diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/libnetfilter_queue.c | 23 | ||||
-rw-r--r-- | src/nlmsg.c | 1 |
2 files changed, 24 insertions, 0 deletions
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index c9ed865..84184ee 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -1218,6 +1218,29 @@ int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) } EXPORT_SYMBOL(nfq_get_gid); + +/** + * nfq_get_secctx - get the security context for this packet + * \param nfad Netlink packet data handle passed to callback function + * \param secdata data to write the security context to + * + * \return -1 on error, otherwise > 0 + */ +int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) +{ + if (!nfnl_attr_present(nfad->data, NFQA_SECCTX)) + return -1; + + *secdata = (unsigned char *)nfnl_get_pointer_to_data(nfad->data, + NFQA_SECCTX, char); + + if (*secdata) + return NFA_PAYLOAD(nfad->data[NFQA_SECCTX-1]); + + return 0; +} +EXPORT_SYMBOL(nfq_get_secctx); + /** * nfq_get_payload - get payload * \param nfad Netlink packet data handle passed to callback function diff --git a/src/nlmsg.c b/src/nlmsg.c index aebdd5e..cabd8be 100644 --- a/src/nlmsg.c +++ b/src/nlmsg.c @@ -137,6 +137,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data) case NFQA_IFINDEX_PHYSOUTDEV: case NFQA_CAP_LEN: case NFQA_SKB_INFO: + case NFQA_SECCTX: case NFQA_UID: case NFQA_GID: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) |