netfilter: Combine ipt_ttl and ip6t_hl source

	  To compile it as a module, choose M here.  If unsure, say N.

config IP_NF_MATCH_TTL

	tristate '"ttl" match support'

	depends on NETFILTER_ADVANCED

	help

	  This adds CONFIG_IP_NF_MATCH_TTL option, which enabled the user

	  to match packets by their TTL value.

	  To compile it as a module, choose M here.  If unsure, say N.

# `filter', generic and specific targets

config IP_NF_FILTER

	tristate "Packet filtering"

obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o

obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o

obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o

obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o

# targets

obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o

/* IP tables module for matching the value of the TTL

 *

 * (C) 2000,2001 by Harald Welte <laforge@netfilter.org>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 as

 * published by the Free Software Foundation.

 */

#include <linux/ip.h>

#include <linux/module.h>

#include <linux/skbuff.h>

#include <linux/netfilter_ipv4/ipt_ttl.h>

#include <linux/netfilter/x_tables.h>

MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");

MODULE_DESCRIPTION("Xtables: IPv4 TTL field match");

MODULE_LICENSE("GPL");

static bool ttl_mt(const struct sk_buff *skb, const struct xt_match_param *par)

{

	const struct ipt_ttl_info *info = par->matchinfo;

	const u8 ttl = ip_hdr(skb)->ttl;

	switch (info->mode) {

		case IPT_TTL_EQ:

			return ttl == info->ttl;

		case IPT_TTL_NE:

			return ttl != info->ttl;

		case IPT_TTL_LT:

			return ttl < info->ttl;

		case IPT_TTL_GT:

			return ttl > info->ttl;

		default:

			printk(KERN_WARNING "ipt_ttl: unknown mode %d\n",

				info->mode);

			return false;

	}

	return false;

}

static struct xt_match ttl_mt_reg __read_mostly = {

	.name		= "ttl",

	.family		= NFPROTO_IPV4,

	.match		= ttl_mt,

	.matchsize	= sizeof(struct ipt_ttl_info),

	.me		= THIS_MODULE,

};

static int __init ttl_mt_init(void)

{

	return xt_register_match(&ttl_mt_reg);

}

static void __exit ttl_mt_exit(void)

{

	xt_unregister_match(&ttl_mt_reg);

}

module_init(ttl_mt_init);

module_exit(ttl_mt_exit);

	  To compile it as a module, choose M here.  If unsure, say N.

config IP6_NF_MATCH_HL

	tristate '"hl" match support'

	depends on NETFILTER_ADVANCED

	help

	  HL matching allows you to match packets based on the hop

	  limit of the packet.

	  To compile it as a module, choose M here.  If unsure, say N.

config IP6_NF_MATCH_IPV6HEADER

	tristate '"ipv6header" IPv6 Extension Headers Match'

	default m if NETFILTER_ADVANCED=n

obj-$(CONFIG_IP6_NF_MATCH_AH) += ip6t_ah.o

obj-$(CONFIG_IP6_NF_MATCH_EUI64) += ip6t_eui64.o

obj-$(CONFIG_IP6_NF_MATCH_FRAG) += ip6t_frag.o

obj-$(CONFIG_IP6_NF_MATCH_HL) += ip6t_hl.o

obj-$(CONFIG_IP6_NF_MATCH_IPV6HEADER) += ip6t_ipv6header.o

obj-$(CONFIG_IP6_NF_MATCH_MH) += ip6t_mh.o

obj-$(CONFIG_IP6_NF_MATCH_OPTS) += ip6t_hbh.o