5 * Song Wang <songw@broadcom.com>
11 // The ftos target can be used in any chain
12 #include <linux/module.h>
13 #include <linux/skbuff.h>
15 #include <net/checksum.h>
16 #include <linux/if_vlan.h>
17 #include <linux/netfilter_bridge/ebtables.h>
18 #include <linux/netfilter_bridge/ebt_ftos_t.h>
21 static int ebt_target_ftos(struct sk_buff **pskb, unsigned int hooknr,
22 const struct net_device *in, const struct net_device *out,
23 const void *data, unsigned int datalen)
25 struct ebt_ftos_t_info *ftosinfo = (struct ebt_ftos_t_info *)data;
28 /* if VLAN frame, we need to point to correct network header */
29 if ((*pskb)->protocol == __constant_htons(ETH_P_8021Q))
30 iph = (struct iphdr *)((*pskb)->nh.raw + VLAN_HLEN);
32 iph = (*pskb)->nh.iph;
34 if (iph->tos != ftosinfo->ftos) {
35 /* Need to recalculate IP header checksum after altering TOS byte */
38 /* raw socket (tcpdump) may have clone of incoming
39 skb: don't disturb it --RR */
40 if (skb_cloned(*pskb) && !(*pskb)->sk) {
41 struct sk_buff *nskb = skb_copy(*pskb, GFP_ATOMIC);
46 if ((*pskb)->protocol == __constant_htons(ETH_P_8021Q))
47 iph = (struct iphdr *)((*pskb)->nh.raw + VLAN_HLEN);
49 iph = (*pskb)->nh.iph;
53 diffs[0] = htons(iph->tos) ^ 0xFFFF;
54 iph->tos = ftosinfo->ftos;
55 diffs[1] = htons(iph->tos);
56 iph->check = csum_fold(csum_partial((char *)diffs,
59 (*pskb)->nfcache |= NFC_ALTERED;
61 return ftosinfo->target;
64 static int ebt_target_ftos_check(const char *tablename, unsigned int hookmask,
65 const struct ebt_entry *e, void *data, unsigned int datalen)
67 struct ebt_ftos_t_info *info = (struct ebt_ftos_t_info *)data;
69 if (datalen != sizeof(struct ebt_ftos_t_info))
71 if (BASE_CHAIN && info->target == EBT_RETURN)
79 static struct ebt_target ftos_target =
81 .name = EBT_FTOS_TARGET,
82 .target = ebt_target_ftos,
83 .check = ebt_target_ftos_check,
87 static int __init init(void)
89 return ebt_register_target(&ftos_target);
92 static void __exit fini(void)
94 ebt_unregister_target(&ftos_target);
99 MODULE_LICENSE("GPL");
100 MODULE_AUTHOR("Song Wang, songw@broadcom.com");
101 MODULE_DESCRIPTION("Target to overwrite the full TOS byte in IP header");