path: root/src/conntrack/grp_setter.c
Commit message (Collapse)AuthorAgeFilesLines
* src: Use stdint types everywhereFelix Janda2015-05-251-9/+9
| | | | | Signed-off-by: Felix Janda <> Signed-off-by: Pablo Neira Ayuso <>
* conntrack: fix new ATTR_GRP_[ORIG|REPL]_ADDR_[SRC|DST]Pablo Neira Ayuso2012-04-291-32/+4
| | | | | | | | | | The previous patch was incomplete. This fixes several issues with it like the IPV4 and IPV6 address are mutually exclusive, thus, the getter operation works. No sane way to support the setter operation correctly, thus, it's been documented that it has no effect. Signed-off-by: Pablo Neira Ayuso <>
* conntrack: add new ATTR_GRP_[ORIG|REPL]_ADDR_[SRC|DST] attributePablo Neira Ayuso2012-04-271-0/+32
| | | | | | | | | | | | | | | | | | | | This allows you to set and to get the address for both IPv4 and IPV6 using the same interface. This can simplify much redundant code that needs to support both protocols. This relies on some fixed layout union: union nfct_attr_grp_addr { u_int32_t ip; u_int32_t ip6[4]; u_int32_t addr[4]; }; But I don't see this library will support anything different from IPv4 and IPv6 as layer 3 protocol. If that happens and some point, we can add some new attribute group and deprecate this one. Signed-off-by: Pablo Neira Ayuso <>
* src: put nf_expect and nf_conntrack into dietPablo Neira Ayuso2012-01-041-32/+32
| | | | | | | | | | | | | | | | Now, struct nf_expect takes only 192 bytes, instead of 1KB. struct nf_conntrack takes 296 bytes instead of 328 bytes. The size of the nf_expect structure has been reduced by rearranging the layout of the nf_conntrack structure. For the nf_conntrack case, this removes the allocation of room for attributes that the master tuple does not use (more specifically, the NATseq bytes). This patch modifies the binary layout of struct nf_conntrack. This should not be a problem since the definition of this object is opaque (it can be only accessed via get/set API). Signed-off-by: Pablo Neira Ayuso <>
* src: clarify licensing terms of library (GPLv2+)Pablo Neira Ayuso2011-12-301-3/+5
| | | | | | | | | | | | | | | | This patch is *not* changing the licensing terms of this library (which was initially released under GPLv2 and later on extended to GPLv2+ after contacting all the contributors who kindly agreed to extend it to any later GPL version). Jan says: "In libnetfilter_conntrack, there are many .c files declaring GNU GPL incorporated herein by reference without telling which version(s) exactly apply. Given src/main.c for example is actually GPL-2.0+, the reference made is ambiguous." This patch should definitely clarify this. Signed-off-by: Pablo Neira Ayuso <>
* src: declare non-modified data as constJan Engelhardt2010-11-091-2/+2
| | | | Signed-off-by: Jan Engelhardt <>
* src: set specific array size for the APIPablo Neira Ayuso2008-11-231-1/+1
| | | | | | | This patch adds the size of the arrays to set to NULL unset elements. This helps to spot unset functions for new attributes. Signed-off-by: Pablo Neira Ayuso <>
* groups: add attribute group APIPablo Neira Ayuso2008-10-301-0/+156
This new API allows you to set and get some logical set of attributes. This is not intended to replace the existing per-attribute get/set API but to provide more efficient way to get/set certain attributes. This change includes an example file (conntrack_grp_create.c) of the use of the attribute group API. See ATTR_GRP_* for more information on the existing groups. Signed-off-by: Pablo Neira Ayuso <>