--- a/scratch/filter.cc Wed Oct 20 09:29:52 2010 -0700
+++ b/scratch/filter.cc Wed Oct 20 10:52:31 2010 -0700
@@ -22,8 +22,8 @@
// - FTP/TCP flow from n0 to n3, starting at time 1.2 to time 1.35 sec.
// - UDP packet size of 210 bytes, with per-packet interval 0.00375 sec.
// (i.e., DataRate of 448,000 bps)
-// - DropTail queues
-// - Tracing of queues and packet receptions to file "simple-point-to-point-olsr.tr"
+// - DropTail queues
+// - Tracing of queues and packet receptions to file "filter.tr"
#include <iostream>
#include <fstream>
@@ -40,14 +40,26 @@
NS_LOG_COMPONENT_DEFINE ("PacketFilterExample");
-int
+static void SinkRx (Ptr<const Packet> p, const Address &ad)
+{
+ NS_LOG_INFO (Simulator::Now ().GetSeconds () << " received UDP packet");
+}
+
+static void
+EnableFilter (Ptr<Ipv4L3Protocol> l3, Ptr<Ipv4NfPacketFilter> f)
+{
+ NS_LOG_INFO ("Enabling Netfilter drop rule");
+ l3->GetNetfilter ().AppendNetfilterHook (NF_INET_FORWARD, f);
+}
+
+int
main (int argc, char *argv[])
{
-#ifdef DEBUG
LogComponentEnable ("PacketFilterExample", LOG_LEVEL_INFO);
-#endif
+ LogComponentEnable ("Ipv4Netfilter", LOG_LEVEL_ALL);
+ LogComponentEnable ("Ipv4NfPacketFilter", LOG_LEVEL_ALL);
- // Set up some default values for the simulation. Use the
+ // Set up some default values for the simulation. Use the
Config::SetDefault ("ns3::OnOffApplication::PacketSize", UintegerValue (1000));
Config::SetDefault ("ns3::OnOffApplication::DataRate", StringValue ("100kb/s"));
@@ -56,8 +68,8 @@
NS_LOG_INFO ("Create nodes.");
NodeContainer c;
c.Create (3);
- NodeContainer n01 = NodeContainer (c.Get(0), c.Get (1));
- NodeContainer n12 = NodeContainer (c.Get(1), c.Get (2));
+ NodeContainer n01 = NodeContainer (c.Get (0), c.Get (1));
+ NodeContainer n12 = NodeContainer (c.Get (1), c.Get (2));
// Enable OLSR
NS_LOG_INFO ("Enabling OLSR Routing.");
@@ -80,8 +92,8 @@
p2p.SetChannelAttribute ("Delay", StringValue ("1ms"));
NetDeviceContainer nd01 = p2p.Install (n01);
NetDeviceContainer nd12 = p2p.Install (n12);
-
- // Later, we add IP addresses.
+
+ // Later, we add IP addresses.
NS_LOG_INFO ("Assign IP Addresses.");
Ipv4AddressHelper ipv4;
ipv4.SetBase ("10.1.1.0", "255.255.255.0");
@@ -94,7 +106,7 @@
NS_LOG_INFO ("Create Applications.");
uint16_t port = 9; // Discard port (RFC 863)
- OnOffHelper onoff ("ns3::UdpSocketFactory",
+ OnOffHelper onoff ("ns3::UdpSocketFactory",
InetSocketAddress (i12.GetAddress (1), port));
onoff.SetAttribute ("OnTime", RandomVariableValue (ConstantVariable (1)));
onoff.SetAttribute ("OffTime", RandomVariableValue (ConstantVariable (0)));
@@ -111,31 +123,18 @@
apps.Start (Seconds (1.0));
apps.Stop (Seconds (10.0));
- // Create a similar flow at another port
- onoff.SetAttribute ("Remote",
- AddressValue (InetSocketAddress (i12.GetAddress (1), port+1)));
- apps = onoff.Install (c.Get (0));
- apps.Start (Seconds (1.0));
- apps.Stop (Seconds (10.0));
-
- // Create a packet sink to receive these packets
- sink.SetAttribute ("Local",
- AddressValue (InetSocketAddress (Ipv4Address::GetAny (), port+1)));
-
- apps = sink.Install (c.Get (2));
- apps.Start (Seconds (1.0));
- apps.Stop (Seconds (10.0));
+ // then, print what the packet sink receives.
