summaryrefslogtreecommitdiffstats
path: root/src/conntrack
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2021-11-14 11:37:44 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2021-11-14 12:56:28 +0100
commitdbfa07f4abdafca547accab48e14156e4b67d7cc (patch)
tree36cbd1ae1a380a69c7c67e3e5c05d10ec52fdb95 /src/conntrack
parent54b482ce4efd4dad9cc52a8e16b198ce3e2b4908 (diff)
conntrack: add nfct_nlmsg_build_filter() helperHEADmaster
This helper function builds the payload of the netlink dump request including the filtering criteria. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack')
-rw-r--r--src/conntrack/build_mnl.c22
-rw-r--r--src/conntrack/filter_dump.c18
2 files changed, 24 insertions, 16 deletions
diff --git a/src/conntrack/build_mnl.c b/src/conntrack/build_mnl.c
index 0067a1c..c3198c5 100644
--- a/src/conntrack/build_mnl.c
+++ b/src/conntrack/build_mnl.c
@@ -595,3 +595,25 @@ nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct)
return 0;
}
+
+int nfct_nlmsg_build_filter(struct nlmsghdr *nlh,
+ const struct nfct_filter_dump *filter_dump)
+{
+ struct nfgenmsg *nfg;
+
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
+ mnl_attr_put_u32(nlh, CTA_MARK, htonl(filter_dump->mark.val));
+ mnl_attr_put_u32(nlh, CTA_MARK_MASK, htonl(filter_dump->mark.mask));
+ }
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
+ nfg = mnl_nlmsg_get_payload(nlh);
+ nfg->nfgen_family = filter_dump->l3num;
+ }
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
+ mnl_attr_put_u32(nlh, CTA_STATUS, htonl(filter_dump->status.val));
+ mnl_attr_put_u32(nlh, CTA_STATUS_MASK,
+ htonl(filter_dump->status.mask));
+ }
+
+ return 0;
+}
diff --git a/src/conntrack/filter_dump.c b/src/conntrack/filter_dump.c
index 3894d06..9bf9296 100644
--- a/src/conntrack/filter_dump.c
+++ b/src/conntrack/filter_dump.c
@@ -8,6 +8,7 @@
*/
#include "internal/internal.h"
+#include <libmnl/libmnl.h>
static void
set_filter_dump_attr_mark(struct nfct_filter_dump *filter_dump,
@@ -45,20 +46,5 @@ const set_filter_dump_attr set_filter_dump_attr_array[NFCT_FILTER_DUMP_MAX] = {
void __build_filter_dump(struct nfnlhdr *req, size_t size,
const struct nfct_filter_dump *filter_dump)
{
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
- nfnl_addattr32(&req->nlh, size, CTA_MARK,
- htonl(filter_dump->mark.val));
- nfnl_addattr32(&req->nlh, size, CTA_MARK_MASK,
- htonl(filter_dump->mark.mask));
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
- struct nfgenmsg *nfg = NLMSG_DATA(&req->nlh);
- nfg->nfgen_family = filter_dump->l3num;
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
- nfnl_addattr32(&req->nlh, size, CTA_STATUS,
- htonl(filter_dump->status.val));
- nfnl_addattr32(&req->nlh, size, CTA_STATUS_MASK,
- htonl(filter_dump->status.mask));
- }
+ nfct_nlmsg_build_filter(&req->nlh, filter_dump);
}