src: allow to use nfct handler for conntrack and expectations at the same time

This patch re-works the callback handling to allow the use the same socket
to send/receive commands and listen to events of both conntrack and
expectation subsystems. Now you can register one callback for conntrack
and one for expectation with the same handler with no problems (before
this patch, this was not possible, you required two different handlers).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 19 insertions, 5 deletions

diff --git a/src/main.c b/src/main.c
index 6da4198..7a4f8d0 100644
--- a/src/main.c
+++ b/src/main.c
@@ -70,7 +70,16 @@ out_free:
  * \param subscriptions ctnetlink groups to subscribe to events
  *
  * This function returns a handler to send commands to and receive replies from
- * kernel-space. On error, NULL is returned and errno is explicitly set.
+ * kernel-space. You can pass the following subsystem IDs:
+ *
+ * - NFNL_SUBSYS_CTNETLINK: if you are only interested in conntrack operations
+ * (excluding expectations).
+ * - NFNL_SUBSYS_CTNETLINK_EXP: if you are only interested in expectation
+ * operations (exclude conntracks).
+ * - NFNL_SUBSYS_NONE: if you are interested in both conntrack and expectation
+ * operations.
+ *
+ * On error, NULL is returned and errno is explicitly set.
  */
 struct nfct_handle *nfct_open(u_int8_t subsys_id, unsigned subscriptions)
 {
@@ -111,11 +120,16 @@ int nfct_close(struct nfct_handle *cth)
 	cth->cb2 = NULL;
 	cth->expect_cb = NULL;
 	cth->expect_cb2 = NULL;
-	free(cth->nfnl_cb.data);
+	free(cth->nfnl_cb_ct.data);
+	free(cth->nfnl_cb_exp.data);
+
+	cth->nfnl_cb_ct.call = NULL;
+	cth->nfnl_cb_ct.data = NULL;
+	cth->nfnl_cb_ct.attr_count = 0;
 
-	cth->nfnl_cb.call = NULL; 
-	cth->nfnl_cb.data = NULL;
-	cth->nfnl_cb.attr_count = 0;
+	cth->nfnl_cb_exp.call = NULL;
+	cth->nfnl_cb_exp.data = NULL;
+	cth->nfnl_cb_exp.attr_count = 0;
 
 	err = nfnl_close(cth->nfnlh);
 	free(cth);