+ Config::ConnectWithoutContext ("/NodeList/2/ApplicationList/0/$ns3::PacketSink/Rx", MakeCallback (&SinkRx));
// Setup filtering
- Ptr<Ipv4NfPacketFilter> f = CreateObject<Ipv4NfPacketFilter>();
- f->Config("-p udp --dport 10 -j DROP");
- Ptr<Ipv4L3Protocol> l3 = c.Get(1)->GetObject<Ipv4L3Protocol>();
- l3->GetNetfilter().AppendNetfilterHook(NF_INET_FORWARD, f);
+ Ptr<Ipv4NfPacketFilter> f = CreateObject<Ipv4NfPacketFilter> ();
+ f->Config ("-p udp --dport 9 -j DROP");
+ Ptr<Ipv4L3Protocol> l3 = c.Get (1)->GetObject<Ipv4L3Protocol> ();
+ Simulator::Schedule (Seconds (5.0), &EnableFilter, l3, f);
- std::ofstream ascii;
- ascii.open ("filter.tr");
- PointToPointHelper::EnablePcapAll ("filter");
- PointToPointHelper::EnableAsciiAll (ascii);
+ AsciiTraceHelper ascii;
+ p2p.EnableAsciiAll (ascii.CreateFileStream ("filter.tr"));
+ p2p.EnablePcapAll ("filter");
Simulator::Stop (Seconds (30));
--- a/src/internet-stack/ipv4-l3-protocol.cc Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-l3-protocol.cc Wed Oct 20 10:52:31 2010 -0700
@@ -477,7 +477,7 @@
if (!m_netfilter.ProcessHooks(NF_INET_PREROUTING, packet, ipHeader, device, NULL))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
NS_ASSERT_MSG (m_routingProtocol != 0, "Need a routing protocol object to process packets");
@@ -568,13 +568,13 @@
if (!m_netfilter.ProcessHooks(NF_INET_OUTPUT, packetCopy, ipHeader,
NULL, outInterface->GetDevice()))
{
- m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, ifaceIndex);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), ifaceIndex);
return;
};
if (!m_netfilter.ProcessHooks(NF_INET_POSTROUTING, packetCopy, ipHeader,
NULL, outInterface->GetDevice()))
{
- m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, ifaceIndex);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), ifaceIndex);
return;
};
packetCopy->AddHeader (ipHeader);
@@ -604,13 +604,13 @@
if (!m_netfilter.ProcessHooks(NF_INET_OUTPUT, packetCopy, ipHeader,
NULL, outInterface->GetDevice()))
{
- m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, ifaceIndex);
+ m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), ifaceIndex);
return;
};
if (!m_netfilter.ProcessHooks(NF_INET_POSTROUTING, packetCopy, ipHeader,
NULL, outInterface->GetDevice()))
{
- m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, ifaceIndex);
+ m_dropTrace (ipHeader, packetCopy, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), ifaceIndex);
return;
};
packetCopy->AddHeader (ipHeader);
@@ -631,13 +631,13 @@
if (!m_netfilter.ProcessHooks(NF_INET_OUTPUT, packet, ipHeader,
NULL, route->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
if (!m_netfilter.ProcessHooks(NF_INET_POSTROUTING, packet, ipHeader,
NULL, route->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
m_sendOutgoingTrace (ipHeader, packet, interface);
@@ -673,13 +673,13 @@
if (!m_netfilter.ProcessHooks(NF_INET_OUTPUT, packet, ipHeader,
NULL, newRoute->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
if (!m_netfilter.ProcessHooks(NF_INET_POSTROUTING, packet, ipHeader,
NULL, newRoute->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
m_sendOutgoingTrace (ipHeader, packet, interface);
@@ -840,12 +840,12 @@
ipHeader.SetTtl (ipHeader.GetTtl () - 1);
if (!m_netfilter.ProcessHooks(NF_INET_FORWARD, packet, ipHeader, NULL, rtentry->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
if (!m_netfilter.ProcessHooks(NF_INET_POSTROUTING, packet, ipHeader, NULL, rtentry->GetOutputDevice()))
{
- m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, interface);
