt_ttl.h>
  15
  16 static void ttl_help(void)
  17 {
  18         printf(
  19 "ttl match options:\n"
  20 "  --ttl-eq value       Match time to live value\n"
  21 "  --ttl-lt value       Match TTL < value\n"
  22 "  --ttl-gt value       Match TTL > value\n");
  23 }
  24
  25 static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
  26                      const void *entry, struct xt_entry_match **match)
  27 {
  28         struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
  29         unsigned int value;
  30
  31         xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  32
  33         switch (c) {
  34                 case '2':
  35                         if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
  36                                 xtables_error(PARAMETER_PROBLEM,
  37                                            "ttl: Expected value between 0 and 255");
  38
  39                         if (invert)
  40                                 info->mode = IPT_TTL_NE;
  41                         else
  42                                 info->mode = IPT_TTL_EQ;
  43
  44                         /* is 0 allowed? */
  45                         info->ttl = value;
  46                         break;
  47                 case '3':
  48                         if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
  49                                 xtables_error(PARAMETER_PROBLEM,
  50                                            "ttl: Expected value between 0 and 255");
  51
  52                         if (invert)
  53                                 xtables_error(PARAMETER_PROBLEM,
  54                                                 "ttl: unexpected `!'");
  55
  56                         info->mode = IPT_TTL_LT;
  57                         info->ttl = value;
  58                         break;
  59                 case '4':
  60                         if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
  61                                 xtables_error(PARAMETER_PROBLEM,
  62                                            "ttl: Expected value between 0 and 255");
  63
  64                         if (invert)
  65                                 xtables_error(PARAMETER_PROBLEM,
  66                                                 "ttl: unexpected `!'");
  67
  68                         info->mode = IPT_TTL_GT;
  69                         info->ttl = value;
  70                         break;
  71                 default:
  72                         return 0;
  73
  74         }
  75
  76         if (*flags)
  77                 xtables_error(PARAMETER_PROBLEM,
  78                                 "Can't specify TTL option twice");
  79         *flags = 1;
  80
  81         return 1;
  82 }
  83
  84 static void ttl_check(unsigned int flags)
  85 {
  86         if (!flags)
  87                 xtables_error(PARAMETER_PROBLEM,
  88                         "TTL match: You must specify one of "
  89                         "`--ttl-eq', `--ttl-lt', `--ttl-gt");
  90 }
  91
  92 static void ttl_print(const void *ip, const struct xt_entry_match *match,
  93                       int numeric)
  94 {
  95         const struct ipt_ttl_info *info =
  96                 (struct ipt_ttl_info *) match->data;
  97
  98         printf("TTL match ");
  99         switch (info->mode) {
 100                 case IPT_TTL_EQ:
 101                         printf("TTL == ");
 102                         break;
 103                 case IPT_TTL_NE:
 104                         printf("TTL != ");
 105                         break;
 106                 case IPT_TTL_LT:
 107                         printf("TTL < ");
 108                         break;
 109                 case IPT_TTL_GT:
 110                         printf("TTL > ");
 111                         break;
 112         }
 113         printf("%u ", info->ttl);
 114 }
 115
 116 static void ttl_save(const void *ip, const struct xt_entry_match *match)
 117 {
 118         const struct ipt_ttl_info *info =
 119                 (struct ipt_ttl_info *) match->data;
 120
 121         switch (info->mode) {
 122                 case IPT_TTL_EQ:
 123                         printf("--ttl-eq ");
 124                         break;
 125                 case IPT_TTL_NE:
 126                         printf("! --ttl-eq ");
 127                         break;
 128                 case IPT_TTL_LT:
 129                         printf("--ttl-lt ");
 130                         break;
 131                 case IPT_TTL_GT:
 132                         printf("--ttl-gt ");
 133                         break;
 134                 default:
 135                         /* error */
 136                         break;
 137         }
 138         printf("%u ", info->ttl);
 139 }
 140
 141 static const struct option ttl_opts[] = {
 142         { "ttl", 1, NULL, '2' },
 143         { "ttl-eq", 1, NULL, '2'},
 144         { "ttl-lt", 1, NULL, '3'},
 145         { "ttl-gt", 1, NULL, '4'},
 146         { .name = NULL }
 147 };
 148
 149 static struct xtables_match ttl_mt_reg = {
 150         .name           = "ttl",
 151         .version        = XTABLES_VERSION,
 152         .family         = NFPROTO_IPV4,
 153         .size           = XT_ALIGN(sizeof(struct ipt_ttl_info)),
 154         .userspacesize  = XT_ALIGN(sizeof(struct ipt_ttl_info)),
 155         .help           = ttl_help,
 156         .parse          = ttl_parse,
 157         .final_check    = ttl_check,
 158         .print          = ttl_print,
 159         .save           = ttl_save,
 160         .extra_opts     = ttl_opts,
 161 };
 162
 163
 164 void _init(void)
 165 {
 166         xtables_register_match(&ttl_mt_reg);
 167 }