/* ipt_cs577.c */
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netfilter_ipv4/ip_tables.h>
static int match(const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const void *matchinfo,
int offset,
int *hotdrop)
{
struct iphdr *iph = skb->nh.iph;
printk(KERN_INFO "ipt_cs577: IN=%s OUT=%s TOS=0x%02X "
"TTL=%x SRC=%u.%u.%u.%u DST=%u.%u.%u.%u ID=%u\n",
in ? (char *)in : "", out ? (char *)out : "", iph->tos,
iph->ttl, NIPQUAD(iph->saddr), NIPQUAD(iph->daddr),
ntohs(iph->id));
return 1;
}
static int cs577_checkentry(const char *tablename,
const struct ipt_ip *ip,
void *matchinfo,
unsigned int matchsize,
unsigned int hook_mask)
{
if (hook_mask & ~((1 << NF_IP_LOCAL_IN) | (1 << NF_IP_LOCAL_OUT))) {
printk( "ipt_cs577: only valid with the FILTER table.\n");
return 0;
}
if (matchsize != 0) {
printk(KERN_ERR "ipt_cs577: matchsize differs\n");
return 0;
}
printk(KERN_INFO "ipt_cs577: Registered in the %s table, "
"hook=%x, proto=%u\n", tablename, hook_mask, ip->proto);
return 1;
}
static struct ipt_match cs577_match = {
.list = {NULL, NULL},
.name = "cs577",
.revision = 0,
.match = match,
.checkentry = cs577_checkentry,
.destroy = NULL,
.me = THIS_MODULE
};
static int __init init(void)
{
int val;
val = ipt_register_match(&cs577_match);
printk(KERN_INFO "ipt_cs577: init = %d\n", val);
return val;
}
static void __exit fini(void)
{
printk(KERN_INFO "ipt_cs577: exit!\n");
ipt_unregister_match(&cs577_match);
}
module_init(init);
module_exit(fini);
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Nicolas Bouliane && Samuel Jean");
MODULE_DESCRIPTION("netfilter module skeleton");