+ m_dropTrace (ipHeader, packet, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), interface);
return;
};
if (ipHeader.GetTtl () == 0)
@@ -874,7 +874,7 @@
Ipv4Header h = ip;
if (!m_netfilter.ProcessHooks(NF_INET_INPUT, p, h, NULL, NULL))
{
- m_dropTrace (h, p, DROP_ROUTE_ERROR, 0);
+ m_dropTrace (h, p, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), 0);
return;
};
@@ -1132,13 +1132,10 @@
m_dropTrace (ipHeader, p, DROP_ROUTE_ERROR, m_node->GetObject<Ipv4> (), 0);
}
-<<<<<<< /home/tomh/geni/ns-3-netfilter/src/internet-stack/ipv4-l3-protocol.cc
Ipv4Netfilter&
Ipv4L3Protocol::GetNetfilter (void)
{
return m_netfilter;
}
-=======
->>>>>>> /tmp/ipv4-l3-protocol.cc~other.wr4x8j
}//namespace ns3
--- a/src/internet-stack/ipv4-netfilter-hook.cc Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-netfilter-hook.cc Wed Oct 20 10:52:31 2010 -0700
@@ -1,9 +1,9 @@
// vim: sw=2 cin cino=>4,n-2,{2,^-2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et:
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009 University of Texas at Dallas
* Copyright (c) 2009 New York University
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -16,7 +16,7 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Qasim Javed <qasim@utdallas.edu>
* Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
@@ -27,26 +27,26 @@
namespace ns3 {
-TypeId
+TypeId
Ipv4NetfilterHook::GetTypeId (void)
{
static TypeId tid = TypeId ("ns3::Ipv4NetfilterHook")
- .SetParent<Object> ()
- ;
+ .SetParent<Object> ()
+ ;
return tid;
}
TypeId
Ipv4NetfilterHook::GetInstanceTypeId (void) const
{
- return GetTypeId();
-};
-
+ return GetTypeId ();
+}
+
Ipv4NetfilterHook::Ipv4NetfilterHook ()
{
}
-Ipv4NetfilterHook::~Ipv4NetfilterHook()
+Ipv4NetfilterHook::~Ipv4NetfilterHook ()
{
}
@@ -61,6 +61,6 @@
{
// By default, all hooks are not equal
return false;
-};
+}
} // Namespace ns3
--- a/src/internet-stack/ipv4-netfilter-hook.h Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-netfilter-hook.h Wed Oct 20 10:52:31 2010 -0700
@@ -1,9 +1,9 @@
// vim: sw=2 cin cino=>4,n-2,{2,^-2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et:
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009 University of Texas at Dallas
* Copyright (c) 2009 New York University
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -16,7 +16,7 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Qasim Javed <qasim@utdallas.edu>
* Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
@@ -52,9 +52,9 @@
Ipv4NetfilterHook ();
virtual ~Ipv4NetfilterHook ();
virtual bool operator== (const Ipv4NetfilterHook& hook) const;
- virtual bool Match(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)=0;
- virtual bool Manipulate(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)=0;
- void RegisterNetfilter(Ptr<Ipv4Netfilter> nf);
+ virtual bool Match (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out) = 0;
+ virtual bool Manipulate (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out) = 0;
+ void RegisterNetfilter (Ptr<Ipv4Netfilter> nf);
private:
Ptr<Ipv4Netfilter> m_netfilter;
};
--- a/src/internet-stack/ipv4-netfilter.cc Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-netfilter.cc Wed Oct 20 10:52:31 2010 -0700
@@ -1,8 +1,8 @@
// vim:set cin cino=>4,n-2,{2,^-2,:2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et :
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009 University of Texas at Dallas
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -15,7 +15,7 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Qasim Javed <qasim@utdallas.edu>
* Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
@@ -30,57 +30,57 @@
NS_OBJECT_ENSURE_REGISTERED (Ipv4Netfilter);
-TypeId
+TypeId
Ipv4Netfilter::GetTypeId (void)
{
static TypeId tid = TypeId ("ns3::Ipv4Netfilter")
- .SetParent<Object> ()
- ;
+ .SetParent<Object> ()
+ ;
return tid;
}
-
-Ipv4Netfilter::Ipv4Netfilter () : m_chains(NF_INET_NUMHOOKS)
+
+Ipv4Netfilter::Ipv4Netfilter () : m_chains (NF_INET_NUMHOOKS)
{
- NS_LOG_FUNCTION_NOARGS();
+ NS_LOG_FUNCTION_NOARGS ();
}
-uint32_t
+uint32_t
Ipv4Netfilter::AppendNetfilterHook (Hook_t type, Ptr<Ipv4NetfilterHook> hook)
{
NS_LOG_FUNCTION (this << type << hook);
m_chains[type].push_back (hook);
- hook->RegisterNetfilter(this);
+ hook->RegisterNetfilter (this);
return 0;
}
-uint32_t
+uint32_t
Ipv4Netfilter::RemoveNetfilterHook (Hook_t type, Ptr<Ipv4NetfilterHook> hook)
{
HooksChain::iterator i;
- for (i = m_chains[type].begin(); i != m_chains[type].end(); ++i)
+ for (i = m_chains[type].begin (); i != m_chains[type].end (); ++i)
{
if (*i == hook)
{
- m_chains[type].erase(i);
+ m_chains[type].erase (i);
return 0;
- };
- };
+ }
+ }
return 1;
}
-uint32_t
+uint32_t
Ipv4Netfilter::ProcessHooks (Hook_t type, Ptr<Packet> p, Ipv4Header& iph,
- Ptr<NetDevice> in, Ptr<NetDevice> out)
+ Ptr<NetDevice> in, Ptr<NetDevice> out)
{
HooksChain::iterator i;
- for (i = m_chains[type].begin(); i != m_chains[type].end(); ++i)
+ for (i = m_chains[type].begin (); i != m_chains[type].end (); ++i)
{
- if ((*i)->Match(p,iph,in,out))
+ if ((*i)->Match (p,iph,in,out))
{
- return (*i)->Manipulate(p,iph,in,out);
- };
- };
+ return (*i)->Manipulate (p,iph,in,out);
+ }
+ }
return 1;
-};
+}
} // Namespace ns3
--- a/src/internet-stack/ipv4-netfilter.h Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-netfilter.h Wed Oct 20 10:52:31 2010 -0700
@@ -1,8 +1,8 @@
// vim: sw=2 cin cino=>4,n-2,{2,^-2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et:
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009 University of Texas at Dallas
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -15,14 +15,14 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Qasim Javed <qasim@utdallas.edu>
* Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
/* This is a major rework of the code by Qasim, almost a complete rewrite to
simplify the structure. The outline is as follows:
-
+
This is a Ipv4Netfilter class which defines the Netfilter function for IPv4
protocol stack, i.e. to interact with Ipv4L3Protocol class. This class holds
a bunch of filter chains, named by their role. They are namely,
@@ -51,7 +51,8 @@
class NetDevice;
/* Types of Netfilter hooks */
-typedef enum {
+typedef enum
+{
NF_INET_PREROUTING,
NF_INET_INPUT,
NF_INET_FORWARD,
@@ -62,7 +63,7 @@
/**
* \brief Implementation of netfilter
- *
+ *
* This implements functionality similar to netfilter in the Linux Kernel.
*/
--- a/src/internet-stack/ipv4-nf-packet-filter.cc Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-nf-packet-filter.cc Wed Oct 20 10:52:31 2010 -0700
@@ -1,8 +1,8 @@
// vim: sw=2 cin cino=>4,n-2,{2,^-2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et:
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009-2010 New York University
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -15,7 +15,7 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
@@ -32,218 +32,291 @@
namespace ns3 {
-TypeId
+TypeId
Ipv4NfPacketFilter::GetTypeId (void)
{
static TypeId tid = TypeId ("ns3::Ipv4NfPacketFilter")
- .SetParent<Object> ()
- ;
+ .SetParent<Object> ()
+ ;
return tid;
}
