From 62ed08f2d25ef0f332fe65fd40a97ff4dc4eda93 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 9 Feb 2012 18:56:59 +0100
Subject: conntrack: add support for CTA_MARK_MASK and filtered dumping

This patch adds the infrastructure to allow filtered dumping.

See utils/conntrack_dump_filter.c for instance.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/filter_dump.c | 49 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 src/conntrack/filter_dump.c

(limited to 'src/conntrack/filter_dump.c')

diff --git a/src/conntrack/filter_dump.c b/src/conntrack/filter_dump.c
new file mode 100644
index 0000000..9e2e169
--- /dev/null
+++ b/src/conntrack/filter_dump.c
@@ -0,0 +1,49 @@
+/*
+ * (C) 2005-2012 by Pablo Neira Ayuso <pablo@netfilter.org>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ */
+
+#include "internal/internal.h"
+
+static void
+set_filter_dump_attr_mark(struct nfct_filter_dump *filter_dump,
+			  const void *value)
+{
+	const struct nfct_filter_dump_mark *this = value;
+
+	filter_dump->mark.val = this->val;
+	filter_dump->mark.mask = this->mask;
+	filter_dump->set |= (1 << NFCT_FILTER_DUMP_MARK);
+}
+
+static void
+set_filter_dump_attr_family(struct nfct_filter_dump *filter_dump,
+			    const void *value)
+{
+	filter_dump->l3num = *((u_int8_t *)value);
+	filter_dump->set |= (1 << NFCT_FILTER_DUMP_L3NUM);
+}
+
+const set_filter_dump_attr set_filter_dump_attr_array[NFCT_FILTER_DUMP_MAX] = {
+	[NFCT_FILTER_DUMP_MARK]		= set_filter_dump_attr_mark,
+	[NFCT_FILTER_DUMP_L3NUM]	= set_filter_dump_attr_family,
+};
+
+void __build_filter_dump(struct nfnlhdr *req, size_t size,
+			 const struct nfct_filter_dump *filter_dump)
+{
+	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
+		nfnl_addattr32(&req->nlh, size, CTA_MARK,
+				htonl(filter_dump->mark.val));
+		nfnl_addattr32(&req->nlh, size, CTA_MARK_MASK,
+				htonl(filter_dump->mark.mask));
+	}
+	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
+		struct nfgenmsg *nfg = NLMSG_DATA(&req->nlh);
+		nfg->nfgen_family = filter_dump->l3num;
+	}
+}
-- 
cgit v1.2.3