diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-03-03 12:58:20 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2020-03-03 12:58:20 +0100 |
| commit | 4c8abad760f659827c8d681642f51a3b6852f6ee (patch) | |
| tree | d9278f86766ea29d8932a112ec46c73617f85ad7 /src/chain.c | |
| parent | 75b8778e5bf630a3fc13e5d76bc64838135f02a9 (diff) | |
chain: add NFTNL_CHAIN_FLAGS
This patch adds support for chain flags.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/chain.c')
| -rw-r--r-- | src/chain.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/chain.c b/src/chain.c index c43ba22..5f12130 100644 --- a/src/chain.c +++ b/src/chain.c @@ -43,6 +43,7 @@ struct nftnl_chain { uint32_t policy; uint32_t hooknum; int32_t prio; + uint32_t chain_flags; uint32_t use; uint64_t packets; uint64_t bytes; @@ -165,6 +166,7 @@ void nftnl_chain_unset(struct nftnl_chain *c, uint16_t attr) case NFTNL_CHAIN_PACKETS: case NFTNL_CHAIN_HANDLE: case NFTNL_CHAIN_FAMILY: + case NFTNL_CHAIN_FLAGS: break; case NFTNL_CHAIN_DEV: xfree(c->dev); @@ -189,6 +191,7 @@ static uint32_t nftnl_chain_validate[NFTNL_CHAIN_MAX + 1] = { [NFTNL_CHAIN_PACKETS] = sizeof(uint64_t), [NFTNL_CHAIN_HANDLE] = sizeof(uint64_t), [NFTNL_CHAIN_FAMILY] = sizeof(uint32_t), + [NFTNL_CHAIN_FLAGS] = sizeof(uint32_t), }; EXPORT_SYMBOL(nftnl_chain_set_data); @@ -278,6 +281,9 @@ int nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr, c->dev_array_len = len; break; + case NFTNL_CHAIN_FLAGS: + memcpy(&c->chain_flags, data, sizeof(c->chain_flags)); + break; } c->flags |= (1 << attr); return 0; @@ -373,6 +379,9 @@ const void *nftnl_chain_get_data(const struct nftnl_chain *c, uint16_t attr, case NFTNL_CHAIN_DEVICES: *data_len = 0; return &c->dev_array[0]; + case NFTNL_CHAIN_FLAGS: + *data_len = sizeof(uint32_t); + return &c->chain_flags; } return NULL; } @@ -491,6 +500,8 @@ void nftnl_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nftnl_ch mnl_attr_put_u64(nlh, NFTA_CHAIN_HANDLE, be64toh(c->handle)); if (c->flags & (1 << NFTNL_CHAIN_TYPE)) mnl_attr_put_strz(nlh, NFTA_CHAIN_TYPE, c->type); + if (c->flags & (1 << NFTNL_CHAIN_FLAGS)) + mnl_attr_put_u32(nlh, NFTA_CHAIN_FLAGS, htonl(c->chain_flags)); } EXPORT_SYMBOL(nftnl_chain_rule_add); @@ -545,6 +556,7 @@ static int nftnl_chain_parse_attr_cb(const struct nlattr *attr, void *data) break; case NFTA_CHAIN_POLICY: case NFTA_CHAIN_USE: + case NFTA_CHAIN_FLAGS: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) abi_breakage(); break; @@ -745,6 +757,10 @@ int nftnl_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_chain *c) return -1; c->flags |= (1 << NFTNL_CHAIN_TYPE); } + if (tb[NFTA_CHAIN_FLAGS]) { + c->chain_flags = ntohl(mnl_attr_get_u32(tb[NFTA_CHAIN_FLAGS])); + c->flags |= (1 << NFTNL_CHAIN_FLAGS); + } c->family = nfg->nfgen_family; c->flags |= (1 << NFTNL_CHAIN_FAMILY); @@ -806,6 +822,11 @@ static int nftnl_chain_snprintf_default(char *buf, size_t size, ret = snprintf(buf + offset, remain, " } "); SNPRINTF_BUFFER_SIZE(ret, remain, offset); } + if (c->flags & (1 << NFTNL_CHAIN_FLAGS)) { + ret = snprintf(buf + offset, remain, " flags %x", + c->chain_flags); + SNPRINTF_BUFFER_SIZE(ret, remain, offset); + } } return offset; |