TypeId
Ipv4NfPacketFilter::GetInstanceTypeId (void) const
{
- return GetTypeId();
-};
-
-Ipv4NfPacketFilter::Ipv4NfPacketFilter() : m_checktypes(0), m_action(ACCEPT)
+ return GetTypeId ();
+}
+
+Ipv4NfPacketFilter::Ipv4NfPacketFilter () : m_checktypes (0),
+ m_action (ACCEPT)
{
}
-Ipv4NfPacketFilter::~Ipv4NfPacketFilter()
+Ipv4NfPacketFilter::~Ipv4NfPacketFilter ()
{
}
bool
Ipv4NfPacketFilter::operator== (const Ipv4NfPacketFilter& hook) const
{
- if (GetInstanceTypeId() != hook.GetInstanceTypeId()) return false;
- if (m_checktypes != hook.m_checktypes) return false;
- if ((m_checktypes & SADDR) && m_saddr != hook.m_saddr) return false;
- if ((m_checktypes & DADDR) && m_daddr != hook.m_daddr) return false;
- if ((m_checktypes & SMASK) && m_smask != hook.m_smask) return false;
- if ((m_checktypes & DMASK) && m_dmask != hook.m_dmask) return false;
- if ((m_checktypes & PROTO) && m_protocol != hook.m_protocol) return false;
- if ((m_checktypes & SPORT) && m_sport != hook.m_sport) return false;
- if ((m_checktypes & DPORT) && m_dport != hook.m_dport) return false;
- if ((m_checktypes & INDEV) && m_indev != hook.m_indev) return false;
- if ((m_checktypes & OUDEV) && m_outdev != hook.m_outdev) return false;
+ if (GetInstanceTypeId () != hook.GetInstanceTypeId ())
+ {
+ return false;
+ }
+ if (m_checktypes != hook.m_checktypes)
+ {
+ return false;
+ }
+ if ((m_checktypes & SADDR) && m_saddr != hook.m_saddr)
+ {
+ return false;
+ }
+ if ((m_checktypes & DADDR) && m_daddr != hook.m_daddr)
+ {
+ return false;
+ }
+ if ((m_checktypes & SMASK) && m_smask != hook.m_smask)
+ {
+ return false;
+ }
+ if ((m_checktypes & DMASK) && m_dmask != hook.m_dmask)
+ {
+ return false;
+ }
+ if ((m_checktypes & PROTO) && m_protocol != hook.m_protocol)
+ {
+ return false;
+ }
+ if ((m_checktypes & SPORT) && m_sport != hook.m_sport)
+ {
+ return false;
+ }
+ if ((m_checktypes & DPORT) && m_dport != hook.m_dport)
+ {
+ return false;
+ }
+ if ((m_checktypes & INDEV) && m_indev != hook.m_indev)
+ {
+ return false;
+ }
+ if ((m_checktypes & OUDEV) && m_outdev != hook.m_outdev)
+ {
+ return false;
+ }
return true;
}
bool
-Ipv4NfPacketFilter::Match(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)
+Ipv4NfPacketFilter::Match (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)
{
if (m_checktypes & SADDR)
{
- Ipv4Address packetSrcAddr = h.GetSource();
+ Ipv4Address packetSrcAddr = h.GetSource ();
if (m_checktypes & SMASK)
{
- if (!m_smask.IsMatch(m_saddr, packetSrcAddr)) return false;
+ if (!m_smask.IsMatch (m_saddr, packetSrcAddr))
+ {
+ return false;
+ }
}
else
{
- if (m_saddr != packetSrcAddr) return false;
- };
- };
+ if (m_saddr != packetSrcAddr)
+ {
+ return false;
+ }
+ }
+ }
if (m_checktypes & DADDR)
{
- Ipv4Address packetDestAddr = h.GetDestination();
+ Ipv4Address packetDestAddr = h.GetDestination ();
if (m_checktypes & DMASK)
{
- if (!m_dmask.IsMatch(m_daddr, packetDestAddr)) return false;
+ if (!m_dmask.IsMatch (m_daddr, packetDestAddr))
+ {
+ return false;
+ }
}
else
{
- if (m_daddr != packetDestAddr) return false;
- };
- };
+ if (m_daddr != packetDestAddr)
+ {
+ return false;
+ }
+ }
+ }
if (m_checktypes & PROTO)
{
- if (m_protocol != h.GetProtocol()) return false;
- if ((m_checktypes & (SPORT|DPORT)) && m_protocol == TcpL4Protocol::PROT_NUMBER)
+ if (m_protocol != h.GetProtocol ())
+ {
+ return false;
+ }
+ if ((m_checktypes & (SPORT | DPORT)) && m_protocol == TcpL4Protocol::PROT_NUMBER)
{
TcpHeader h;
- p->PeekHeader(h);
- if ((m_checktypes & SPORT) && m_sport != h.GetSourcePort()) return false;
