From 8b14339d6d26c5ff0ab176edba9bcfb0fa7526e1 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org"
Date: Mon, 17 Dec 2007 00:55:40 +0000
Subject: - add support for secmark - fix typo s/test_but/test_bit/
---
src/conntrack/build.c | 12 +++++++++++-
src/conntrack/parse.c | 5 +++++
src/conntrack/snprintf_default.c | 12 ++++++++++++
src/conntrack/snprintf_xml.c | 7 +++++++
4 files changed, 35 insertions(+), 1 deletion(-)
(limited to 'src/conntrack')
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index 169f289..f5e7353 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -236,6 +236,13 @@ void __build_mark(struct nfnlhdr *req,
nfnl_addattr32(&req->nlh, size, CTA_MARK, htonl(ct->mark));
}
+void __build_secmark(struct nfnlhdr *req,
+ size_t size,
+ const struct nf_conntrack *ct)
+{
+ nfnl_addattr32(&req->nlh, size, CTA_SECMARK, htonl(ct->secmark));
+}
+
int __build_conntrack(struct nfnl_subsys_handle *ssh,
struct nfnlhdr *req,
size_t size,
@@ -282,11 +289,14 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
if (test_bit(ATTR_MARK, ct->set))
__build_mark(req, size, ct);
+ if (test_bit(ATTR_SECMARK, ct->set))
+ __build_secmark(req, size, ct);
+
if (test_bit(ATTR_TCP_STATE, ct->set) ||
(test_bit(ATTR_TCP_FLAGS_ORIG, ct->set) &&
test_bit(ATTR_TCP_MASK_ORIG, ct->set)) ||
(test_bit(ATTR_TCP_FLAGS_REPL, ct->set) &&
- test_but(ATTR_TCP_MASK_REPL, ct->set)))
+ test_bit(ATTR_TCP_MASK_REPL, ct->set)))
__build_protoinfo(req, size, ct);
if (test_bit(ATTR_SNAT_IPV4, ct->set) &&
diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c
index 75c5072..d5482cc 100644
--- a/src/conntrack/parse.c
+++ b/src/conntrack/parse.c
@@ -322,6 +322,11 @@ void __parse_conntrack(const struct nlmsghdr *nlh,
set_bit(ATTR_MARK, ct->set);
}
+ if (cda[CTA_SECMARK-1]) {
+ ct->secmark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1]));
+ set_bit(ATTR_SECMARK, ct->set);
+ }
+
if (cda[CTA_COUNTERS_ORIG-1])
__parse_counters(cda[CTA_COUNTERS_ORIG-1], ct, __DIR_ORIG);
diff --git a/src/conntrack/snprintf_default.c b/src/conntrack/snprintf_default.c
index 996fe1a..04c2af3 100644
--- a/src/conntrack/snprintf_default.c
+++ b/src/conntrack/snprintf_default.c
@@ -194,6 +194,13 @@ int __snprintf_mark(char *buf, unsigned int len, const struct nf_conntrack *ct)
return (snprintf(buf, len, "mark=%u ", ct->mark));
}
+int __snprintf_secmark(char *buf,
+ unsigned int len,
+ const struct nf_conntrack *ct)
+{
+ return (snprintf(buf, len, "secmark=%u ", ct->secmark));
+}
+
int __snprintf_use(char *buf, unsigned int len, const struct nf_conntrack *ct)
{
return (snprintf(buf, len, "use=%u ", ct->use));
@@ -285,6 +292,11 @@ int __snprintf_conntrack_default(char *buf,
BUFFER_SIZE(ret, size, len, offset);
}
+ if (test_bit(ATTR_SECMARK, ct->set)) {
+ ret = __snprintf_secmark(buf+offset, len, ct);
+ BUFFER_SIZE(ret, size, len, offset);
+ }
+
if (test_bit(ATTR_USE, ct->set)) {
ret = __snprintf_use(buf+offset, len, ct);
BUFFER_SIZE(ret, size, len, offset);
diff --git a/src/conntrack/snprintf_xml.c b/src/conntrack/snprintf_xml.c
index 56b2016..5f5b6bb 100644
--- a/src/conntrack/snprintf_xml.c
+++ b/src/conntrack/snprintf_xml.c
@@ -45,6 +45,7 @@
*
* 100
* 1
+ * 0
*
*
*
@@ -307,6 +308,12 @@ int __snprintf_conntrack_xml(char *buf,
BUFFER_SIZE(ret, size, len, offset);
}
+ if (test_bit(ATTR_SECMARK, ct->set)) {
+ ret = snprintf(buf+offset, len,
+ "%u", ct->secmark);
+ BUFFER_SIZE(ret, size, len, offset);
+ }
+
if (test_bit(ATTR_USE, ct->set)) {
ret = snprintf(buf+offset, len, "", ct->use);
BUFFER_SIZE(ret, size, len, offset);
--
cgit v1.2.3