diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-05-02 14:07:25 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-05-02 16:29:56 +0200 |
commit | c1c0f16c1fedb46547c2e104beeaaeac5933b214 (patch) | |
tree | 64210ba7c774c3e2a214600c7cf85a6cc754642b /src/expect | |
parent | a2fa46c606a36904a26aaf38598fa194c3fbcf4b (diff) |
src: replace old libnfnetlink parser
Use the new libmnl version, remove duplicated code.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expect')
-rw-r--r-- | src/expect/Makefile.am | 2 | ||||
-rw-r--r-- | src/expect/api.c | 30 | ||||
-rw-r--r-- | src/expect/parse.c | 120 |
3 files changed, 19 insertions, 133 deletions
diff --git a/src/expect/Makefile.am b/src/expect/Makefile.am index 61d5cbd..8f07daf 100644 --- a/src/expect/Makefile.am +++ b/src/expect/Makefile.am @@ -5,7 +5,7 @@ noinst_LTLIBRARIES = libnfexpect.la libnfexpect_la_SOURCES = api.c \ compare.c \ getter.c setter.c \ - parse.c build.c \ + build.c \ snprintf.c \ snprintf_default.c \ snprintf_xml.c \ diff --git a/src/expect/api.c b/src/expect/api.c index 3f17630..b50a47f 100644 --- a/src/expect/api.c +++ b/src/expect/api.c @@ -594,6 +594,23 @@ int nfexp_build_query(struct nfnl_subsys_handle *ssh, return __build_query_exp(ssh, qt, data, buffer, size); } +static int __parse_expect_message_type(const struct nlmsghdr *nlh) +{ + uint16_t type = NFNL_MSG_TYPE(nlh->nlmsg_type); + uint16_t flags = nlh->nlmsg_flags; + int ret = NFCT_T_UNKNOWN; + + if (type == IPCTNL_MSG_EXP_NEW) { + if (flags & (NLM_F_CREATE|NLM_F_EXCL)) + ret = NFCT_T_NEW; + else + ret = NFCT_T_UPDATE; + } else if (type == IPCTNL_MSG_EXP_DELETE) + ret = NFCT_T_DESTROY; + + return ret; +} + /** * nfexp_parse_expect - translate a netlink message to a conntrack object * \param type do the translation iif the message type is of a certain type @@ -623,26 +640,15 @@ int nfexp_parse_expect(enum nf_conntrack_msg_type type, struct nf_expect *exp) { unsigned int flags; - int len = nlh->nlmsg_len; - struct nfgenmsg *nfhdr = NLMSG_DATA(nlh); - struct nfattr *cda[CTA_EXPECT_MAX]; assert(nlh != NULL); assert(exp != NULL); - len -= NLMSG_LENGTH(sizeof(struct nfgenmsg)); - if (len < 0) { - errno = EINVAL; - return NFCT_T_ERROR; - } - flags = __parse_expect_message_type(nlh); if (!(flags & type)) return 0; - nfnl_parse_attr(cda, CTA_EXPECT_MAX, NFA_DATA(nfhdr), len); - - __parse_expect(nlh, cda, exp); + nfexp_nlmsg_parse(nlh, exp); return flags; } diff --git a/src/expect/parse.c b/src/expect/parse.c deleted file mode 100644 index 9b944a6..0000000 --- a/src/expect/parse.