From dbfa07f4abdafca547accab48e14156e4b67d7cc Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sun, 14 Nov 2021 11:37:44 +0100
Subject: conntrack: add nfct_nlmsg_build_filter() helper

This helper function builds the payload of the netlink dump request
including the filtering criteria.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack/build_mnl.c   | 22 ++++++++++++++++++++++
 src/conntrack/filter_dump.c | 18 ++----------------
 2 files changed, 24 insertions(+), 16 deletions(-)

(limited to 'src/conntrack')

diff --git a/src/conntrack/build_mnl.c b/src/conntrack/build_mnl.c
index 0067a1c..c3198c5 100644
--- a/src/conntrack/build_mnl.c
+++ b/src/conntrack/build_mnl.c
@@ -595,3 +595,25 @@ nfct_nlmsg_build(struct nlmsghdr *nlh, const struct nf_conntrack *ct)
 
 	return 0;
 }
+
+int nfct_nlmsg_build_filter(struct nlmsghdr *nlh,
+			    const struct nfct_filter_dump *filter_dump)
+{
+	struct nfgenmsg *nfg;
+
+	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
+		mnl_attr_put_u32(nlh, CTA_MARK, htonl(filter_dump->mark.val));
+		mnl_attr_put_u32(nlh, CTA_MARK_MASK, htonl(filter_dump->mark.mask));
+	}
+	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
+		nfg = mnl_nlmsg_get_payload(nlh);
+		nfg->nfgen_family = filter_dump->l3num;
+	}
+	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
+		mnl_attr_put_u32(nlh, CTA_STATUS, htonl(filter_dump->status.val));
+		mnl_attr_put_u32(nlh, CTA_STATUS_MASK,
+				 htonl(filter_dump->status.mask));
+	}
+
+	return 0;
+}
diff --git a/src/conntrack/filter_dump.c b/src/conntrack/filter_dump.c
index 3894d06..9bf9296 100644
--- a/src/conntrack/filter_dump.c
+++ b/src/conntrack/filter_dump.c
@@ -8,6 +8,7 @@
  */
 
 #include "internal/internal.h"
+#include <libmnl/libmnl.h>
 
 static void
 set_filter_dump_attr_mark(struct nfct_filter_dump *filter_dump,
@@ -45,20 +46,5 @@ const set_filter_dump_attr set_filter_dump_attr_array[NFCT_FILTER_DUMP_MAX] = {
 void __build_filter_dump(struct nfnlhdr *req, size_t size,
 			 const struct nfct_filter_dump *filter_dump)
 {
-	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
-		nfnl_addattr32(&req->nlh, size, CTA_MARK,
-				htonl(filter_dump->mark.val));
-		nfnl_addattr32(&req->nlh, size, CTA_MARK_MASK,
-				htonl(filter_dump->mark.mask));
-	}
-	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
-		struct nfgenmsg *nfg = NLMSG_DATA(&req->nlh);
-		nfg->nfgen_family = filter_dump->l3num;
-	}
-	if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
-		nfnl_addattr32(&req->nlh, size, CTA_STATUS,
-				htonl(filter_dump->status.val));
-		nfnl_addattr32(&req->nlh, size, CTA_STATUS_MASK,
-				htonl(filter_dump->status.mask));
-	}
+	nfct_nlmsg_build_filter(&req->nlh, filter_dump);
 }
-- 
cgit v1.2.3