~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/netfilter/xt_rateest.c

Version: ~ [ linux-5.3 ] ~ [ linux-5.2.15 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.73 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.144 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.193 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.193 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.73 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * (C) 2007 Patrick McHardy <kaber@trash.net>
  3  *
  4  * This program is free software; you can redistribute it and/or modify
  5  * it under the terms of the GNU General Public License version 2 as
  6  * published by the Free Software Foundation.
  7  */
  8 #include <linux/module.h>
  9 #include <linux/skbuff.h>
 10 #include <linux/gen_stats.h>
 11 
 12 #include <linux/netfilter/x_tables.h>
 13 #include <linux/netfilter/xt_rateest.h>
 14 #include <net/netfilter/xt_rateest.h>
 15 
 16 
 17 static bool
 18 xt_rateest_mt(const struct sk_buff *skb, struct xt_action_param *par)
 19 {
 20         const struct xt_rateest_match_info *info = par->matchinfo;
 21         struct gnet_stats_rate_est64 *r;
 22         u_int32_t bps1, bps2, pps1, pps2;
 23         bool ret = true;
 24 
 25         spin_lock_bh(&info->est1->lock);
 26         r = &info->est1->rstats;
 27         if (info->flags & XT_RATEEST_MATCH_DELTA) {
 28                 bps1 = info->bps1 >= r->bps ? info->bps1 - r->bps : 0;
 29                 pps1 = info->pps1 >= r->pps ? info->pps1 - r->pps : 0;
 30         } else {
 31                 bps1 = r->bps;
 32                 pps1 = r->pps;
 33         }
 34         spin_unlock_bh(&info->est1->lock);
 35 
 36         if (info->flags & XT_RATEEST_MATCH_ABS) {
 37                 bps2 = info->bps2;
 38                 pps2 = info->pps2;
 39         } else {
 40                 spin_lock_bh(&info->est2->lock);
 41                 r = &info->est2->rstats;
 42                 if (info->flags & XT_RATEEST_MATCH_DELTA) {
 43                         bps2 = info->bps2 >= r->bps ? info->bps2 - r->bps : 0;
 44                         pps2 = info->pps2 >= r->pps ? info->pps2 - r->pps : 0;
 45                 } else {
 46                         bps2 = r->bps;
 47                         pps2 = r->pps;
 48                 }
 49                 spin_unlock_bh(&info->est2->lock);
 50         }
 51 
 52         switch (info->mode) {
 53         case XT_RATEEST_MATCH_LT:
 54                 if (info->flags & XT_RATEEST_MATCH_BPS)
 55                         ret &= bps1 < bps2;
 56                 if (info->flags & XT_RATEEST_MATCH_PPS)
 57                         ret &= pps1 < pps2;
 58                 break;
 59         case XT_RATEEST_MATCH_GT:
 60                 if (info->flags & XT_RATEEST_MATCH_BPS)
 61                         ret &= bps1 > bps2;
 62                 if (info->flags & XT_RATEEST_MATCH_PPS)
 63                         ret &= pps1 > pps2;
 64                 break;
 65         case XT_RATEEST_MATCH_EQ:
 66                 if (info->flags & XT_RATEEST_MATCH_BPS)
 67                         ret &= bps1 == bps2;
 68                 if (info->flags & XT_RATEEST_MATCH_PPS)
 69                         ret &= pps1 == pps2;
 70                 break;
 71         }
 72 
 73         ret ^= info->flags & XT_RATEEST_MATCH_INVERT ? true : false;
 74         return ret;
 75 }
 76 
 77 static int xt_rateest_mt_checkentry(const struct xt_mtchk_param *par)
 78 {
 79         struct xt_rateest_match_info *info = par->matchinfo;
 80         struct xt_rateest *est1, *est2;
 81         int ret = -EINVAL;
 82 
 83         if (hweight32(info->flags & (XT_RATEEST_MATCH_ABS |
 84                                      XT_RATEEST_MATCH_REL)) != 1)
 85                 goto err1;
 86 
 87         if (!(info->flags & (XT_RATEEST_MATCH_BPS | XT_RATEEST_MATCH_PPS)))
 88                 goto err1;
 89 
 90         switch (info->mode) {
 91         case XT_RATEEST_MATCH_EQ:
 92         case XT_RATEEST_MATCH_LT:
 93         case XT_RATEEST_MATCH_GT:
 94                 break;
 95         default:
 96                 goto err1;
 97         }
 98 
 99         ret  = -ENOENT;
100         est1 = xt_rateest_lookup(info->name1);
101         if (!est1)
102                 goto err1;
103 
104         est2 = NULL;
105         if (info->flags & XT_RATEEST_MATCH_REL) {
106                 est2 = xt_rateest_lookup(info->name2);
107                 if (!est2)
108                         goto err2;
109         }
110 
111         info->est1 = est1;
112         info->est2 = est2;
113         return 0;
114 
115 err2:
116         xt_rateest_put(est1);
117 err1:
118         return ret;
119 }
120 
121 static void xt_rateest_mt_destroy(const struct xt_mtdtor_param *par)
122 {
123         struct xt_rateest_match_info *info = par->matchinfo;
124 
125         xt_rateest_put(info->est1);
126         if (info->est2)
127                 xt_rateest_put(info->est2);
128 }
129 
130 static struct xt_match xt_rateest_mt_reg __read_mostly = {
131         .name       = "rateest",
132         .revision   = 0,
133         .family     = NFPROTO_UNSPEC,
134         .match      = xt_rateest_mt,
135         .checkentry = xt_rateest_mt_checkentry,
136         .destroy    = xt_rateest_mt_destroy,
137         .matchsize  = sizeof(struct xt_rateest_match_info),
138         .me         = THIS_MODULE,
139 };
140 
141 static int __init xt_rateest_mt_init(void)
142 {
143         return xt_register_match(&xt_rateest_mt_reg);
144 }
145 
146 static void __exit xt_rateest_mt_fini(void)
147 {
148         xt_unregister_match(&xt_rateest_mt_reg);
149 }
150 
151 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
152 MODULE_LICENSE("GPL");
153 MODULE_DESCRIPTION("xtables rate estimator match");
154 MODULE_ALIAS("ipt_rateest");
155 MODULE_ALIAS("ip6t_rateest");
156 module_init(xt_rateest_mt_init);
157 module_exit(xt_rateest_mt_fini);
158 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp