--- /dev/null
+#ifndef __LINUX_BRIDGE_EBT_PKTTYPE_H
+#define __LINUX_BRIDGE_EBT_PKTTYPE_H
+
+struct ebt_pkttype_info
+{
+ uint8_t pkt_type;
+ uint8_t invert;
+};
+#define EBT_PKTTYPE_MATCH "pkttype"
+
+#endif
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
-config BRIDGE_EBT_IPF
+config BRIDGE_EBT_IP
tristate "ebt: IP filter support"
depends on BRIDGE_NF_EBTABLES
help
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
-config BRIDGE_EBT_ARPF
+config BRIDGE_EBT_ARP
tristate "ebt: ARP filter support"
depends on BRIDGE_NF_EBTABLES
help
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
-config BRIDGE_EBT_VLANF
+config BRIDGE_EBT_VLAN
tristate "ebt: 802.1Q VLAN filter support"
depends on BRIDGE_NF_EBTABLES
help
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
-config BRIDGE_EBT_MARKF
+config BRIDGE_EBT_MARK
tristate "ebt: mark filter support"
depends on BRIDGE_NF_EBTABLES
help
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
+config BRIDGE_EBT_PKTTYPE
+ tristate "ebt: packet type filter support"
+ depends on BRIDGE_NF_EBTABLES
+ help
+ This option adds the packet type match, which allows matching on the
+ type of packet based on its Ethernet "class" (as determined by
+ the generic networking code): broadcast, multicast,
+ for this host alone or for another host.
+
+ If you want to compile it as a module, say M here and read
+ <file:Documentation/modules.txt>. If unsure, say `N'.
+
config BRIDGE_EBT_SNAT
tristate "ebt: snat target support"
depends on BRIDGE_NF_EBTABLES
obj-$(CONFIG_BRIDGE_EBT_T_FILTER) += ebtable_filter.o
obj-$(CONFIG_BRIDGE_EBT_T_NAT) += ebtable_nat.o
obj-$(CONFIG_BRIDGE_EBT_BROUTE) += ebtable_broute.o
-obj-$(CONFIG_BRIDGE_EBT_IPF) += ebt_ip.o
-obj-$(CONFIG_BRIDGE_EBT_ARPF) += ebt_arp.o
-obj-$(CONFIG_BRIDGE_EBT_VLANF) += ebt_vlan.o
-obj-$(CONFIG_BRIDGE_EBT_MARKF) += ebt_mark_m.o
+obj-$(CONFIG_BRIDGE_EBT_IP) += ebt_ip.o
+obj-$(CONFIG_BRIDGE_EBT_ARP) += ebt_arp.o
+obj-$(CONFIG_BRIDGE_EBT_VLAN) += ebt_vlan.o
+obj-$(CONFIG_BRIDGE_EBT_MARK) += ebt_mark_m.o
+obj-$(CONFIG_BRIDGE_EBT_PKTTYPE) += ebt_pkttype.o
obj-$(CONFIG_BRIDGE_EBT_LOG) += ebt_log.o
obj-$(CONFIG_BRIDGE_EBT_SNAT) += ebt_snat.o
obj-$(CONFIG_BRIDGE_EBT_DNAT) += ebt_dnat.o
--- /dev/null
+/*
+ * ebt_pkttype
+ *
+ * Authors:
+ * Bart De Schuymer <bdschuym@pandora.be>
+ *
+ * April, 2003
+ *
+ */
+
+#include <linux/netfilter_bridge/ebtables.h>
+#include <linux/netfilter_bridge/ebt_pkttype.h>
+#include <linux/module.h>
+
+static int ebt_filter_pkttype(const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const void *data,
+ unsigned int datalen)
+{
+ struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data;
+
+ return (skb->pkt_type != info->pkt_type) ^ info->invert;
+}
+
+static int ebt_pkttype_check(const char *tablename, unsigned int hookmask,
+ const struct ebt_entry *e, void *data, unsigned int datalen)
+{
+ struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data;
+
+ if (datalen != sizeof(struct ebt_pkttype_info))
+ return -EINVAL;
+ if (info->invert != 0 && info->invert != 1)
+ return -EINVAL;
+ /* Allow any pkt_type value */
+ return 0;
+}
+
+static struct ebt_match filter_pkttype =
+{
+ .name = EBT_PKTTYPE_MATCH,
+ .match = ebt_filter_pkttype,
+ .check = ebt_pkttype_check,
+ .me = THIS_MODULE,
+};
+
+static int __init init(void)
+{
+ return ebt_register_match(&filter_pkttype);
+}
+
+static void __exit fini(void)
+{
+ ebt_unregister_match(&filter_pkttype);
+}
+
+module_init(init);
+module_exit(fini);
+MODULE_LICENSE("GPL");
projects / history.git / commitdiff