From 20cd0222c910e96c378e091e64b71d26e48916fe Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 26 Apr 2012 19:37:03 +0200
Subject: conntrack: add nfct_set_attr_l and ATTR_HELPER_INFO

This adds the ATTR_HELPER_INFO that can be used to send binary data
that will be attached to the conntrack. This is useful for the
user-space connection tracking support.

This patch also adds a new interface:

 nfct_set_attr_l(attr, type, value, length);

that is used to set the variable length helper information.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/api.c | 45 +++++++++++++++++++++++++++++++--------------
 1 file changed, 31 insertions(+), 14 deletions(-)

(limited to 'src/conntrack/api.c')

diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index 202b85d..000571f 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -93,6 +93,8 @@ void nfct_destroy(struct nf_conntrack *ct)
 	assert(ct != NULL);
 	if (ct->secctx)
 		free(ct->secctx);
+	if (ct->helper_info)
+		free(ct->helper_info);
 	free(ct);
 	ct = NULL; /* bugtrap */
 }
@@ -351,6 +353,29 @@ void nfct_callback_unregister2(struct nfct_handle *h)
  * @{
  */
 
+/**
+ * nfct_set_attr_l - set the value of a certain conntrack attribute
+ * \param ct pointer to a valid conntrack
+ * \param type attribute type
+ * \param pointer to attribute value
+ * \param length of attribute value (in bytes)
+ */
+void
+nfct_set_attr_l(struct nf_conntrack *ct, const enum nf_conntrack_attr type,
+		const void *value, size_t len)
+{
+	assert(ct != NULL);
+	assert(value != NULL);
+
+	if (unlikely(type >= ATTR_MAX))
+		return;
+
+	if (set_attr_array[type]) {
+		set_attr_array[type](ct, value, len);
+		set_bit(type, ct->head.set);
+	}
+}
+
 /**
  * nfct_set_attr - set the value of a certain conntrack attribute
  * \param ct pointer to a valid conntrack
@@ -369,16 +394,8 @@ void nfct_set_attr(struct nf_conntrack *ct,
 		   const enum nf_conntrack_attr type, 
 		   const void *value)
 {
-	assert(ct != NULL);
-	assert(value != NULL);
-
-	if (unlikely(type >= ATTR_MAX))
-		return;
-
-	if (set_attr_array[type]) {
-		set_attr_array[type](ct, value);
-		set_bit(type, ct->head.set);
-	}
+	/* We assume the setter knows the size of the passed pointer. */
+	nfct_set_attr_l(ct, type, value, 0);
 }
 
 /**
@@ -391,7 +408,7 @@ void nfct_set_attr_u8(struct nf_conntrack *ct,
 		      const enum nf_conntrack_attr type, 
 		      u_int8_t value)
 {
-	nfct_set_attr(ct, type, &value);
+	nfct_set_attr_l(ct, type, &value, sizeof(u_int8_t));
 }
 
 /**
@@ -404,7 +421,7 @@ void nfct_set_attr_u16(struct nf_conntrack *ct,
 		       const enum nf_conntrack_attr type, 
 		       u_int16_t value)
 {
-	nfct_set_attr(ct, type, &value);
+	nfct_set_attr_l(ct, type, &value, sizeof(u_int16_t));
 }
 
 /**
@@ -417,7 +434,7 @@ void nfct_set_attr_u32(struct nf_conntrack *ct,
 		       const enum nf_conntrack_attr type, 
 		       u_int32_t value)
 {
-	nfct_set_attr(ct, type, &value);
+	nfct_set_attr_l(ct, type, &value, sizeof(u_int32_t));
 }
 
 /**
@@ -430,7 +447,7 @@ void nfct_set_attr_u64(struct nf_conntrack *ct,
 		       const enum nf_conntrack_attr type, 
 		       u_int64_t value)
 {
-	nfct_set_attr(ct, type, &value);
+	nfct_set_attr_l(ct, type, &value, sizeof(u_int64_t));
 }
 
 /**
-- 
cgit v1.2.3