From b4c3a23c884c24f4e5d941fb928cf49561a9cdf9 Mon Sep 17 00:00:00 2001 From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org" Date: Tue, 19 Dec 2006 17:41:53 +0000 Subject: Introduce the new libnetfilter_conntrack API, features: - object oriented infrastructure - extensible and configurable output (XML) - low level functions to interact with netlink details - fairly documented Still backward compatible. --- src/conntrack/setter.c | 173 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 173 insertions(+) create mode 100644 src/conntrack/setter.c (limited to 'src/conntrack/setter.c') diff --git a/src/conntrack/setter.c b/src/conntrack/setter.c new file mode 100644 index 0000000..7bc77b5 --- /dev/null +++ b/src/conntrack/setter.c @@ -0,0 +1,173 @@ +/* + * (C) 2006 by Pablo Neira Ayuso + * + * This software may be used and distributed according to the terms + * of the GNU General Public License, incorporated herein by reference. + */ + +#include "internal.h" + +static void set_attr_orig_ipv4_src(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].src.v4 = *((u_int32_t *) value); +} + +static void set_attr_orig_ipv4_dst(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].dst.v4 = *((u_int32_t *) value); +} + +static void set_attr_repl_ipv4_src(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].src.v4 = *((u_int32_t *) value); +} + +static void set_attr_repl_ipv4_dst(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].dst.v4 = *((u_int32_t *) value); +} + +static void set_attr_orig_ipv6_src(struct nf_conntrack *ct, const void *value) +{ + memcpy(&ct->tuple[__DIR_ORIG].src.v6, value, sizeof(u_int32_t)*4); +} + +static void set_attr_orig_ipv6_dst(struct nf_conntrack *ct, const void *value) +{ + memcpy(&ct->tuple[__DIR_ORIG].dst.v6, value, sizeof(u_int32_t)*4); +} + +static void set_attr_repl_ipv6_src(struct nf_conntrack *ct, const void *value) +{ + memcpy(&ct->tuple[__DIR_REPL].src.v6, value, sizeof(u_int32_t)*4); +} + +static void set_attr_repl_ipv6_dst(struct nf_conntrack *ct, const void *value) +{ + memcpy(&ct->tuple[__DIR_REPL].dst.v6, value, sizeof(u_int32_t)*4); +} + +static void set_attr_orig_port_src(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l4src.all = *((u_int16_t *) value); +} + +static void set_attr_orig_port_dst(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l4dst.all = *((u_int16_t *) value); +} + +static void set_attr_repl_port_src(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].l4src.all = *((u_int16_t *) value); +} + +static void set_attr_repl_port_dst(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].l4dst.all = *((u_int16_t *) value); +} + +static void set_attr_icmp_type(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l4dst.icmp.type = *((u_int8_t *) value); +} + +static void set_attr_icmp_code(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l4dst.icmp.code = *((u_int8_t *) value); +} + +static void set_attr_icmp_id(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l4src.icmp.id = *((u_int8_t *) value); +} + +static void set_attr_orig_l3proto(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].l3protonum = *((u_int8_t *) value); +} + +static void set_attr_repl_l3proto(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].l3protonum = *((u_int8_t *) value); +} + +static void set_attr_orig_l4proto(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_ORIG].protonum = *((u_int8_t *) value); +} + +static void set_attr_repl_l4proto(struct nf_conntrack *ct, const void *value) +{ + ct->tuple[__DIR_REPL].protonum = *((u_int8_t *) value); +} + +static void set_attr_tcp_state(struct nf_conntrack *ct, const void *value) +{ + ct->protoinfo.tcp.state = *((u_int8_t *) value); +} + +static void set_attr_snat_ipv4(struct nf_conntrack *ct, const void *value) +{ + ct->snat.min_ip = ct->snat.max_ip = *((u_int32_t *) value); +} + +static void set_attr_dnat_ipv4(struct nf_conntrack *ct, const void *value) +{ + ct->dnat.min_ip = ct->snat.max_ip = *((u_int32_t *) value); +} + +static void set_attr_snat_port(struct nf_conntrack *ct, const void *value) +{ + ct->snat.l4min.all = ct->snat.l4max.all = *((u_int16_t *) value); +} + +static void set_attr_dnat_port(struct nf_conntrack *ct, const void *value) +{ + ct->dnat.l4min.all = ct->dnat.l4max.all = *((u_int16_t *) value); +} + +static void set_attr_timeout(struct nf_conntrack *ct, const void *value) +{ + ct->timeout = *((u_int32_t *) value); +} + +static void set_attr_mark(struct nf_conntrack *ct, const void *value) +{ + ct->mark = *((u_int32_t *) value); +} + +static void set_attr_status(struct nf_conntrack *ct, const void *value) +{ + ct->status |= *((u_int32_t *) value); +} + +set_attr set_attr_array[] = { + [ATTR_ORIG_IPV4_SRC] = set_attr_orig_ipv4_src, + [ATTR_ORIG_IPV4_DST] = set_attr_orig_ipv4_dst, + [ATTR_REPL_IPV4_SRC] = set_attr_repl_ipv4_src, + [ATTR_REPL_IPV4_DST] = set_attr_repl_ipv4_dst, + [ATTR_ORIG_IPV6_SRC] = set_attr_orig_ipv6_src, + [ATTR_ORIG_IPV6_DST] = set_attr_orig_ipv6_dst, + [ATTR_REPL_IPV6_SRC] = set_attr_repl_ipv6_src, + [ATTR_REPL_IPV6_DST] = set_attr_repl_ipv6_dst, + [ATTR_ORIG_PORT_SRC] = set_attr_orig_port_src, + [ATTR_ORIG_PORT_DST] = set_attr_orig_port_dst, + [ATTR_REPL_PORT_SRC] = set_attr_repl_port_src, + [ATTR_REPL_PORT_DST] = set_attr_repl_port_dst, + [ATTR_ICMP_TYPE] = set_attr_icmp_type, + [ATTR_ICMP_CODE] = set_attr_icmp_code, + [ATTR_ICMP_ID] = set_attr_icmp_id, + [ATTR_ORIG_L3PROTO] = set_attr_orig_l3proto, + [ATTR_REPL_L3PROTO] = set_attr_repl_l3proto, + [ATTR_ORIG_L4PROTO] = set_attr_orig_l4proto, + [ATTR_REPL_L4PROTO] = set_attr_repl_l4proto, + [ATTR_TCP_STATE] = set_attr_tcp_state, + [ATTR_SNAT_IPV4] = set_attr_snat_ipv4, + [ATTR_DNAT_IPV4] = set_attr_dnat_ipv4, + [ATTR_SNAT_PORT] = set_attr_snat_port, + [ATTR_DNAT_PORT] = set_attr_dnat_port, + [ATTR_TIMEOUT] = set_attr_timeout, + [ATTR_MARK] = set_attr_mark, + [ATTR_STATUS] = set_attr_status, +}; -- cgit v1.2.3