/release/src/router/iptables/extensions/libipt_ECN.c

https://gitlab.com/envieidoc/tomato · C · 185 lines · 151 code · 22 blank · 12 comment · 29 complexity · 1e62024c1b906ea6e9a4672cca18157a MD5 · raw file 

    

  1. /* Shared library add-on to iptables for ECN, $Version$
    2. 

  2.  *
    3. 

  3.  * (C) 2002 by Harald Welte <laforge@gnumonks.org>
    4. 

  4.  *
    5. 

  5.  * This program is distributed under the terms of GNU GPL v2, 1991
    6. 

  6.  *
    7. 

  7.  * libipt_ECN.c borrowed heavily from libipt_DSCP.c
    8. 

  8.  *
    9. 

  9.  * $Id: libipt_ECN.c 3507 2004-12-28 13:11:59Z /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org $
    10. 

  10.  */
    11. 

  11. #include <stdio.h>
    12. 

  12. #include <string.h>
    13. 

  13. #include <stdlib.h>
    14. 

  14. #include <getopt.h>
    15. 

  15. 

  16. #include <iptables.h>
    17. 

  17. #include <linux/netfilter_ipv4/ip_tables.h>
    18. 

  18. #include <linux/netfilter_ipv4/ipt_ECN.h>
    19. 

  19. 

  20. static void init(struct ipt_entry_target *t, unsigned int *nfcache) 
    21. 

  21. {
    22. 

  22. }
    23. 

  23. 

  24. static void help(void) 
    25. 

  25. {
    26. 

  26. 	printf(
    27. 

  27. "ECN target v%s options\n"
    28. 

  28. "  --ecn-tcp-remove		Remove all ECN bits from TCP header\n",
    29. 

  29. 		IPTABLES_VERSION);
    30. 

  30. }
    31. 

  31. 

  32. #if 0
    33. 

  33. "ECN target v%s EXPERIMENTAL options (use with extreme care!)\n"
    34. 

  34. "  --ecn-ip-ect			Set the IPv4 ECT codepoint (0 to 3)\n"
    35. 

  35. "  --ecn-tcp-cwr		Set the IPv4 CWR bit (0 or 1)\n"
    36. 

  36. "  --ecn-tcp-ece		Set the IPv4 ECE bit (0 or 1)\n",
    37. 

  37. #endif
    38. 

  38. 

  39. 

  40. static struct option opts[] = {
    41. 

  41. 	{ "ecn-tcp-remove", 0, 0, 'F' },
    42. 

  42. 	{ "ecn-tcp-cwr", 1, 0, 'G' },
    43. 

  43. 	{ "ecn-tcp-ece", 1, 0, 'H' },
    44. 

  44. 	{ "ecn-ip-ect", 1, 0, '9' },
    45. 

  45. 	{ 0 }
    46. 

  46. };
    47. 

  47. 

  48. static int
    49. 

  49. parse(int c, char **argv, int invert, unsigned int *flags,
    50. 

  50.       const struct ipt_entry *entry,
    51. 

  51.       struct ipt_entry_target **target)
    52. 

  52. {
    53. 

  53. 	unsigned int result;
    54. 

  54. 	struct ipt_ECN_info *einfo
    55. 

  55. 		= (struct ipt_ECN_info *)(*target)->data;
    56. 

  56. 

  57. 	switch (c) {
    58. 

  58. 	case 'F':
    59. 

  59. 		if (*flags)
    60. 

  60. 			exit_error(PARAMETER_PROBLEM,
    61. 

  61. 			        "ECN target: Only use --ecn-tcp-remove ONCE!");
    62. 

  62. 		einfo->operation = IPT_ECN_OP_SET_ECE | IPT_ECN_OP_SET_CWR;
    63. 

  63. 		einfo->proto.tcp.ece = 0;
    64. 

  64. 		einfo->proto.tcp.cwr = 0;
    65. 

  65. 		*flags = 1;
    66. 

  66. 		break;
    67. 

  67. 	case 'G':
    68. 

  68. 		if (*flags & IPT_ECN_OP_SET_CWR)
    69. 

  69. 			exit_error(PARAMETER_PROBLEM,
    70. 

  70. 				"ECN target: Only use --ecn-tcp-cwr ONCE!");
    71. 

  71. 		if (string_to_number(optarg, 0, 1, &result))
    72. 

  72. 			exit_error(PARAMETER_PROBLEM,
    73. 

  73. 				   "ECN target: Value out of range");
    74. 

  74. 		einfo->operation |= IPT_ECN_OP_SET_CWR;
    75. 

  75. 		einfo->proto.tcp.cwr = result;
    76. 

  76. 		*flags |= IPT_ECN_OP_SET_CWR;
    77. 

  77. 		break;
    78. 

  78. 	case 'H':
    79. 

  79. 		if (*flags & IPT_ECN_OP_SET_ECE)
    80. 

  80. 			exit_error(PARAMETER_PROBLEM,
    81. 

  81. 				"ECN target: Only use --ecn-tcp-ece ONCE!");
    82. 

  82. 		if (string_to_number(optarg, 0, 1, &result))
    83. 

  83. 			exit_error(PARAMETER_PROBLEM,
    84. 

  84. 				   "ECN target: Value out of range");
    85. 

  85. 		einfo->operation |= IPT_ECN_OP_SET_ECE;
    86. 

  86. 		einfo->proto.tcp.ece = result;
    87. 

  87. 		*flags |= IPT_ECN_OP_SET_ECE;
    88. 

  88. 		break;
    89. 

  89. 	case '9':
    90. 

  90. 		if (*flags & IPT_ECN_OP_SET_IP)
    91. 

  91. 			exit_error(PARAMETER_PROBLEM,
    92. 

  92. 				"ECN target: Only use --ecn-ip-ect ONCE!");
    93. 

  93. 		if (string_to_number(optarg, 0, 3, &result))
    94. 

  94. 			exit_error(PARAMETER_PROBLEM,
    95. 

  95. 				   "ECN target: Value out of range");
    96. 

  96. 		einfo->operation |= IPT_ECN_OP_SET_IP;
    97. 

  97. 		einfo->ip_ect = result;
    98. 

  98. 		*flags |= IPT_ECN_OP_SET_IP;
    99. 

  99. 		break;
    100. 

  100. 	default:
    101. 

  101. 		return 0;
    102. 

  102. 	}
    103. 

  103. 

  104. 	return 1;
    105. 

  105. }
    106. 

  106. 

  107. static void
    108. 

  108. final_check(unsigned int flags)
    109. 

  109. {
    110. 

  110. 	if (!flags)
    111. 

  111. 		exit_error(PARAMETER_PROBLEM,
    112. 

  112. 		           "ECN target: Parameter --ecn-tcp-remove is required");
    113. 

  113. }
    114. 

  114. 

  115. /* Prints out the targinfo. */
    116. 

  116. static void
    117. 

  117. print(const struct ipt_ip *ip,
    118. 

  118.       const struct ipt_entry_target *target,
    119. 

  119.       int numeric)
    120. 

  120. {
    121. 

  121. 	const struct ipt_ECN_info *einfo =
    122. 

  122. 		(const struct ipt_ECN_info *)target->data;
    123. 

  123. 

  124. 	printf("ECN ");
    125. 

  125. 

  126. 	if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)
    127. 

  127. 	    && einfo->proto.tcp.ece == 0
    128. 

  128. 	    && einfo->proto.tcp.cwr == 0)
    129. 

  129. 		printf("TCP remove ");
    130. 

  130. 	else {
    131. 

  131. 		if (einfo->operation & IPT_ECN_OP_SET_ECE)
    132. 

  132. 			printf("ECE=%u ", einfo->proto.tcp.ece);
    133. 

  133. 

  134. 		if (einfo->operation & IPT_ECN_OP_SET_CWR)
    135. 

  135. 			printf("CWR=%u ", einfo->proto.tcp.cwr);
    136. 

  136. 

  137. 		if (einfo->operation & IPT_ECN_OP_SET_IP)
    138. 

  138. 			printf("ECT codepoint=%u ", einfo->ip_ect);
    139. 

  139. 	}
    140. 

  140. }
    141. 

  141. 

  142. /* Saves the union ipt_targinfo in parsable form to stdout. */
    143. 

  143. static void
    144. 

  144. save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
    145. 

  145. {
    146. 

  146. 	const struct ipt_ECN_info *einfo =
    147. 

  147. 		(const struct ipt_ECN_info *)target->data;
    148. 

  148. 

  149. 	if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)
    150. 

  150. 	    && einfo->proto.tcp.ece == 0
    151. 

  151. 	    && einfo->proto.tcp.cwr == 0)
    152. 

  152. 		printf("--ecn-tcp-remove ");
    153. 

  153. 	else {
    154. 

  154. 

  155. 		if (einfo->operation & IPT_ECN_OP_SET_ECE)
    156. 

  156. 			printf("--ecn-tcp-ece %d ", einfo->proto.tcp.ece);
    157. 

  157. 

  158. 		if (einfo->operation & IPT_ECN_OP_SET_CWR)
    159. 

  159. 			printf("--ecn-tcp-cwr %d ", einfo->proto.tcp.cwr);
    160. 

  160. 

  161. 		if (einfo->operation & IPT_ECN_OP_SET_IP)
    162. 

  162. 			printf("--ecn-ip-ect %d ", einfo->ip_ect);
    163. 

  163. 	}
    164. 

  164. }
    165. 

  165. 

  166. static
    167. 

  167. struct iptables_target ecn = { 
    168. 

  168. 	.next		= NULL,
    169. 

  169. 	.name		= "ECN",
    170. 

  170. 	.version	= IPTABLES_VERSION,
    171. 

  171. 	.size		= IPT_ALIGN(sizeof(struct ipt_ECN_info)),
    172. 

  172. 	.userspacesize	= IPT_ALIGN(sizeof(struct ipt_ECN_info)),
    173. 

  173. 	.help		= &help,
    174. 

  174. 	.init		= &init,
    175. 

  175. 	.parse		= &parse,
    176. 

  176. 	.final_check	= &final_check,
    177. 

  177. 	.print		= &print,
    178. 

  178. 	.save		= &save,
    179. 

  179. 	.extra_opts	= opts
    180. 

  180. };
    181. 

  181. 

  182. void _init(void)
    183. 

  183. {
    184. 

  184. 	register_target(&ecn);
    185. 

  185. }
    186.