~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/netfilter/xt_quota.c

Version: ~ [ linux-5.1-rc1 ] ~ [ linux-5.0.3 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.30 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.107 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.164 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.176 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.136 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.63 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.39.4 ] ~ [ linux-2.6.38.8 ] ~ [ linux-2.6.37.6 ] ~ [ linux-2.6.36.4 ] ~ [ linux-2.6.35.14 ] ~ [ linux-2.6.34.15 ] ~ [ linux-2.6.33.20 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * netfilter module to enforce network quotas
  3  *
  4  * Sam Johnston <samj@samj.net>
  5  */
  6 #include <linux/skbuff.h>
  7 #include <linux/slab.h>
  8 #include <linux/spinlock.h>
  9 
 10 #include <linux/netfilter/x_tables.h>
 11 #include <linux/netfilter/xt_quota.h>
 12 #include <linux/module.h>
 13 
 14 struct xt_quota_priv {
 15         spinlock_t      lock;
 16         uint64_t        quota;
 17 };
 18 
 19 MODULE_LICENSE("GPL");
 20 MODULE_AUTHOR("Sam Johnston <samj@samj.net>");
 21 MODULE_DESCRIPTION("Xtables: countdown quota match");
 22 MODULE_ALIAS("ipt_quota");
 23 MODULE_ALIAS("ip6t_quota");
 24 
 25 static bool
 26 quota_mt(const struct sk_buff *skb, struct xt_action_param *par)
 27 {
 28         struct xt_quota_info *q = (void *)par->matchinfo;
 29         struct xt_quota_priv *priv = q->master;
 30         bool ret = q->flags & XT_QUOTA_INVERT;
 31 
 32         spin_lock_bh(&priv->lock);
 33         if (priv->quota >= skb->len) {
 34                 priv->quota -= skb->len;
 35                 ret = !ret;
 36         } else {
 37                 /* we do not allow even small packets from now on */
 38                 priv->quota = 0;
 39         }
 40         spin_unlock_bh(&priv->lock);
 41 
 42         return ret;
 43 }
 44 
 45 static int quota_mt_check(const struct xt_mtchk_param *par)
 46 {
 47         struct xt_quota_info *q = par->matchinfo;
 48 
 49         if (q->flags & ~XT_QUOTA_MASK)
 50                 return -EINVAL;
 51 
 52         q->master = kmalloc(sizeof(*q->master), GFP_KERNEL);
 53         if (q->master == NULL)
 54                 return -ENOMEM;
 55 
 56         spin_lock_init(&q->master->lock);
 57         q->master->quota = q->quota;
 58         return 0;
 59 }
 60 
 61 static void quota_mt_destroy(const struct xt_mtdtor_param *par)
 62 {
 63         const struct xt_quota_info *q = par->matchinfo;
 64 
 65         kfree(q->master);
 66 }
 67 
 68 static struct xt_match quota_mt_reg __read_mostly = {
 69         .name       = "quota",
 70         .revision   = 0,
 71         .family     = NFPROTO_UNSPEC,
 72         .match      = quota_mt,
 73         .checkentry = quota_mt_check,
 74         .destroy    = quota_mt_destroy,
 75         .matchsize  = sizeof(struct xt_quota_info),
 76         .usersize   = offsetof(struct xt_quota_info, master),
 77         .me         = THIS_MODULE,
 78 };
 79 
 80 static int __init quota_mt_init(void)
 81 {
 82         return xt_register_match(&quota_mt_reg);
 83 }
 84 
 85 static void __exit quota_mt_exit(void)
 86 {
 87         xt_unregister_match(&quota_mt_reg);
 88 }
 89 
 90 module_init(quota_mt_init);
 91 module_exit(quota_mt_exit);
 92 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp