summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2012-01-04 17:16:39 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2012-01-04 17:16:39 +0100
commit8e63e483240687ee4c4325073d84926e39416bc9 (patch)
tree54848f691373638fc54c84c5f87938e18977f6b1 /src
parent849342adcb7099d23b39192a4369908bb0259eee (diff)
expect: add nfexp_cmp
This patch adds nfexp_cmp that allows you to compare two expectation objects. This includes the extension of test_api for this new function. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/conntrack/compare.c10
-rw-r--r--src/expect/Makefile.am1
-rw-r--r--src/expect/api.c34
-rw-r--r--src/expect/compare.c59
4 files changed, 99 insertions, 5 deletions
diff --git a/src/conntrack/compare.c b/src/conntrack/compare.c
index f94f1b9..830195f 100644
--- a/src/conntrack/compare.c
+++ b/src/conntrack/compare.c
@@ -144,9 +144,9 @@ cmp_orig_ipv6_dst(const struct nf_conntrack *ct1,
sizeof(struct in6_addr)) == 0);
}
-static int cmp_orig(const struct nf_conntrack *ct1,
- const struct nf_conntrack *ct2,
- unsigned int flags)
+int __cmp_orig(const struct nf_conntrack *ct1,
+ const struct nf_conntrack *ct2,
+ unsigned int flags)
{
if (!__cmp(ATTR_ORIG_L3PROTO, ct1, ct2, flags, cmp_orig_l3proto))
return 0;
@@ -399,10 +399,10 @@ int __compare(const struct nf_conntrack *ct1,
{
if ((flags & ~(NFCT_CMP_MASK|NFCT_CMP_STRICT)) == NFCT_CMP_ALL)
return cmp_meta(ct1, ct2, flags) &&
- cmp_orig(ct1, ct2, flags) &&
+ __cmp_orig(ct1, ct2, flags) &&
cmp_repl(ct1, ct2, flags);
- if (flags & NFCT_CMP_ORIG && !cmp_orig(ct1, ct2, flags))
+ if (flags & NFCT_CMP_ORIG && !__cmp_orig(ct1, ct2, flags))
return 0;
if (flags & NFCT_CMP_REPL && !cmp_repl(ct1, ct2, flags))
diff --git a/src/expect/Makefile.am b/src/expect/Makefile.am
index 8adf740..977a359 100644
--- a/src/expect/Makefile.am
+++ b/src/expect/Makefile.am
@@ -3,6 +3,7 @@ include $(top_srcdir)/Make_global.am
noinst_LTLIBRARIES = libnfexpect.la
libnfexpect_la_SOURCES = api.c \
+ compare.c \
getter.c setter.c \
parse.c build.c \
snprintf.c \
diff --git a/src/expect/api.c b/src/expect/api.c
index cf45091..4da44a0 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -99,6 +99,40 @@ struct nf_expect *nfexp_clone(const struct nf_expect *exp)
}
/**
+ * nfexp_cmp - compare two expectation objects
+ * \param exp1 pointer to a valid expectation object
+ * \param exp2 pointer to a valid expectation object
+ * \param flags flags
+ *
+ * This function only compare attribute set in both objects, by default
+ * the comparison is not strict, ie. if a certain attribute is not set in one
+ * of the objects, then such attribute is not used in the comparison.
+ * If you want more strict comparisons, you can use the appropriate flags
+ * to modify this behaviour (see NFCT_CMP_STRICT and NFCT_CMP_MASK).
+ *
+ * The available flags are:
+ * - NFCT_CMP_STRICT: the compared objects must have the same attributes
+ * and the same values, otherwise it returns that the objects are
+ * different.
+ * - NFCT_CMP_MASK: the first object is used as mask, this means that
+ * if an attribute is present in exp1 but not in exp2, this function
+ * returns that the objects are different.
+ *
+ * Other existing flags that are used by nfct_cmp() are ignored.
+ *
+ * If both conntrack object are equal, this function returns 1, otherwise
+ * 0 is returned.
+ */
+int nfexp_cmp(const struct nf_expect *exp1, const struct nf_expect *exp2,
+ unsigned int flags)
+{
+ assert(exp1 != NULL);
+ assert(exp2 != NULL);
+
+ return __cmp_expect(exp1, exp2, flags);
+}
+
+/**
* @}
*/
diff --git a/src/expect/compare.c b/src/expect/compare.c
new file mode 100644
index 0000000..65ec9c2
--- /dev/null
+++ b/src/expect/compare.c
@@ -0,0 +1,59 @@
+/*
+ * (C) 2005-2012 by Pablo Neira Ayuso <pablo@netfilter.org>
+ * (C) 2012 by Vyatta Inc. <http://www.vyatta.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+#include "internal/internal.h"
+
+static int exp_cmp(int attr,
+ const struct nf_expect *exp1,
+ const struct nf_expect *exp2,
+ unsigned int flags,
+ int (*cmp)(const struct nf_expect *exp1,
+ const struct nf_expect *exp2,
+ unsigned int flags))
+{
+ if (test_bit(attr, exp1->set) && test_bit(attr, exp2->set)) {
+ return cmp(exp1, exp2, flags);
+ } else if (flags & NFCT_CMP_MASK &&
+ test_bit(attr, exp1->set)) {
+ return 0;
+ } else if (flags & NFCT_CMP_STRICT) {
+ return 0;
+ }
+ return 1;
+}
+
+static int
+cmp_exp_flags(const struct nf_expect *exp1, const struct nf_expect *exp,
+ unsigned int flags)
+{
+ return (exp->flags == exp->flags);
+}
+
+int __cmp_expect(const struct nf_expect *exp1,
+ const struct nf_expect *exp2,
+ unsigned int flags)
+{
+ if (!__cmp_orig((struct nf_conntrack *)&exp1->master,
+ (struct nf_conntrack *)&exp2->master, flags)) {
+ return 0;
+ }
+ if (!__cmp_orig((struct nf_conntrack *)&exp1->expected,
+ (struct nf_conntrack *)&exp2->expected, flags)) {
+ return 0;
+ }
+ if (!__cmp_orig((struct nf_conntrack *)&exp1->mask,
+ (struct nf_conntrack *)&exp2->mask, flags)) {
+ return 0;
+ }
+ if (!exp_cmp(ATTR_EXP_FLAGS, exp1, exp2, flags, cmp_exp_flags))
+ return 0;
+
+ return 1;
+}