conntrack: api: use libmnl API to build the netlink headers

Replace libnfnetlink's nfnl_fill_hdr() by more modern libmnl code.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

2 files changed, 51 insertions, 7 deletions

diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index 3a1746e..ffa5216 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -782,6 +782,24 @@ int nfct_build_conntrack(struct nfnl_subsys_handle *ssh,
 	return __build_conntrack(ssh, req, size, type, flags, ct);
 }
 
+static void nfct_fill_hdr(struct nfnlhdr *req, uint16_t type, uint16_t flags,
+			  uint8_t l3num, uint8_t version)
+{
+	char *buf = (char *)&req->nlh;
+	struct nlmsghdr *nlh;
+	struct nfgenmsg *nfh;
+
+	nlh = mnl_nlmsg_put_header(buf);
+	nlh->nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8) | type;
+	nlh->nlmsg_flags = NLM_F_REQUEST | flags;
+	nlh->nlmsg_seq = 0;
+
+	nfh = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg));
+	nfh->nfgen_family = l3num;
+	nfh->version = version;
+	nfh->res_id = 0;
+}
+
 static int
 __build_query_ct(struct nfnl_subsys_handle *ssh,
 		 const enum nf_conntrack_query qt,
@@ -810,23 +828,28 @@ __build_query_ct(struct nfnl_subsys_handle *ssh,
 		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_DELETE, NLM_F_ACK, *family,
+			      NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET, NLM_F_DUMP, *family,
+			      NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP_RESET:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_DUMP,
+			      *family, NFNETLINK_V0);
 		break;
 	case NFCT_Q_CREATE_UPDATE:
 		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_DUMP_FILTER:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, AF_UNSPEC, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET, NLM_F_DUMP, AF_UNSPEC,
+			      NFNETLINK_V0);
 		__build_filter_dump(req, size, data);
 		break;
 	case NFCT_Q_DUMP_FILTER_RESET:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, AF_UNSPEC, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_DUMP,
+			      AF_UNSPEC, NFNETLINK_V0);
 		__build_filter_dump(req, size, data);
 		break;
 	default:
diff --git a/src/expect/api.c b/src/expect/api.c
index b50a47f..33099d8 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -11,6 +11,7 @@
 #include <string.h> /* for memset */
 #include <errno.h>
 #include <assert.h>
+#include <libmnl/libmnl.h>
 
 #include "internal/internal.h"
 
@@ -515,6 +516,24 @@ int nfexp_build_expect(struct nfnl_subsys_handle *ssh,
 	return __build_expect(ssh, req, size, type, flags, exp);
 }
 
+static void nfexp_fill_hdr(struct nfnlhdr *req, uint16_t type, uint16_t flags,
+			   uint8_t l3num, uint8_t version)
+{
+	char *buf = (char *)&req->nlh;
+	struct nlmsghdr *nlh;
+	struct nfgenmsg *nfh;
+
+	nlh = mnl_nlmsg_put_header(buf);
+	nlh->nlmsg_type = (NFNL_SUBSYS_CTNETLINK_EXP << 8) | type;
+	nlh->nlmsg_flags = NLM_F_REQUEST | flags;
+	nlh->nlmsg_seq = 0;
+
+	nfh = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg));
+	nfh->nfgen_family = l3num;
+	nfh->version = version;
+	nfh->res_id = 0;
+}
+
 static int
 __build_query_exp(struct nfnl_subsys_handle *ssh,
 		  const enum nf_conntrack_query qt,
@@ -543,10 +562,12 @@ __build_query_exp(struct nfnl_subsys_handle *ssh,
 		__build_expect(ssh, req, size, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		nfexp_fill_hdr(req, IPCTNL_MSG_EXP_DELETE, NLM_F_ACK, *family,
+			       NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfexp_fill_hdr(req, IPCTNL_MSG_EXP_GET, NLM_F_DUMP, *family,
+			       NFNETLINK_V0);
 		break;
 	default:
 		errno = ENOTSUP;