summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* nfnl: avoid exit on large packetJan Engelhardt2011-07-301-3/+1
| | | | | | | | Using exit from shared libraries is unwelcome (automated build systems flag it) and one should rather return gracefully. Looking at this particular spot however, while a Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: use -Wall across the entire sourceJan Engelhardt2011-07-301-2/+0
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* src: BAD_SIZEOFJiri Popelka2011-06-131-2/+2
| | | | | | | | | | | static analysis (analysis based only on compiling of sources, not based on running of binary) of the code revealed the following problem: libnfnetlink.c:481: Taking the size of pointer parameter "nlh" is suspicious. libnfnetlink.c:486: Taking the size of pointer parameter "nlh" is suspicious. Signed-off-by: Jiri Popelka <jpopelka@redhat.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: remove redundant castsJan Engelhardt2010-11-093-22/+21
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* build: remove -fPIC flagJan Engelhardt2010-10-301-2/+1
| | | | | | libtool automatically adds PIC flags as needed. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iftable: fix wrong handler unregistration on errorPablo Neira Ayuso2010-09-301-1/+1
| | | | | | | | Need to unregister the ifadd_handler in err_unregister instead of unregistering ifdel_handler. Signed-off-by: Andrey Kuzin <kuzinandrey@yandex.ru> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfnl: add nfnl_addattr8() functionPablo Neira Ayuso2009-06-111-0/+17
| | | | | | | This patch adds the function nfnl_addattr8() as it has been requested by Jozsef Kadlecsik, he needs it for his Netlink-port of ipset. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfnl: add nfnl_portid() to get the Netlink portID of a socketPablo Neira Ayuso2009-05-211-0/+10
| | | | | | | This patch adds the new interface nfnl_portid() to retrieve the Netlink portID that has been assigned to a given socket. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rtnl: fix wrong netlink group bindings in the interface APIPablo Neira Ayuso2009-04-291-2/+1
| | | | | | | | | This patch removes RTMGRP_IPV4_ROUTE and RTMGRP_IPV4_IFADDR which report event notifications about changes in the route and address of interfaces. We are only interested in the interface link status so RTMGRP_LINK is enough. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nfnl: allow disabling and enabling sequence trackingPablo Neira Ayuso2009-02-171-4/+33
| | | | | | | | | | | | This patch adds a couple of functions to enable and disable netlink sequence tracking. Since nfqueue goes over a unicast socket, the same channel to receive control messages and packets is used. This leads to race conditions that may trigger sporious out-of-sequence errors while creating queues and receiving high load of packets at the same time. Reported-by: Anton Vazir <anton.vazir@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* iftable: add nlif_get_ifflags to get the network interface flagsPablo Neira Ayuso2009-01-071-0/+33
| | | | | | | | This patch adds the nlif_get_ifflags to get the interface flags. This patch also modifies the example file to display if a network interface is running or not. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* nlif: fix possible re-insertion in the list of interfacesPablo Neira Ayuso2009-01-071-1/+2
| | | | | | | This patch fixes a possible re-insertion of an existing entry in the list of interfaces. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Suppress iftable_up function which is not used.Eric Leblond2008-12-231-17/+0
| | | | | | Following compilation warning pointed out by Jan Engelhardt, this patch suppresses the iftable_up function which is of no use in this part of libnfnetlink library whom goal is to do ifindex to name resolution.
* Aligns buffers to maximum alignment of architecturelibnfnetlink-0.0.39Fabian Hugelshofer2008-06-181-3/+4
| | | | | | | | Aligns buffer to maximum aligment of architecture to make the cast of char pointers to struct pointers more portable. Packet decoding is still broken on particular platforms. Signed-off-by: Fabian Hugelshofer <hugelshofer2006@gmx.ch>
* fix warning, getsockname takes a socklen_t as third parameterlibnfnetlink-0.0.38Pablo Neira Ayuso2008-05-311-1/+1
|
* major cleanup of index2name infrastructure: use linux list (and fix leak in ↵Pablo Neira Ayuso2008-05-252-94/+87
| | | | the nlif_close path)
* fix nfnl_nfa_addattr_l (reported by Rick Xu)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-04-151-3/+3
|
* nfnl_handle must be const in nfnl_rcvbufsizsvn_t_libnfnetlink-0.0.33/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-151-1/+1
|
* Introduce nfnl_set_rcv_buffer_size to set the receive buffer size used by /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2008-01-131-42/+16
| | | | | | | | | | | | | nfnl_catch. This revision changes the behaviour of nfnl_catch which does not perform a peek-and-resize if the buffer size used by nfnl_recv is too small. The only known client which may be affected by this change is libnetfilter_conntrack. However, this library uses nfnl_catch to get conntrack events which are always much smaller than 4096 bytes (default receive buffer size). This change boosts up performance in the receive path since we do only one recv instead of two.