- if ((m_checktypes & DPORT) && m_dport != h.GetDestinationPort()) return false;
+ p->PeekHeader (h);
+ if ((m_checktypes & SPORT) && m_sport != h.GetSourcePort ())
+ {
+ return false;
+ }
+ if ((m_checktypes & DPORT) && m_dport != h.GetDestinationPort ())
+ {
+ return false;
+ }
}
- else if ((m_checktypes & (SPORT|DPORT)) && m_protocol == UdpL4Protocol::PROT_NUMBER)
+ else if ((m_checktypes & (SPORT | DPORT)) && m_protocol == UdpL4Protocol::PROT_NUMBER)
{
UdpHeader h;
- p->PeekHeader(h);
- if ((m_checktypes & SPORT) && m_sport != h.GetSourcePort()) return false;
- if ((m_checktypes & DPORT) && m_dport != h.GetDestinationPort()) return false;
- };
- };
- if ((m_checktypes & INDEV) && in != m_indev) return false;
- if ((m_checktypes & OUDEV) && out != m_outdev) return false;
+ p->PeekHeader (h);
+ if ((m_checktypes & SPORT) && m_sport != h.GetSourcePort ())
+ {
+ return false;
+ }
+ if ((m_checktypes & DPORT) && m_dport != h.GetDestinationPort ())
+ {
+ return false;
+ }
+ }
+ }
+ if ((m_checktypes & INDEV) && in != m_indev)
+ {
+ return false;
+ }
+ if ((m_checktypes & OUDEV) && out != m_outdev)
+ {
+ return false;
+ }
return true;
-};
+}
bool
-Ipv4NfPacketFilter::Manipulate(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)
+Ipv4NfPacketFilter::Manipulate (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out)
{
return (m_action == ACCEPT);
-};
+}
void
-Ipv4NfPacketFilter::Config(const char* configStr)
+Ipv4NfPacketFilter::Config (const char* configStr)
{
- NS_LOG_FUNCTION(configStr);
+ NS_LOG_FUNCTION (configStr);
// Parse the configuration string using C90 strtok() call
char* token;
- char* s = (char*) malloc(strlen(configStr)+1);
- strcpy(s, configStr);
+ char* s = (char*) malloc (strlen (configStr) + 1);
+ strcpy (s, configStr);
m_checktypes = 0; // Reset config
m_action = ACCEPT;
- for (token=strtok(s, " \t"); token; token=strtok(NULL, " \t"))
+ for (token = strtok (s, " \t"); token; token = strtok (NULL, " \t"))
{
// source address
- if (strncmp(token, "-s", 3) == 0)
+ if (strncmp (token, "-s", 3) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- char* mask = strchr(token,'/');
+ }
+ char* mask = strchr (token,'/');
if (mask != NULL)
{
*mask = '\0';
mask++;
- m_smask = Ipv4Mask(mask);
+ m_smask = Ipv4Mask (mask);
m_checktypes |= SMASK;
- NS_LOG_LOGIC("Setting source mask" << m_smask);
- };
- m_saddr = Ipv4Address(token);
+ NS_LOG_LOGIC ("Setting source mask" << m_smask);
+ }
+ m_saddr = Ipv4Address (token);
m_checktypes |= SADDR;
- NS_LOG_LOGIC("Setting source address " << m_saddr);
+ NS_LOG_LOGIC ("Setting source address " << m_saddr);
}
// destination address
- else if (strncmp(token, "-d", 3) == 0)
+ else if (strncmp (token, "-d", 3) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- char* mask = strchr(token,'/');
+ }
+ char* mask = strchr (token,'/');
if (mask != NULL)
{
*mask = '\0';
mask++;
- m_dmask = Ipv4Mask(mask);
+ m_dmask = Ipv4Mask (mask);
m_checktypes |= DMASK;
- NS_LOG_LOGIC("Setting destination mask" << m_dmask);
- };
- m_daddr = Ipv4Address(token);
+ NS_LOG_LOGIC ("Setting destination mask" << m_dmask);
+ }
+ m_daddr = Ipv4Address (token);
m_checktypes |= DADDR;
- NS_LOG_LOGIC("Setting source address " << m_daddr);
+ NS_LOG_LOGIC ("Setting source address " << m_daddr);
}
// L4 protocol
- else if (strncmp(token, "-p", 3) == 0)
+ else if (strncmp (token, "-p", 3) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- if (strncmp(token, "tcp", 4) == 0)
- m_protocol = TcpL4Protocol::PROT_NUMBER;
- else if (strncmp(token, "udp", 4) == 0)