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - * (C) 2005-2011 by Pablo Neira Ayuso <pablo@netfilter.org> - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - */ - -#include "internal/internal.h" - -int __parse_expect_message_type(const struct nlmsghdr *nlh) -{ - uint16_t type = NFNL_MSG_TYPE(nlh->nlmsg_type); - uint16_t flags = nlh->nlmsg_flags; - int ret = NFCT_T_UNKNOWN; - - if (type == IPCTNL_MSG_EXP_NEW) { - if (flags & (NLM_F_CREATE|NLM_F_EXCL)) - ret = NFCT_T_NEW; - else - ret = NFCT_T_UPDATE; - } else if (type == IPCTNL_MSG_EXP_DELETE) - ret = NFCT_T_DESTROY; - - return ret; -} - -void __parse_expect(const struct nlmsghdr *nlh, - struct nfattr *cda[], - struct nf_expect *exp) -{ - struct nfgenmsg *nfhdr = NLMSG_DATA(nlh); - - /* XXX: this is ugly, clean it up, please */ - exp->expected.orig.l3protonum = nfhdr->nfgen_family; - set_bit(ATTR_ORIG_L3PROTO, exp->expected.set); - - exp->mask.orig.l3protonum = nfhdr->nfgen_family; - set_bit(ATTR_ORIG_L3PROTO, exp->mask.set); - - exp->master.orig.l3protonum = nfhdr->nfgen_family; - set_bit(ATTR_ORIG_L3PROTO, exp->master.set); - - if (cda[CTA_EXPECT_MASTER-1]) { - __parse_tuple(cda[CTA_EXPECT_MASTER-1], - &exp->master.orig, - __DIR_ORIG, - exp->master.set); - set_bit(ATTR_EXP_MASTER, exp->set); - } - if (cda[CTA_EXPECT_TUPLE-1]) { - __parse_tuple(cda[CTA_EXPECT_TUPLE-1], - &exp->expected.orig, - __DIR_ORIG, - exp->expected.set); - set_bit(ATTR_EXP_EXPECTED, exp->set); - } - if (cda[CTA_EXPECT_MASK-1]) { - __parse_tuple(cda[CTA_EXPECT_MASK-1], - &exp->mask.orig, - __DIR_ORIG, - exp->mask.set); - set_bit(ATTR_EXP_MASK, exp->set); - } - if (cda[CTA_EXPECT_TIMEOUT-1]) { - exp->timeout = - ntohl(*(uint32_t *)NFA_DATA(cda[CTA_EXPECT_TIMEOUT-1])); - set_bit(ATTR_EXP_TIMEOUT, exp->set); - } - - if (cda[CTA_EXPECT_ZONE-1]) { - exp->zone = - ntohs(*(uint16_t *)NFA_DATA(cda[CTA_EXPECT_ZONE-1])); - set_bit(ATTR_EXP_ZONE, exp->set); - } - if (cda[CTA_EXPECT_FLAGS-1]) { - exp->flags = - ntohl(*(uint32_t *)NFA_DATA(cda[CTA_EXPECT_FLAGS-1])); - set_bit(ATTR_EXP_FLAGS, exp->set); - } - if (cda[CTA_EXPECT_HELP_NAME-1]) { - strncpy(exp->helper_name, NFA_DATA(cda[CTA_EXPECT_HELP_NAME-1]), - NFA_PAYLOAD(cda[CTA_EXPECT_HELP_NAME-1])); - set_bit(ATTR_EXP_HELPER_NAME, exp->set); - } - if (cda[CTA_EXPECT_CLASS-1]) { - exp->class = - ntohl(*(uint32_t *)NFA_DATA(cda[CTA_EXPECT_CLASS-1])); - set_bit(ATTR_EXP_CLASS, exp->set); - } - if (cda[CTA_EXPECT_NAT-1]) { - struct nfattr *tb[CTA_EXPECT_NAT_MAX]; - - exp->nat.orig.l3protonum = nfhdr->nfgen_family; - set_bit(ATTR_ORIG_L3PROTO, exp->nat.set); - - nfnl_parse_nested(tb, CTA_EXPECT_NAT_MAX, - cda[CTA_EXPECT_NAT-1]); - - if (tb[CTA_EXPECT_NAT_TUPLE-1]) { - __parse_tuple(tb[CTA_EXPECT_NAT_TUPLE-1], - &exp->nat.orig, - __DIR_ORIG, - exp->nat.set); - set_bit(ATTR_EXP_NAT_TUPLE, exp->set); - } - if (tb[CTA_EXPECT_NAT_DIR-1]) { - exp->nat_dir = - ntohl(*((uint32_t *) - NFA_DATA(tb[CTA_EXPECT_NAT_DIR-1]))); - set_bit(ATTR_EXP_NAT_DIR, exp->set); - } - } - if (cda[CTA_EXPECT_FN-1]) { - strcpy(exp->expectfn, NFA_DATA(cda[CTA_EXPECT_FN-1])); - exp->expectfn[__NFCT_EXPECTFN_MAX-1] = '\0'; - set_bit(ATTR_EXP_FN, exp->set); - } -} |