netfilter: ebtables: do centralized size checking
[linux-2.6.git] / net / bridge / netfilter / ebt_redirect.c
1 /*
2  *  ebt_redirect
3  *
4  *      Authors:
5  *      Bart De Schuymer <bdschuym@pandora.be>
6  *
7  *  April, 2002
8  *
9  */
10 #include <linux/module.h>
11 #include <net/sock.h>
12 #include "../br_private.h"
13 #include <linux/netfilter.h>
14 #include <linux/netfilter/x_tables.h>
15 #include <linux/netfilter_bridge/ebtables.h>
16 #include <linux/netfilter_bridge/ebt_redirect.h>
17
18 static int ebt_target_redirect(struct sk_buff *skb, unsigned int hooknr,
19    const struct net_device *in, const struct net_device *out,
20    const void *data, unsigned int datalen)
21 {
22         const struct ebt_redirect_info *info = data;
23
24         if (!skb_make_writable(skb, 0))
25                 return EBT_DROP;
26
27         if (hooknr != NF_BR_BROUTING)
28                 memcpy(eth_hdr(skb)->h_dest,
29                        in->br_port->br->dev->dev_addr, ETH_ALEN);
30         else
31                 memcpy(eth_hdr(skb)->h_dest, in->dev_addr, ETH_ALEN);
32         skb->pkt_type = PACKET_HOST;
33         return info->target;
34 }
35
36 static int ebt_target_redirect_check(const char *tablename, unsigned int hookmask,
37    const struct ebt_entry *e, void *data, unsigned int datalen)
38 {
39         const struct ebt_redirect_info *info = data;
40
41         if (BASE_CHAIN && info->target == EBT_RETURN)
42                 return -EINVAL;
43         CLEAR_BASE_CHAIN_BIT;
44         if ( (strcmp(tablename, "nat") || hookmask & ~(1 << NF_BR_PRE_ROUTING)) &&
45              (strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) )
46                 return -EINVAL;
47         if (INVALID_TARGET)
48                 return -EINVAL;
49         return 0;
50 }
51
52 static struct ebt_target redirect_target __read_mostly = {
53         .name           = EBT_REDIRECT_TARGET,
54         .target         = ebt_target_redirect,
55         .check          = ebt_target_redirect_check,
56         .targetsize     = XT_ALIGN(sizeof(struct ebt_redirect_info)),
57         .me             = THIS_MODULE,
58 };
59
60 static int __init ebt_redirect_init(void)
61 {
62         return ebt_register_target(&redirect_target);
63 }
64
65 static void __exit ebt_redirect_fini(void)
66 {
67         ebt_unregister_target(&redirect_target);
68 }
69
70 module_init(ebt_redirect_init);
71 module_exit(ebt_redirect_fini);
72 MODULE_DESCRIPTION("Ebtables: Packet redirection to localhost");
73 MODULE_LICENSE("GPL");