From a4f4647b4b7f32f2d1caab98544802c8cdd7b4d6 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 7 Aug 2008 14:52:41 +0200 Subject: netlink: add getter and check existence functions This patch adds nl_get_conntrack and it changes the behaviour of nl_exist_conntrack. Now, nl_get_conntrack requests the kernel for a conntrack and updates the cached entry. On the other hand, nl_exist_conntrack only inquiries for the existence of the entry. Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'src/netlink.c') diff --git a/src/netlink.c b/src/netlink.c index a8a5503..0d9b7db 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -214,6 +214,16 @@ int nl_init_overrun_handler(void) return 0; } +/* no callback, it does not do anything with the output */ +int nl_init_request_handler(void) +{ + STATE(request) = nfct_open(CONNTRACK, 0); + if (!STATE(request)) + return -1; + + return 0; +} + static int warned = 0; void nl_resize_socket_buffer(struct nfct_handle *h) @@ -257,7 +267,7 @@ int nl_overrun_request_resync(void) return nfct_send(STATE(overrun), NFCT_Q_DUMP, &family); } -int nl_exist_conntrack(struct nf_conntrack *ct) +static int __nl_get_conntrack(struct nfct_handle *h, struct nf_conntrack *ct) { int ret; char __tmp[nfct_maxsize()]; @@ -268,13 +278,24 @@ int nl_exist_conntrack(struct nf_conntrack *ct) /* use the original tuple to check if it is there */ nfct_copy(tmp, ct, NFCT_CP_ORIG); - ret = nfct_query(STATE(dump), NFCT_Q_GET, tmp); + ret = nfct_query(h, NFCT_Q_GET, tmp); if (ret == -1) return errno == ENOENT ? 0 : -1; return 1; } +int nl_exist_conntrack(struct nf_conntrack *ct) +{ + return __nl_get_conntrack(STATE(request), ct); +} + +/* get the conntrack and update the cache */ +int nl_get_conntrack(struct nf_conntrack *ct) +{ + return __nl_get_conntrack(STATE(dump), ct); +} + /* This function modifies the conntrack passed as argument! */ int nl_create_conntrack(struct nf_conntrack *ct) { -- cgit v1.2.3