From b3c288427f1906e2b7c7f6e8c5747db8ccc5f62a Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 6 Dec 2011 18:29:53 +0100 Subject: expect: nfexp_snprintf displays mask and master tuple information This patch adds mask and master tuple information regarding one expectation. This information has been not shown so far. I consider that it is interesting because you can use this information to troubleshoot expectation issues. Moreover, you can know which is the master conntrack that this expectation is attached to. This extends the text-based output for `conntrack -L exp'. This can be considered a backward compatibily issue since existing tools that are parsing this interface may break. But this is not our fault, we provide an API to the conntrack table via libnetfilter_conntrack. People should use those. Signed-off-by: Pablo Neira Ayuso --- src/expect/parse.c | 5 ++++- src/expect/snprintf_default.c | 22 +++++++++++++++++++++- 2 files changed, 25 insertions(+), 2 deletions(-) (limited to 'src/expect') diff --git a/src/expect/parse.c b/src/expect/parse.c index be9be78..0581aca 100644 --- a/src/expect/parse.c +++ b/src/expect/parse.c @@ -34,9 +34,12 @@ void __parse_expect(const struct nlmsghdr *nlh, exp->expected.tuple[__DIR_ORIG].l3protonum = nfhdr->nfgen_family; set_bit(ATTR_ORIG_L3PROTO, exp->expected.set); - exp->mask.tuple[__DIR_REPL].l3protonum = nfhdr->nfgen_family; + exp->mask.tuple[__DIR_ORIG].l3protonum = nfhdr->nfgen_family; set_bit(ATTR_ORIG_L3PROTO, exp->mask.set); + exp->master.tuple[__DIR_ORIG].l3protonum = nfhdr->nfgen_family; + set_bit(ATTR_ORIG_L3PROTO, exp->master.set); + if (cda[CTA_EXPECT_MASTER-1]) { __parse_tuple(cda[CTA_EXPECT_MASTER-1], &exp->master.tuple[__DIR_ORIG], diff --git a/src/expect/snprintf_default.c b/src/expect/snprintf_default.c index 51ffb30..c4a19fa 100644 --- a/src/expect/snprintf_default.c +++ b/src/expect/snprintf_default.c @@ -56,7 +56,9 @@ int __snprintf_expect_default(char *buf, ret = __snprintf_expect_proto(buf+offset, len, exp); BUFFER_SIZE(ret, size, len, offset); - ret = __snprintf_address(buf+offset, len, &exp->expected.tuple[__DIR_ORIG]); + ret = __snprintf_address(buf+offset, len, + &exp->expected.tuple[__DIR_ORIG], + "src", "dst"); BUFFER_SIZE(ret, size, len, offset); ret = __snprintf_proto(buf+offset, len, &exp->expected.tuple[__DIR_ORIG]); @@ -82,6 +84,24 @@ int __snprintf_expect_default(char *buf, BUFFER_SIZE(ret, size, len, offset); } + ret = __snprintf_address(buf+offset, len, + &exp->mask.tuple[__DIR_ORIG], + "mask-src", "mask-dst"); + BUFFER_SIZE(ret, size, len, offset); + + ret = __snprintf_proto(buf+offset, len, + &exp->mask.tuple[__DIR_ORIG]); + BUFFER_SIZE(ret, size, len, offset); + + ret = __snprintf_address(buf+offset, len, + &exp->master.tuple[__DIR_ORIG], + "master-src", "master-dst"); + BUFFER_SIZE(ret, size, len, offset); + + ret = __snprintf_proto(buf+offset, len, + &exp->master.tuple[__DIR_ORIG]); + BUFFER_SIZE(ret, size, len, offset); + /* Delete the last blank space if needed */ if (len > 0 && buf[size-1] == ' ') size--; -- cgit v1.2.3