#include <linux/kernel.h>
#include <linux/netfilter/x_tables.h>
#include <linux/skbuff.h>
#include <linux/ip.h>
#include <linux/module.h>

#include "xt_dns_name.h"

MODULE_DESCRIPTION("Xtables: DNS query QNAME matching");
MODULE_AUTHOR("Student");
MODULE_LICENSE("GPL");
MODULE_ALIAS("ipt_dns_name");

#define MOD_TAG "xt_dns_name: "

/******************************************************************************
 ************************************ API *************************************
 ******************************************************************************/

static int  dns_name_check(const struct xt_mtchk_param *par);
static bool dns_name_mt(const struct sk_buff *skb, struct xt_action_param *par);

/******************************************************************************
 *********************** MODULE SPECIFICATION STRUCTURES **********************
 ******************************************************************************/

/* registration information */
static struct xt_match dns_name_mt_reg __read_mostly = {
    .name       = "dns_name",
    .revision   = 0,
    .family     = NFPROTO_IPV4,
    .matchsize  = sizeof(struct xt_dns_name_mtinfo),
    .checkentry = dns_name_check,
    .match      = dns_name_mt,
    .hooks      = 1 << NF_INET_LOCAL_OUT,
    .me         = THIS_MODULE,
};

/******************************************************************************
 ************************** XTABLES MODULE CALLBACKS **************************
 ******************************************************************************/

/* dns_name_check - checks rule validity
 *  @par : parameters for match extensions
 *
 *  @return : 0 if everything is ok, !0 otherwise
 */
static int
dns_name_check(const struct xt_mtchk_param *par)
{
    const struct xt_dns_name_mtinfo *info = par->matchinfo;

    /* TODO 4: userspace is not to be trusted! check inserted rule */

    return 0;
}

/* dns_name_mt - performs packet match check
 *  @skb : packet buffer information
 *  @par : parameters for matches / targets
 *
 *  @return : true if matched, false otherwise
 */
static bool
dns_name_mt(const struct sk_buff *skb, struct xt_action_param *par)
{
    const struct xt_dns_name_mtinfo *info = par->matchinfo;
    struct iphdr                    *iph  = ip_hdr(skb);

    /* TODO 5: be 100% sure that the packet is a DNS request */

    /* TODO 6: match check on any & all QNAMEs in request */

    return false;
}


/******************************************************************************
 *********************** MODULE ENTRY & EXIT CALLBACKS ************************
 ******************************************************************************/

static int dns_name_mt_init(void)
{
    pr_info(MOD_TAG "loading xt_dns_name module");
    return xt_register_match(&dns_name_mt_reg);
}

static void dns_name_mt_exit(void)
{
    pr_info(MOD_TAG "unloading xt_dns_name module");
    xt_unregister_match(&dns_name_mt_reg);
}

module_init(dns_name_mt_init);
module_exit(dns_name_mt_exit);