- m_protocol = UdpL4Protocol::PROT_NUMBER;
+ }
+ if (strncmp (token, "tcp", 4) == 0)
+ {
+ m_protocol = TcpL4Protocol::PROT_NUMBER;
+ }
+ else if (strncmp (token, "udp", 4) == 0)
+ {
+ m_protocol = UdpL4Protocol::PROT_NUMBER;
+ }
else
- m_protocol = atoi(token);
+ {
+ m_protocol = atoi (token);
+ }
m_checktypes |= PROTO;
- NS_LOG_LOGIC("Setting protocol " << (unsigned)m_protocol);
+ NS_LOG_LOGIC ("Setting protocol " << (unsigned)m_protocol);
}
// source port
- else if (strncmp(token, "--sport", 8) == 0)
+ else if (strncmp (token, "--sport", 8) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- m_sport = atoi(token);
+ }
+ m_sport = atoi (token);
m_checktypes |= SPORT;
- NS_LOG_LOGIC("Setting source port " << m_sport);
+ NS_LOG_LOGIC ("Setting source port " << m_sport);
}
// destination port
- else if (strncmp(token, "--dport", 8) == 0)
+ else if (strncmp (token, "--dport", 8) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- m_dport = atoi(token);
+ }
+ m_dport = atoi (token);
m_checktypes |= DPORT;
- NS_LOG_LOGIC("Setting destination port " << m_dport);
+ NS_LOG_LOGIC ("Setting destination port " << m_dport);
}
// action
- else if (strncmp(token, "-j", 3) == 0)
+ else if (strncmp (token, "-j", 3) == 0)
{
- token = strtok(NULL, " \t");
+ token = strtok (NULL, " \t");
if (token == NULL)
{
- NS_LOG_LOGIC("Error parsing config string " << configStr << ". Halted.");
+ NS_LOG_LOGIC ("Error parsing config string " << configStr << ". Halted.");
break;
- };
- m_action = strncmp(token, "ACCEPT", 7) ? DROP : ACCEPT;
- NS_LOG_LOGIC("Setting action " << m_action);
+ }
+ m_action = strncmp (token, "ACCEPT", 7) ? DROP : ACCEPT;
+ NS_LOG_LOGIC ("Setting action " << m_action);
}
- };
- free(s);
-};
+ }
+ free (s);
+}
} // Namespace ns3
--- a/src/internet-stack/ipv4-nf-packet-filter.h Wed Oct 20 09:29:52 2010 -0700
+++ b/src/internet-stack/ipv4-nf-packet-filter.h Wed Oct 20 10:52:31 2010 -0700
@@ -1,8 +1,8 @@
// vim: sw=2 cin cino=>4,n-2,{2,^-2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1 sw=2 ts=8 et:
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
+/*
* Copyright (c) 2009-2010 New York University
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation;
@@ -15,7 +15,7 @@
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- *
+ *
* Author: Adrian S. Tam <adrian.sw.tam@gmail.com>
*/
@@ -40,7 +40,9 @@
class Ipv4NfPacketFilter : public Ipv4NetfilterHook
{
public:
- typedef enum {ACCEPT, DROP} action_t;
+ typedef enum {
+ ACCEPT, DROP
+ } action_t;
static TypeId GetTypeId (void);
virtual TypeId GetInstanceTypeId (void) const;
@@ -48,22 +50,22 @@
virtual ~Ipv4NfPacketFilter ();
virtual bool operator== (const Ipv4NfPacketFilter& hook) const;
- virtual bool Match(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out);
- virtual bool Manipulate(Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out);
- void Config(const char* configStr);
+ virtual bool Match (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out);
+ virtual bool Manipulate (Ptr<Packet> p, Ipv4Header& h, Ptr<NetDevice> in, Ptr<NetDevice> out);
+ void Config (const char* configStr);
private:
enum
- {
- SADDR = 0x0001,
- SMASK = 0x0002,
- DADDR = 0x0004,
- DMASK = 0x0008,
- PROTO = 0x0010,
- SPORT = 0x0020,
- DPORT = 0x0040,
- INDEV = 0x0080,
- OUDEV = 0x0100
- };
+ {
+ SADDR = 0x0001,
+ SMASK = 0x0002,
+ DADDR = 0x0004,
+ DMASK = 0x0008,
+ PROTO = 0x0010,
+ SPORT = 0x0020,
+ DPORT = 0x0040,
+ INDEV = 0x0080,
+ OUDEV = 0x0100
+ };
unsigned m_checktypes;
uint16_t m_sport;
uint16_t m_dport;