groups: add attribute group API

This new API allows you to set and get some logical set of attributes. This is not intended to replace the existing per-attribute get/set API but to provide more efficient way to get/set certain attributes. This change includes an example file (conntrack_grp_create.c) of the use of the attribute group API. See ATTR_GRP_* for more information on the existing groups. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2008-10-30 20:44:25 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2008-10-30 20:44:25 +0100
commit: 7dd5289076160ee2844978bfd1640ca7aa34f4da (patch)
tree: a91a1c1dcea8238bf01f933352f41526f6581ba0 /include/libnetfilter_conntrack
parent: 215d42fef86577ad74151cda553a20b1bdb58a30 (diff)
1 files changed, 56 insertions, 0 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index e66f0f8..2fde9a8 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -124,6 +124,45 @@ enum nf_conntrack_attr {
 	ATTR_MAX
 };
 
+/* conntrack attribute groups */
+enum nf_conntrack_attr_grp {
+	ATTR_GRP_ORIG_IPV4 = 0,			/* struct nfct_attr_grp_ipv4 */
+	ATTR_GRP_REPL_IPV4,			/* struct nfct_attr_grp_ipv4 */
+	ATTR_GRP_ORIG_IPV6,			/* struct nfct_attr_grp_ipv6 */
+	ATTR_GRP_REPL_IPV6,			/* struct nfct_attr_grp_ipv6 */
+	ATTR_GRP_ORIG_PORT = 4,			/* struct nfct_attr_grp_port */
+	ATTR_GRP_REPL_PORT,			/* struct nfct_attr_grp_port */
+	ATTR_GRP_ICMP,				/* struct nfct_attr_grp_icmp */
+	ATTR_GRP_MASTER_IPV4,			/* struct nfct_attr_grp_ipv4 */
+	ATTR_GRP_MASTER_IPV6 = 8,		/* struct nfct_attr_grp_ipv6 */
+	ATTR_GRP_MASTER_PORT,			/* struct nfct_attr_grp_port */
+	ATTR_GRP_ORIG_COUNTERS,			/* struct nfct_attr_grp_ctrs */
+	ATTR_GRP_REPL_COUNTERS,			/* struct nfct_attr_grp_ctrs */
+	ATTR_GRP_MAX
+};
+
+struct nfct_attr_grp_ipv4 {
+	u_int32_t src, dst;
+};
+
+struct nfct_attr_grp_ipv6 {
+	u_int32_t src[4], dst[4];
+};
+
+struct nfct_attr_grp_port {
+	u_int16_t sport, dport;
+};
+
+struct nfct_attr_grp_icmp {
+	u_int16_t id;
+	u_int8_t code, type;
+};
+
+struct nfct_attr_grp_ctrs {
+	u_int64_t packets;
+	u_int64_t bytes;
+};
+
 /* message type */
 enum nf_conntrack_msg_type {
 	NFCT_T_UNKNOWN = 0,
@@ -238,6 +277,23 @@ extern int nfct_attr_is_set(const struct nf_conntrack *ct,
 extern int nfct_attr_unset(struct nf_conntrack *ct,
 			   const enum nf_conntrack_attr type);
 
+/* group setter */
+extern void nfct_set_attr_grp(struct nf_conntrack *ct,
+			      const enum nf_conntrack_attr_grp type,
+			      const void *value);
+/* group getter */
+extern int nfct_get_attr_grp(const struct nf_conntrack *ct,
+			     const enum nf_conntrack_attr_grp type,
+			     void *data);
+
+/* group checker */
+extern int nfct_attr_grp_is_set(const struct nf_conntrack *ct,
+				const enum nf_conntrack_attr_grp type);
+
+/* unsetter */
+extern int nfct_attr_grp_unset(struct nf_conntrack *ct,
+			       const enum nf_conntrack_attr_grp type);
+
 /* print */
 
 /* output type */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2008-10-30 20:44:25 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2008-10-30 20:44:25 +0100
commit	7dd5289076160ee2844978bfd1640ca7aa34f4da (patch)
tree	a91a1c1dcea8238bf01f933352f41526f6581ba0 /include/libnetfilter_conntrack
parent	215d42fef86577ad74151cda553a20b1bdb58a30 (diff)