diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/xt_iprange.c | 45 |
1 files changed, 2 insertions, 43 deletions
diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c index 501f9b623188..ffc96387d556 100644 --- a/net/netfilter/xt_iprange.c +++ b/net/netfilter/xt_iprange.c | |||
@@ -14,40 +14,6 @@ | |||
14 | #include <linux/ipv6.h> | 14 | #include <linux/ipv6.h> |
15 | #include <linux/netfilter/x_tables.h> | 15 | #include <linux/netfilter/x_tables.h> |
16 | #include <linux/netfilter/xt_iprange.h> | 16 | #include <linux/netfilter/xt_iprange.h> |
17 | #include <linux/netfilter_ipv4/ipt_iprange.h> | ||
18 | |||
19 | static bool | ||
20 | iprange_mt_v0(const struct sk_buff *skb, const struct xt_match_param *par) | ||
21 | { | ||
22 | const struct ipt_iprange_info *info = par->matchinfo; | ||
23 | const struct iphdr *iph = ip_hdr(skb); | ||
24 | |||
25 | if (info->flags & IPRANGE_SRC) { | ||
26 | if ((ntohl(iph->saddr) < ntohl(info->src.min_ip) | ||
27 | || ntohl(iph->saddr) > ntohl(info->src.max_ip)) | ||
28 | ^ !!(info->flags & IPRANGE_SRC_INV)) { | ||
29 | pr_debug("src IP %pI4 NOT in range %s%pI4-%pI4\n", | ||
30 | &iph->saddr, | ||
31 | info->flags & IPRANGE_SRC_INV ? "(INV) " : "", | ||
32 | &info->src.min_ip, | ||
33 | &info->src.max_ip); | ||
34 | return false; | ||
35 | } | ||
36 | } | ||
37 | if (info->flags & IPRANGE_DST) { | ||
38 | if ((ntohl(iph->daddr) < ntohl(info->dst.min_ip) | ||
39 | || ntohl(iph->daddr) > ntohl(info->dst.max_ip)) | ||
40 | ^ !!(info->flags & IPRANGE_DST_INV)) { | ||
41 | pr_debug("dst IP %pI4 NOT in range %s%pI4-%pI4\n", | ||
42 | &iph->daddr, | ||
43 | info->flags & IPRANGE_DST_INV ? "(INV) " : "", | ||
44 | &info->dst.min_ip, | ||
45 | &info->dst.max_ip); | ||
46 | return false; | ||
47 | } | ||
48 | } | ||
49 | return true; | ||
50 | } | ||
51 | 17 | ||
52 | static bool | 18 | static bool |
53 | iprange_mt4(const struct sk_buff *skb, const struct xt_match_param *par) | 19 | iprange_mt4(const struct sk_buff *skb, const struct xt_match_param *par) |
@@ -127,14 +93,6 @@ iprange_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
127 | static struct xt_match iprange_mt_reg[] __read_mostly = { | 93 | static struct xt_match iprange_mt_reg[] __read_mostly = { |
128 | { | 94 | { |
129 | .name = "iprange", | 95 | .name = "iprange", |
130 | .revision = 0, | ||
131 | .family = NFPROTO_IPV4, | ||
132 | .match = iprange_mt_v0, | ||
133 | .matchsize = sizeof(struct ipt_iprange_info), | ||
134 | .me = THIS_MODULE, | ||
135 | }, | ||
136 | { | ||
137 | .name = "iprange", | ||
138 | .revision = 1, | 96 | .revision = 1, |
139 | .family = NFPROTO_IPV4, | 97 | .family = NFPROTO_IPV4, |
140 | .match = iprange_mt4, | 98 | .match = iprange_mt4, |
@@ -164,7 +122,8 @@ static void __exit iprange_mt_exit(void) | |||
164 | module_init(iprange_mt_init); | 122 | module_init(iprange_mt_init); |
165 | module_exit(iprange_mt_exit); | 123 | module_exit(iprange_mt_exit); |
166 | MODULE_LICENSE("GPL"); | 124 | MODULE_LICENSE("GPL"); |
167 | MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>, Jan Engelhardt <jengelh@computergmbh.de>"); | 125 | MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); |
126 | MODULE_AUTHOR("Jan Engelhardt <jengelh@medozas.de>"); | ||
168 | MODULE_DESCRIPTION("Xtables: arbitrary IPv4 range matching"); | 127 | MODULE_DESCRIPTION("Xtables: arbitrary IPv4 range matching"); |
169 | MODULE_ALIAS("ipt_iprange"); | 128 | MODULE_ALIAS("ipt_iprange"); |
170 | MODULE_ALIAS("ip6t_iprange"); | 129 | MODULE_ALIAS("ip6t_iprange"); |