From 7dd5289076160ee2844978bfd1640ca7aa34f4da Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 30 Oct 2008 20:44:25 +0100 Subject: groups: add attribute group API This new API allows you to set and get some logical set of attributes. This is not intended to replace the existing per-attribute get/set API but to provide more efficient way to get/set certain attributes. This change includes an example file (conntrack_grp_create.c) of the use of the attribute group API. See ATTR_GRP_* for more information on the existing groups. Signed-off-by: Pablo Neira Ayuso --- src/conntrack/api.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) (limited to 'src/conntrack/api.c') diff --git a/src/conntrack/api.c b/src/conntrack/api.c index 61d3237..efd298e 100644 --- a/src/conntrack/api.c +++ b/src/conntrack/api.c @@ -384,6 +384,99 @@ int nfct_attr_unset(struct nf_conntrack *ct, return 0; } +/** + * nfct_set_attr_grp - set a group of attributes + * @ct: pointer to a valid conntrack object + * @type: attribute group (see ATTR_GRP_*) + * @data: pointer to struct (see struct nfct_attr_grp_*) + * + * Note that calling this function for ATTR_GRP_COUNTER_* does nothing since + * counters are unsettable. + */ +void nfct_set_attr_grp(struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type, + const void *data) +{ + assert(ct != NULL); + + if (unlikely(type >= ATTR_GRP_MAX)) + return; + + if (set_attr_grp_array[type]) { + set_attr_grp_array[type](ct, data); + set_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET); + } +} + +/** + * nfct_get_attr_grp - get an attribute group + * @ct: pointer to a valid conntrack object + * @type: attribute group (see ATTR_GRP_*) + * @data: pointer to struct (see struct nfct_attr_grp_*) + * + * On error, it returns -1 and errno is appropriately set. On success, the + * data pointer contains the attribute group. + */ +int nfct_get_attr_grp(const struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type, + void *data) +{ + assert(ct != NULL); + + if (unlikely(type >= ATTR_GRP_MAX)) { + errno = EINVAL; + return -1; + } + if (!test_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET)) { + errno = ENODATA; + return -1; + } + assert(get_attr_grp_array[type]); + get_attr_grp_array[type](ct, data); + return 0; +} + +/** + * nfct_attr_grp_is_set - check if an attribute group is set + * @ct: pointer to a valid conntrack object + * @type: attribute group (see ATTR_GRP_*) + * + * If the attribute group is set, this function returns 1, otherwise 0. + */ +int nfct_attr_grp_is_set(const struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type) +{ + assert(ct != NULL); + + if (unlikely(type >= ATTR_GRP_MAX)) { + errno = EINVAL; + return -1; + } + return test_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET); +} + +/** + * nfct_attr_grp_unset - unset an attribute group + * @ct: pointer to a valid conntrack object + * @type: attribute group (see ATTR_GRP_*) + * + * On error, it returns -1 and errno is appropriately set. On success, + * this function returns 0. + */ +int nfct_attr_grp_unset(struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type) +{ + assert(ct != NULL); + + if (unlikely(type >= ATTR_GRP_MAX)) { + errno = EINVAL; + return -1; + } + unset_bitmask_u32(ct->set, attr_grp_bitmask[type], __NFCT_BITSET); + + return 0; +} + /** * nfct_build_conntrack - build a netlink message from a conntrack object * @ssh: nfnetlink subsystem handler -- cgit v1.2.3