~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/netfilter/xt_string.c

Version: ~ [ linux-5.12-rc1 ] ~ [ linux-5.11.2 ] ~ [ linux-5.10.19 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.101 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.177 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.222 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.258 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.258 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.18.140 ] ~ [ linux-3.16.85 ] ~ [ linux-3.14.79 ] ~ [ linux-3.12.74 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /* String matching match for iptables
  2  *
  3  * (C) 2005 Pablo Neira Ayuso <pablo@eurodev.net>
  4  *
  5  * This program is free software; you can redistribute it and/or modify
  6  * it under the terms of the GNU General Public License version 2 as
  7  * published by the Free Software Foundation.
  8  */
  9 
 10 #include <linux/gfp.h>
 11 #include <linux/init.h>
 12 #include <linux/module.h>
 13 #include <linux/kernel.h>
 14 #include <linux/skbuff.h>
 15 #include <linux/netfilter/x_tables.h>
 16 #include <linux/netfilter/xt_string.h>
 17 #include <linux/textsearch.h>
 18 
 19 MODULE_AUTHOR("Pablo Neira Ayuso <pablo@eurodev.net>");
 20 MODULE_DESCRIPTION("Xtables: string-based matching");
 21 MODULE_LICENSE("GPL");
 22 MODULE_ALIAS("ipt_string");
 23 MODULE_ALIAS("ip6t_string");
 24 
 25 static bool
 26 string_mt(const struct sk_buff *skb, struct xt_action_param *par)
 27 {
 28         const struct xt_string_info *conf = par->matchinfo;
 29         bool invert;
 30 
 31         invert = conf->u.v1.flags & XT_STRING_FLAG_INVERT;
 32 
 33         return (skb_find_text((struct sk_buff *)skb, conf->from_offset,
 34                              conf->to_offset, conf->config)
 35                              != UINT_MAX) ^ invert;
 36 }
 37 
 38 #define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m))
 39 
 40 static int string_mt_check(const struct xt_mtchk_param *par)
 41 {
 42         struct xt_string_info *conf = par->matchinfo;
 43         struct ts_config *ts_conf;
 44         int flags = TS_AUTOLOAD;
 45 
 46         /* Damn, can't handle this case properly with iptables... */
 47         if (conf->from_offset > conf->to_offset)
 48                 return -EINVAL;
 49         if (conf->algo[XT_STRING_MAX_ALGO_NAME_SIZE - 1] != '\0')
 50                 return -EINVAL;
 51         if (conf->patlen > XT_STRING_MAX_PATTERN_SIZE)
 52                 return -EINVAL;
 53         if (conf->u.v1.flags &
 54             ~(XT_STRING_FLAG_IGNORECASE | XT_STRING_FLAG_INVERT))
 55                 return -EINVAL;
 56         if (conf->u.v1.flags & XT_STRING_FLAG_IGNORECASE)
 57                 flags |= TS_IGNORECASE;
 58         ts_conf = textsearch_prepare(conf->algo, conf->pattern, conf->patlen,
 59                                      GFP_KERNEL, flags);
 60         if (IS_ERR(ts_conf))
 61                 return PTR_ERR(ts_conf);
 62 
 63         conf->config = ts_conf;
 64         return 0;
 65 }
 66 
 67 static void string_mt_destroy(const struct xt_mtdtor_param *par)
 68 {
 69         textsearch_destroy(STRING_TEXT_PRIV(par->matchinfo)->config);
 70 }
 71 
 72 static struct xt_match xt_string_mt_reg __read_mostly = {
 73         .name       = "string",
 74         .revision   = 1,
 75         .family     = NFPROTO_UNSPEC,
 76         .checkentry = string_mt_check,
 77         .match      = string_mt,
 78         .destroy    = string_mt_destroy,
 79         .matchsize  = sizeof(struct xt_string_info),
 80         .usersize   = offsetof(struct xt_string_info, config),
 81         .me         = THIS_MODULE,
 82 };
 83 
 84 static int __init string_mt_init(void)
 85 {
 86         return xt_register_match(&xt_string_mt_reg);
 87 }
 88 
 89 static void __exit string_mt_exit(void)
 90 {
 91         xt_unregister_match(&xt_string_mt_reg);
 92 }
 93 
 94 module_init(string_mt_init);
 95 module_exit(string_mt_exit);
 96 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp