[NETFILTER]: x_tables: replace IPv4 DSCP target by address family independent version

This replaces IPv4 DSCP target by address family independent version. This also - utilizes dsfield.h to get/mangle DS field in IPv4/IPv6 header - fixes Kconfig help text. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> 2006-08-22 03:30:26 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2006-09-22 17:55:22 -0400
commit: a468701db58a8b3e08e3f55fa6ac66db42014922 (patch)
tree: 7b4b0fe62a7d15eae25b3013fd3ecaf13bce5028 /net/ipv4
parent: 9ba1627617d396135a4d679542a3623d5819e628 (diff)
3 files changed, 0 insertions, 108 deletions
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig
index d88d71d1ce0d..a55b8ff70ded 100644
--- a/net/ipv4/netfilter/Kconfig
+++ b/net/ipv4/netfilter/Kconfig
@@ -557,17 +557,6 @@ config IP_NF_TARGET_ECN
          To compile it as a module, choose M here.  If unsure, say N.
-config IP_NF_TARGET_DSCP
-        tristate "DSCP target support"
-        depends on IP_NF_MANGLE
-        help
-          This option adds a `DSCP' match, which allows you to match against
-          the IPv4 header DSCP field (DSCP codepoint).
-          The DSCP codepoint can have any value between 0x0 and 0x4f.
-          To compile it as a module, choose M here.  If unsure, say N.
 config IP_NF_TARGET_TTL
        tristate  'TTL target support'
        depends on IP_NF_MANGLE
diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile
index b946b0f3ea9d..09aaed1a8063 100644
--- a/net/ipv4/netfilter/Makefile
+++ b/net/ipv4/netfilter/Makefile
@@ -67,7 +67,6 @@ obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
-obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o
 obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
 obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
 obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
diff --git a/net/ipv4/netfilter/ipt_DSCP.c b/net/ipv4/netfilter/ipt_DSCP.c
deleted file mode 100644
index c8e971288dfe..000000000000
--- a/net/ipv4/netfilter/ipt_DSCP.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* iptables module for setting the IPv4 DSCP field, Version 1.8
- *
- * (C) 2002 by Harald Welte <laforge@netfilter.org>
- * based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2 as 
- * published by the Free Software Foundation.
- * 
- * See RFC2474 for a description of the DSCP field within the IP Header.
- *
- * ipt_DSCP.c,v 1.8 2002/08/06 18:41:57 laforge Exp
-*/
-#include <linux/module.h>
-#include <linux/skbuff.h>
-#include <linux/ip.h>
-#include <net/checksum.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <linux/netfilter_ipv4/ipt_DSCP.h>
-MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
-MODULE_DESCRIPTION("iptables DSCP modification module");
-MODULE_LICENSE("GPL");
-static unsigned int
-target(struct sk_buff **pskb,
-       const struct net_device *in,
-       const struct net_device *out,
-       unsigned int hooknum,
-       const struct xt_target *target,
-       const void *targinfo,
-       void *userinfo)
-{
-        const struct ipt_DSCP_info *dinfo = targinfo;
-        u_int8_t sh_dscp = ((dinfo->dscp << IPT_DSCP_SHIFT) & IPT_DSCP_MASK);
-        if (((*pskb)->nh.iph->tos & IPT_DSCP_MASK) != sh_dscp) {
-                u_int16_t diffs[2];
-                if (!skb_make_writable(pskb, sizeof(struct iphdr)))
-                        return NF_DROP;
-                diffs[0] = htons((*pskb)->nh.iph->tos) ^ 0xFFFF;
-                (*pskb)->nh.iph->tos = ((*pskb)->nh.iph->tos & ~IPT_DSCP_MASK)
-                        | sh_dscp;
-                diffs[1] = htons((*pskb)->nh.iph->tos);
-                (*pskb)->nh.iph->check
-                        = csum_fold(csum_partial((char *)diffs,
-                                                 sizeof(diffs),
-                                                 (*pskb)->nh.iph->check
-                                                 ^ 0xFFFF));
-        }
-        return IPT_CONTINUE;
-}
-static int
-checkentry(const char *tablename,
-           const void *e_void,
-           const struct xt_target *target,
-           void *targinfo,
-           unsigned int targinfosize,
-           unsigned int hook_mask)
-{
-        const u_int8_t dscp = ((struct ipt_DSCP_info *)targinfo)->dscp;
-        if ((dscp > IPT_DSCP_MAX)) {
-                printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
-                return 0;
-        }
-        return 1;
-}
-static struct ipt_target ipt_dscp_reg = {
-        .name           = "DSCP",
-        .target         = target,
-        .targetsize     = sizeof(struct ipt_DSCP_info),
-        .table          = "mangle",
-        .checkentry     = checkentry,
-        .me             = THIS_MODULE,
-};
-static int __init ipt_dscp_init(void)
-{
-        return ipt_register_target(&ipt_dscp_reg);
-}
-static void __exit ipt_dscp_fini(void)
-{
-        ipt_unregister_target(&ipt_dscp_reg);
-}
-module_init(ipt_dscp_init);
-module_exit(ipt_dscp_fini);
author	Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>	2006-08-22 03:30:26 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2006-09-22 17:55:22 -0400
commit	a468701db58a8b3e08e3f55fa6ac66db42014922 (patch)
tree	7b4b0fe62a7d15eae25b3013fd3ecaf13bce5028 /net/ipv4
parent	9ba1627617d396135a4d679542a3623d5819e628 (diff)

diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index d88d71d1ce0d..a55b8ff70ded 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig
@@ -557,17 +557,6 @@ config IP_NF_TARGET_ECN
557		557
558	To compile it as a module, choose M here. If unsure, say N.	558	To compile it as a module, choose M here. If unsure, say N.
559		559
560	config IP_NF_TARGET_DSCP
561	tristate "DSCP target support"
562	depends on IP_NF_MANGLE
563	help
564	This option adds a `DSCP' match, which allows you to match against
565	the IPv4 header DSCP field (DSCP codepoint).
566
567	The DSCP codepoint can have any value between 0x0 and 0x4f.
568
569	To compile it as a module, choose M here. If unsure, say N.
570
571	config IP_NF_TARGET_TTL	560	config IP_NF_TARGET_TTL
572	tristate 'TTL target support'	561	tristate 'TTL target support'
573	depends on IP_NF_MANGLE	562	depends on IP_NF_MANGLE


diff --git a/net/ipv4/netfilter/Makefile b/net/ipv4/netfilter/Makefile index b946b0f3ea9d..09aaed1a8063 100644 --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile
@@ -67,7 +67,6 @@ obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
67	obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o	67	obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
68	obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o	68	obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
69	obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o	69	obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
70	obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o
71	obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o	70	obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
72	obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o	71	obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
73	obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o	72	obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o


diff --git a/net/ipv4/netfilter/ipt_DSCP.c b/net/ipv4/netfilter/ipt_DSCP.c deleted file mode 100644 index c8e971288dfe..000000000000 --- a/net/ipv4/netfilter/ipt_DSCP.c +++ /dev/null
@@ -1,96 +0,0 @@
1	/* iptables module for setting the IPv4 DSCP field, Version 1.8
2	*
3	* (C) 2002 by Harald Welte <laforge@netfilter.org>
4	* based on ipt_FTOS.c (C) 2000 by Matthew G. Marsh <mgm@paktronix.com>
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License version 2 as
8	* published by the Free Software Foundation.
9	*
10	* See RFC2474 for a description of the DSCP field within the IP Header.
11	*
12	* ipt_DSCP.c,v 1.8 2002/08/06 18:41:57 laforge Exp
13	*/
14
15	#include <linux/module.h>
16	#include <linux/skbuff.h>
17	#include <linux/ip.h>
18	#include <net/checksum.h>
19
20	#include <linux/netfilter_ipv4/ip_tables.h>
21	#include <linux/netfilter_ipv4/ipt_DSCP.h>
22
23	MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
24	MODULE_DESCRIPTION("iptables DSCP modification module");
25	MODULE_LICENSE("GPL");
26
27	static unsigned int
28	target(struct sk_buff **pskb,
29	const struct net_device *in,
30	const struct net_device *out,
31	unsigned int hooknum,
32	const struct xt_target *target,
33	const void *targinfo,
34	void *userinfo)
35	{
36	const struct ipt_DSCP_info *dinfo = targinfo;
37	u_int8_t sh_dscp = ((dinfo->dscp << IPT_DSCP_SHIFT) & IPT_DSCP_MASK);
38
39
40	if (((*pskb)->nh.iph->tos & IPT_DSCP_MASK) != sh_dscp) {
41	u_int16_t diffs[2];
42
43	if (!skb_make_writable(pskb, sizeof(struct iphdr)))
44	return NF_DROP;
45
46	diffs[0] = htons((*pskb)->nh.iph->tos) ^ 0xFFFF;
47	(pskb)->nh.iph->tos = ((pskb)->nh.iph->tos & ~IPT_DSCP_MASK)
48	\| sh_dscp;
49	diffs[1] = htons((*pskb)->nh.iph->tos);
50	(*pskb)->nh.iph->check
51	= csum_fold(csum_partial((char *)diffs,
52	sizeof(diffs),
53	(*pskb)->nh.iph->check
54	^ 0xFFFF));
55	}
56	return IPT_CONTINUE;
57	}
58
59	static int
60	checkentry(const char *tablename,
61	const void *e_void,
62	const struct xt_target *target,
63	void *targinfo,
64	unsigned int targinfosize,
65	unsigned int hook_mask)
66	{
67	const u_int8_t dscp = ((struct ipt_DSCP_info *)targinfo)->dscp;
68
69	if ((dscp > IPT_DSCP_MAX)) {
70	printk(KERN_WARNING "DSCP: dscp %x out of range\n", dscp);
71	return 0;
72	}
73	return 1;
74	}
75
76	static struct ipt_target ipt_dscp_reg = {
77	.name = "DSCP",
78	.target = target,
79	.targetsize = sizeof(struct ipt_DSCP_info),
80	.table = "mangle",
81	.checkentry = checkentry,
82	.me = THIS_MODULE,
83	};
84
85	static int __init ipt_dscp_init(void)
86	{
87	return ipt_register_target(&ipt_dscp_reg);
88	}
89
90	static void __exit ipt_dscp_fini(void)
91	{
92	ipt_unregister_target(&ipt_dscp_reg);
93	}
94
95	module_init(ipt_dscp_init);
96	module_exit(ipt_dscp_fini);