* Marcus Sundberg <marcus@ingate.com> /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-08-091-0/+1
| | | | | | | Fix endless loop on unknown netfilter attributes. This prevents an endless loop when nfnl_check_attributes() sees an unknown attribute.
* fix handling of multipart netlink packets in nfnl_handle_packet (E.Leblond)/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org2007-08-081-0/+1
|
* [patch] libnfnetlink compile fix (Thomas Jarosch <thomas.jarosch@intra2net.com>)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2007-03-162-0/+2
| | | | | attached patch fixes compilation of libnfnetlink for old glibc versions. Otherwise "struct iovec" is undefined.
* partially revert r6738, use linux/types.h instead of sys/types.h/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-02-271-1/+1
|
* fix typo: noinst_HEADERS includes rtnl.h not rtnl.c/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-02-121-1/+1
|
* partial cleanup for iftable.c and rtnl.c, still appropiate errno missing/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-02-124-146/+116
|
* - Initial commit of index2interface API (Eric Leblond), still work to do/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-01-264-120/+224
| | | | - added a test file to utils/iftest.c
* Remove header linux/types.h since it can conflict with type definitions ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2007-01-221-1/+0
| | | | available at sys/types.h
* Initialize callback structure (Victor Stinner)svn_t_libnfnetlink-0.0.25/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-291-1/+1
|
* Introduce several improvements in the library, still backward compatible./C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org2006-12-192-109/+653
| | | | | | | | | - add iterator API - add replacements for nfnl_listen and nfnl_talk - fix error handling - add assertions - add documentation - minor cleanups
* [PATCH] libnfnetlink compilation on FC5 (Eric Leblond <eric@inl.fr>)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2006-07-071-0/+1
|
* we cannot return -EINVAL when we encounter attributes > subsys->cb_count, ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-05-171-2/+7
| | | | since that compromises interoperability with future kernels which might introduce new attributes.
* Fix wrong size of the netfilter netlink header. This implicitely fixes an/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-131-1/+1
| | | | alignment issue when nfnl_handle_packet is called as well. (Pablo Neira)
* nfnl_get_msg_next must check is the message is OK after NLMSG_NEXT ↵/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-02-131-0/+5
| | | | is called. (Pablo Neira)
* add 16bit attribute functions/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-261-0/+34
|
* fix logic for using one socket for multiple subsystems to be compatible with/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-261-16/+40
| | | | multiple nfnetlink sockets per process (pid overlap)
* fix nfnl_build_nfa_iovec() to set the attribute values (Andreas Florath)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-231-0/+4
|
* fix some mistakes during Harald's recent changes (Pablo Neira)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-151-0/+9
|
* Introduce various API changes throughout the library stack/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-142-52/+167
| | | | | | | | | | | 1) make libnfnetlink dynamically allocate it's handles 2) apply that change throughout libnetfilter_* 3) add {nfq,nflog,nfct}_open_nfnl() functions that open the specific subsystem on top of an existing nfnl_handle, which is required for upcoming libnetfilter_conntrack_helper The changes break ABI and API compatibility of libnfnetlink, but don't break ABI or API compatibility of the libnetfilter_* libraries.
* [PATCH] Spelling fix (Badd) in libnfnetlink/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org2005-11-261-1/+1
| | | | | | Spelling fix: s/Badd/Bad/ Signed-off-by: Krzysztof Piotr Oledzki <ole@ans.pl>
* o It define NETLINK_NETFILTER if it's not defined./C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-141-1/+1
| | | | o Kill KERNELDIR in Makefile.am, it's not set anymore. (Pablo Neira)
* handle EAGAIN in case the socket is nonblocking/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-051-2/+4
|
* don't return ENOPERM but the real error (Pablo Neira)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-11-021-1/+1
|
* - define structure nfnlhdr in libnfnetlink.h/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-10-191-0/+5
| | | | | | | | | - fix a problem with the attributes types. We have to use NFA_TYPE instead of reading from nfa->nfa_type now that your patch to see the highest bit of nfa_type has been pushed forward. - Implement __be_to_cpu64. I haven't found any implementation available at the moment. (Pablo Neira)
* use NFA_TYPE() to use indication of nested/not-nested TLV/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-10-091-4/+4
|
* document cb_count/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-09-241-0/+1
|
* Enhance return code of callback handler (Amin Azez)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-09-131-2/+14
|
* add (but not use) rtnetlink source code for resolving ifindex<->devname/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-08-124-0/+547
|
* - more verbose dump_packet/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-08-081-0/+31
| | | | - add new nfnl_recv() function
* fix missing msg_iovlen in nfnl_sendiov()/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-08-071-0/+1
|
* - fix endless loop in nfnl_talk (when 'junk' messages arrive but there is no/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-08-071-7/+6
| | | | | junk handler) - fix stack overflow in __nfnl_handle_msg. nfattr array was wrongly sized