summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/libnetfilter_conntrack/libnetfilter_conntrack.h1
-rw-r--r--src/conntrack/build_mnl.c22
-rw-r--r--src/conntrack/filter_dump.c18
-rw-r--r--src/conntrack/proto.c4
4 files changed, 27 insertions, 18 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 6233434..e229472 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -587,6 +587,7 @@ int nfct_build_query(struct nfnl_subsys_handle *ssh,
/* New low level API: netlink functions */
extern int nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct);
+extern int nfct_nlmsg_build_filter(struct nlmsghdr *nlh, const struct nfct_filter_dump *filter_dump);
extern int nfct_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_conntrack *ct);
extern int nfct_payload_parse(const void *payload, size_t payload_len, uint16_t l3num, struct nf_conntrack *ct);
diff --git a/src/conntrack/build_mnl.c b/src/conntrack/build_mnl.c
index 0067a1c..c3198c5 100644
--- a/src/conntrack/build_mnl.c
+++ b/src/conntrack/build_mnl.c
@@ -595,3 +595,25 @@ nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct)
return 0;
}
+
+int nfct_nlmsg_build_filter(struct nlmsghdr *nlh,
+ const struct nfct_filter_dump *filter_dump)
+{
+ struct nfgenmsg *nfg;
+
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
+ mnl_attr_put_u32(nlh, CTA_MARK, htonl(filter_dump->mark.val));
+ mnl_attr_put_u32(nlh, CTA_MARK_MASK, htonl(filter_dump->mark.mask));
+ }
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
+ nfg = mnl_nlmsg_get_payload(nlh);
+ nfg->nfgen_family = filter_dump->l3num;
+ }
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
+ mnl_attr_put_u32(nlh, CTA_STATUS, htonl(filter_dump->status.val));
+ mnl_attr_put_u32(nlh, CTA_STATUS_MASK,
+ htonl(filter_dump->status.mask));
+ }
+
+ return 0;
+}
diff --git a/src/conntrack/filter_dump.c b/src/conntrack/filter_dump.c
index 3894d06..9bf9296 100644
--- a/src/conntrack/filter_dump.c
+++ b/src/conntrack/filter_dump.c
@@ -8,6 +8,7 @@
*/
#include "internal/internal.h"
+#include <libmnl/libmnl.h>
static void
set_filter_dump_attr_mark(struct nfct_filter_dump *filter_dump,
@@ -45,20 +46,5 @@ const set_filter_dump_attr set_filter_dump_attr_array[NFCT_FILTER_DUMP_MAX] = {
void __build_filter_dump(struct nfnlhdr *req, size_t size,
const struct nfct_filter_dump *filter_dump)
{
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
- nfnl_addattr32(&req->nlh, size, CTA_MARK,
- htonl(filter_dump->mark.val));
- nfnl_addattr32(&req->nlh, size, CTA_MARK_MASK,
- htonl(filter_dump->mark.mask));
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
- struct nfgenmsg *nfg = NLMSG_DATA(&req->nlh);
- nfg->nfgen_family = filter_dump->l3num;
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
- nfnl_addattr32(&req->nlh, size, CTA_STATUS,
- htonl(filter_dump->status.val));
- nfnl_addattr32(&req->nlh, size, CTA_STATUS_MASK,
- htonl(filter_dump->status.mask));
- }
+ nfct_nlmsg_build_filter(&req->nlh, filter_dump);
}
diff --git a/src/conntrack/proto.c b/src/conntrack/proto.c
index ba79b9b..03b37c0 100644
--- a/src/conntrack/proto.c
+++ b/src/conntrack/proto.c
@@ -15,8 +15,8 @@ static const uint8_t invmap_icmp[] = {
static const uint8_t invmap_icmpv6[] = {
[ICMPV6_ECHO_REQUEST - 128] = ICMPV6_ECHO_REPLY + 1,
[ICMPV6_ECHO_REPLY - 128] = ICMPV6_ECHO_REQUEST + 1,
- [ICMPV6_NI_QUERY - 128] = ICMPV6_NI_QUERY + 1,
- [ICMPV6_NI_REPLY - 128] = ICMPV6_NI_REPLY + 1
+ [ICMPV6_NI_QUERY - 128] = ICMPV6_NI_REPLY + 1,
+ [ICMPV6_NI_REPLY - 128] = ICMPV6_NI_QUERY + 1
};
uint8_t __icmp_reply_type(uint8_t type)