summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libnetfilter_queue.c23
-rw-r--r--src/nlmsg.c1
2 files changed, 24 insertions, 0 deletions
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c
index c9ed865..84184ee 100644
--- a/src/libnetfilter_queue.c
+++ b/src/libnetfilter_queue.c
@@ -1218,6 +1218,29 @@ int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid)
}
EXPORT_SYMBOL(nfq_get_gid);
+
+/**
+ * nfq_get_secctx - get the security context for this packet
+ * \param nfad Netlink packet data handle passed to callback function
+ * \param secdata data to write the security context to
+ *
+ * \return -1 on error, otherwise > 0
+ */
+int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata)
+{
+ if (!nfnl_attr_present(nfad->data, NFQA_SECCTX))
+ return -1;
+
+ *secdata = (unsigned char *)nfnl_get_pointer_to_data(nfad->data,
+ NFQA_SECCTX, char);
+
+ if (*secdata)
+ return NFA_PAYLOAD(nfad->data[NFQA_SECCTX-1]);
+
+ return 0;
+}
+EXPORT_SYMBOL(nfq_get_secctx);
+
/**
* nfq_get_payload - get payload
* \param nfad Netlink packet data handle passed to callback function
diff --git a/src/nlmsg.c b/src/nlmsg.c
index aebdd5e..cabd8be 100644
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -137,6 +137,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
case NFQA_IFINDEX_PHYSOUTDEV:
case NFQA_CAP_LEN:
case NFQA_SKB_INFO:
+ case NFQA_SECCTX:
case NFQA_UID:
case NFQA_GID:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)