From d773fb2afc097a08d51eae42740c63142b1752cf Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Mon, 16 Apr 2012 12:13:45 +0200 Subject: expect: add new API to build/parse ctnetlink messages using libmnl This patch adds support to build and to parse netlink messages from/to one user-space nf_conntrack object. It uses libmnl, thus libnetfilter_conntrack now depends on this library. Signed-off-by: Pablo Neira Ayuso --- include/internal/prototypes.h | 3 +++ include/libnetfilter_conntrack/libnetfilter_conntrack.h | 5 +++++ 2 files changed, 8 insertions(+) (limited to 'include') diff --git a/include/internal/prototypes.h b/include/internal/prototypes.h index 730eb6b..eeeea24 100644 --- a/include/internal/prototypes.h +++ b/include/internal/prototypes.h @@ -39,6 +39,9 @@ int __setup_netlink_socket_filter(int fd, struct nfct_filter *filter); void __build_filter_dump(struct nfnlhdr *req, size_t size, const struct nfct_filter_dump *filter_dump); +int nfct_build_tuple(struct nlmsghdr *nlh, const struct __nfct_tuple *t, int type); +int nfct_parse_tuple(const struct nlattr *attr, struct __nfct_tuple *tuple, int dir, u_int32_t *set); + /* * expectation internal prototypes */ diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index 87c73a3..fbd67ef 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -680,6 +680,11 @@ int nfexp_build_query(struct nfnl_subsys_handle *ssh, void *buffer, unsigned int size); +/* New low level API: netlink functions */ + +extern int nfexp_nlmsg_build(struct nlmsghdr *nlh, const struct nf_expect *exp); +extern int nfexp_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_expect *exp); + /* Bitset representing status of connection. Taken from ip_conntrack.h * * Note: For backward compatibility this shouldn't ever change -- cgit v1.2.3