* See http://www.intra2net.com/opensource/ipt_account *
* for further information *
* *
- * Copyright (C) 2004-2008 by Intra2net AG *
+ * Copyright (C) 2004-2011 by Intra2net AG *
* opensource@intra2net.com *
* *
* This program is free software; you can redistribute it and/or modify *
{
unsigned int i;
- DEBUGP("ACCOUNT: ipt_acc_table_insert: %s, %u.%u.%u.%u/%u.%u.%u.%u\n",
- name, NIPQUAD(ip), NIPQUAD(netmask));
+ DEBUGP("ACCOUNT: ipt_acc_table_insert: %s, %pI4/%pI4\n",
+ name, &ip, &netmask);
/* Look for existing table */
for (i = 0; i < ACCOUNT_MAX_TABLES; i++) {
if (strncmp(ipt_acc_tables[i].name, name,
ACCOUNT_TABLE_NAME_LEN) == 0) {
DEBUGP("ACCOUNT: Found existing slot: %d - "
- "%u.%u.%u.%u/%u.%u.%u.%u\n", i,
- NIPQUAD(ipt_acc_tables[i].ip),
- NIPQUAD(ipt_acc_tables[i].netmask));
+ "%pI4/%pI4\n", i,
+ &ipt_acc_tables[i].ip,
+ &ipt_acc_tables[i].netmask);
if (ipt_acc_tables[i].ip != ip
|| ipt_acc_tables[i].netmask != netmask) {
printk("ACCOUNT: Table %s found, but IP/netmask mismatch. "
- "IP/netmask found: %u.%u.%u.%u/%u.%u.%u.%u\n",
- name, NIPQUAD(ipt_acc_tables[i].ip),
- NIPQUAD(ipt_acc_tables[i].netmask));
+ "IP/netmask found: %pI4/%pI4\n",
+ name, &ipt_acc_tables[i].ip,
+ &ipt_acc_tables[i].netmask);
return -1;
}
return -1;
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36)
+static int ipt_acc_checkentry(const struct xt_tgchk_param *par)
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
static bool ipt_acc_checkentry(const struct xt_tgchk_param *par)
#else
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
if (table_nr == -1) {
printk("ACCOUNT: Table insert problem. Aborting\n");
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36)
+ return -EINVAL;
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
return false;
#else
return 0;
for every packet */
info->table_nr = table_nr;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
+ /* All fine */
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36)
+ return 0;
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,23)
return true;
#else
return 1;
unsigned char is_src = 0, is_dst = 0, src_slot, dst_slot;
char is_src_new_ip = 0, is_dst_new_ip = 0; /* Check if this entry is new */
- DEBUGP("ACCOUNT: ipt_acc_depth0_insert: %u.%u.%u.%u/%u.%u.%u.%u "
- "for net %u.%u.%u.%u/%u.%u.%u.%u, size: %u\n", NIPQUAD(src_ip),
- NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask), size);
+ DEBUGP("ACCOUNT: ipt_acc_depth0_insert: %pI4/%pI4 "
+ "for net %pI4/%pI4, size: %u\n", &src_ip,
+ &dst_ip, &net_ip, &netmask, size);
/* Check if src/dst is inside our network. */
/* Special: net_ip = 0.0.0.0/0 gets stored as src in slot 0 */
is_dst = 1;
if (!is_src && !is_dst) {
- DEBUGP("ACCOUNT: Skipping packet %u.%u.%u.%u/%u.%u.%u.%u "
- "for net %u.%u.%u.%u/%u.%u.%u.%u\n", NIPQUAD(src_ip),
- NIPQUAD(dst_ip), NIPQUAD(net_ip), NIPQUAD(netmask));
+ DEBUGP("ACCOUNT: Skipping packet %pI4/%pI4 "
+ "for net %pI4/%pI4\n", &src_ip,
+ &dst_ip, &net_ip, &netmask);
return;
}
}
} else {
if (is_src_new_ip) {
- DEBUGP("ACCOUNT: New src_ip: %u.%u.%u.%u\n", NIPQUAD(src_ip));
+ DEBUGP("ACCOUNT: New src_ip: %pI4\n", &src_ip);
(*itemcount)++;
}
if (is_dst_new_ip) {
- DEBUGP("ACCOUNT: New dst_ip: %u.%u.%u.%u\n", NIPQUAD(dst_ip));
+ DEBUGP("ACCOUNT: New dst_ip: %pI4\n", &dst_ip);
(*itemcount)++;
}
}
}
}
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,36)
+static unsigned int ipt_acc_target(struct sk_buff *skb, const struct xt_action_param *par)
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28)
static unsigned int ipt_acc_target(struct sk_buff *skb, const struct xt_target_param *par)
#else
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24)
if (ipt_acc_tables[info->table_nr].name[0] == 0) {
printk("ACCOUNT: ipt_acc_target: Invalid table id %u. "
- "IPs %u.%u.%u.%u/%u.%u.%u.%u\n", info->table_nr,
- NIPQUAD(src_ip), NIPQUAD(dst_ip));
+ "IPs %pI4/%pI4\n", info->table_nr,
+ &src_ip, &dst_ip);
spin_unlock_bh(&ipt_acc_lock);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
/* 8 bit network or "any" network */
ipt_acc_tables[info->table_nr].netmask,
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
spin_unlock_bh(&ipt_acc_lock);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
/* 16 bit network */
ipt_acc_tables[info->table_nr].netmask,
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
spin_unlock_bh(&ipt_acc_lock);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
/* 24 bit network */
ipt_acc_tables[info->table_nr].netmask,
src_ip, dst_ip, size, &ipt_acc_tables[info->table_nr].itemcount);
spin_unlock_bh(&ipt_acc_lock);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
printk("ACCOUNT: ipt_acc_target: Unable to process packet. "
- "Table id %u. IPs %u.%u.%u.%u/%u.%u.%u.%u\n",
- info->table_nr, NIPQUAD(src_ip), NIPQUAD(dst_ip));
+ "Table id %u. IPs %pI4/%pI4\n",
+ info->table_nr, &src_ip, &dst_ip);
spin_unlock_bh(&ipt_acc_lock);
- return IPT_CONTINUE;
+ return XT_CONTINUE;
}
/*
static int __init init(void)
{
- init_MUTEX(&ipt_acc_userspace_mutex);
+ sema_init(&ipt_acc_userspace_mutex, 1);
if ((ipt_acc_tables =
kmalloc(ACCOUNT_MAX_TABLES *