From 6510a98f4139f112a0c76c71ff889ef93eac41fb Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Tue, 6 Nov 2012 17:06:39 +0100 Subject: api: add connlabel api and attribute adds new labelmap api to create a name <-> bit mapping from a text file (default: /etc/xtables/connlabel.conf). nfct_labelmap_new(filename) is used to create the map, nfct_labelmap_destroy() releases the resources allocated for the map. Two functions are added to make map lookups: nfct_labelmap_get_name(map, bit) returns the name of a bit, nfct_labelmap_get_bit returns the bit associated with a name. The connlabel attribute is represented by a nfct_bitmask object, the nfct_bitmask api can be used to test/set/get individual bits ("labels"). The exisiting nfct_attr_get/set interfaces can be used to read or replace the existing labels associated with a conntrack with a new set. Signed-off-by: Florian Westphal --- src/conntrack/getter.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/conntrack/getter.c') diff --git a/src/conntrack/getter.c b/src/conntrack/getter.c index e7ab048..53c9e0e 100644 --- a/src/conntrack/getter.c +++ b/src/conntrack/getter.c @@ -339,6 +339,11 @@ static const void *get_attr_helper_info(const struct nf_conntrack *ct) return ct->helper_info; } +static const void *get_attr_connlabels(const struct nf_conntrack *ct) +{ + return ct->connlabels; +} + const get_attr get_attr_array[ATTR_MAX] = { [ATTR_ORIG_IPV4_SRC] = get_attr_orig_ipv4_src, [ATTR_ORIG_IPV4_DST] = get_attr_orig_ipv4_dst, @@ -406,4 +411,5 @@ const get_attr get_attr_array[ATTR_MAX] = { [ATTR_TIMESTAMP_START] = get_attr_timestamp_start, [ATTR_TIMESTAMP_STOP] = get_attr_timestamp_stop, [ATTR_HELPER_INFO] = get_attr_helper_info, + [ATTR_CONNLABELS] = get_attr_connlabels, }; -- cgit v1.2.3