/* * Copyright (c) 2013 Patrick McHardy <kaber@trash.net> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 as * published by the Free Software Foundation. */ #include <stdbool.h> #include <stdio.h> #include <xtables.h> #include <linux/netfilter/xt_SYNPROXY.h> enum { O_SACK_PERM = 0, O_TIMESTAMP, O_WSCALE, O_MSS, O_ECN, }; static void SYNPROXY_help(void) { printf( "SYNPROXY target options:\n" " --sack-perm Set SACK_PERM\n" " --timestamp Set TIMESTAMP\n" " --wscale value Set window scaling factor\n" " --mss value Set MSS value\n" " --ecn Set ECN\n"); } static const struct xt_option_entry SYNPROXY_opts[] = { {.name = "sack-perm", .id = O_SACK_PERM, .type = XTTYPE_NONE, }, {.name = "timestamp", .id = O_TIMESTAMP, .type = XTTYPE_NONE, }, {.name = "wscale", .id = O_WSCALE, .type = XTTYPE_UINT32, }, {.name = "mss", .id = O_MSS, .type = XTTYPE_UINT32, }, {.name = "ecn", .id = O_ECN, .type = XTTYPE_NONE, }, XTOPT_TABLEEND, }; static void SYNPROXY_parse(struct xt_option_call *cb) { struct xt_synproxy_info *info = cb->data; xtables_option_parse(cb); switch (cb->entry->id) { case O_SACK_PERM: info->options |= XT_SYNPROXY_OPT_SACK_PERM; break; case O_TIMESTAMP: info->options |= XT_SYNPROXY_OPT_TIMESTAMP; break; case O_WSCALE: info->options |= XT_SYNPROXY_OPT_WSCALE; info->wscale = cb->val.u32; break; case O_MSS: info->options |= XT_SYNPROXY_OPT_MSS; info->mss = cb->val.u32; break; case O_ECN: info->options |= XT_SYNPROXY_OPT_ECN; break; } } static void SYNPROXY_check(struct xt_fcheck_call *cb) { } static void SYNPROXY_print(const void *ip, const struct xt_entry_target *target, int numeric) { const struct xt_synproxy_info *info = (const struct xt_synproxy_info *)target->data; printf(" SYNPROXY "); if (info->options & XT_SYNPROXY_OPT_SACK_PERM) printf("sack-perm "); if (info->options & XT_SYNPROXY_OPT_TIMESTAMP) printf("timestamp "); if (info->options & XT_SYNPROXY_OPT_WSCALE) printf("wscale %u ", info->wscale); if (info->options & XT_SYNPROXY_OPT_MSS) printf("mss %u ", info->mss); if (info->options & XT_SYNPROXY_OPT_ECN) printf("ecn "); } static void SYNPROXY_save(const void *ip, const struct xt_entry_target *target) { const struct xt_synproxy_info *info = (const struct xt_synproxy_info *)target->data; if (info->options & XT_SYNPROXY_OPT_SACK_PERM) printf(" --sack-perm"); if (info->options & XT_SYNPROXY_OPT_TIMESTAMP) printf(" --timestamp"); if (info->options & XT_SYNPROXY_OPT_WSCALE) printf(" --wscale %u", info->wscale); if (info->options & XT_SYNPROXY_OPT_MSS) printf(" --mss %u", info->mss); if (info->options & XT_SYNPROXY_OPT_ECN) printf(" --ecn"); } static struct xtables_target synproxy_tg_reg = { .family = NFPROTO_UNSPEC, .name = "SYNPROXY", .version = XTABLES_VERSION, .revision = 0, .size = XT_ALIGN(sizeof(struct xt_synproxy_info)), .userspacesize = XT_ALIGN(sizeof(struct xt_synproxy_info)), .help = SYNPROXY_help, .print = SYNPROXY_print, .save = SYNPROXY_save, .x6_parse = SYNPROXY_parse, .x6_fcheck = SYNPROXY_check, .x6_options = SYNPROXY_opts, }; void _init(void) { xtables_register_target(&synproxy_tg_reg); }