1 2 /* 3 * Copyright (c) 2013 Patrick McHardy <kaber (at) trash.net> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 */ 9 10 #include <stdbool.h> 11 #include <stdio.h> 12 #include <xtables.h> 13 #include <linux/netfilter/xt_SYNPROXY.h> 14 15 enum { 16 O_SACK_PERM = 0, 17 O_TIMESTAMP, 18 O_WSCALE, 19 O_MSS, 20 O_ECN, 21 }; 22 23 static void SYNPROXY_help(void) 24 { 25 printf( 26 "SYNPROXY target options:\n" 27 " --sack-perm Set SACK_PERM\n" 28 " --timestamp Set TIMESTAMP\n" 29 " --wscale value Set window scaling factor\n" 30 " --mss value Set MSS value\n" 31 " --ecn Set ECN\n"); 32 } 33 34 static const struct xt_option_entry SYNPROXY_opts[] = { 35 {.name = "sack-perm", .id = O_SACK_PERM, .type = XTTYPE_NONE, }, 36 {.name = "timestamp", .id = O_TIMESTAMP, .type = XTTYPE_NONE, }, 37 {.name = "wscale", .id = O_WSCALE, .type = XTTYPE_UINT32, }, 38 {.name = "mss", .id = O_MSS, .type = XTTYPE_UINT32, }, 39 {.name = "ecn", .id = O_ECN, .type = XTTYPE_NONE, }, 40 XTOPT_TABLEEND, 41 }; 42 43 static void SYNPROXY_parse(struct xt_option_call *cb) 44 { 45 struct xt_synproxy_info *info = cb->data; 46 47 xtables_option_parse(cb); 48 switch (cb->entry->id) { 49 case O_SACK_PERM: 50 info->options |= XT_SYNPROXY_OPT_SACK_PERM; 51 break; 52 case O_TIMESTAMP: 53 info->options |= XT_SYNPROXY_OPT_TIMESTAMP; 54 break; 55 case O_WSCALE: 56 info->options |= XT_SYNPROXY_OPT_WSCALE; 57 info->wscale = cb->val.u32; 58 break; 59 case O_MSS: 60 info->options |= XT_SYNPROXY_OPT_MSS; 61 info->mss = cb->val.u32; 62 break; 63 case O_ECN: 64 info->options |= XT_SYNPROXY_OPT_ECN; 65 break; 66 } 67 } 68 69 static void SYNPROXY_check(struct xt_fcheck_call *cb) 70 { 71 } 72 73 static void SYNPROXY_print(const void *ip, const struct xt_entry_target *target, 74 int numeric) 75 { 76 const struct xt_synproxy_info *info = 77 (const struct xt_synproxy_info *)target->data; 78 79 printf(" SYNPROXY "); 80 if (info->options & XT_SYNPROXY_OPT_SACK_PERM) 81 printf("sack-perm "); 82 if (info->options & XT_SYNPROXY_OPT_TIMESTAMP) 83 printf("timestamp "); 84 if (info->options & XT_SYNPROXY_OPT_WSCALE) 85 printf("wscale %u ", info->wscale); 86 if (info->options & XT_SYNPROXY_OPT_MSS) 87 printf("mss %u ", info->mss); 88 if (info->options & XT_SYNPROXY_OPT_ECN) 89 printf("ecn "); 90 } 91 92 static void SYNPROXY_save(const void *ip, const struct xt_entry_target *target) 93 { 94 const struct xt_synproxy_info *info = 95 (const struct xt_synproxy_info *)target->data; 96 97 if (info->options & XT_SYNPROXY_OPT_SACK_PERM) 98 printf(" --sack-perm"); 99 if (info->options & XT_SYNPROXY_OPT_TIMESTAMP) 100 printf(" --timestamp"); 101 if (info->options & XT_SYNPROXY_OPT_WSCALE) 102 printf(" --wscale %u", info->wscale); 103 if (info->options & XT_SYNPROXY_OPT_MSS) 104 printf(" --mss %u", info->mss); 105 if (info->options & XT_SYNPROXY_OPT_ECN) 106 printf(" --ecn"); 107 } 108 109 static struct xtables_target synproxy_tg_reg = { 110 .family = NFPROTO_UNSPEC, 111 .name = "SYNPROXY", 112 .version = XTABLES_VERSION, 113 .revision = 0, 114 .size = XT_ALIGN(sizeof(struct xt_synproxy_info)), 115 .userspacesize = XT_ALIGN(sizeof(struct xt_synproxy_info)), 116 .help = SYNPROXY_help, 117 .print = SYNPROXY_print, 118 .save = SYNPROXY_save, 119 .x6_parse = SYNPROXY_parse, 120 .x6_fcheck = SYNPROXY_check, 121 .x6_options = SYNPROXY_opts, 122 }; 123 124 void _init(void) 125 { 126 xtables_register_target(&synproxy_tg_reg); 127 } 128
