diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-06-08 19:15:40 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-06-08 19:15:40 +0200 |
commit | ff48b0628e95d458bd38e1a95aeed116bcabb133 (patch) | |
tree | ebe827ddfc9145de49f0e0e1272b95bd88a9d904 /src | |
parent | d904e40dfbd6ef29f5a465bf072a7d66c98f43a4 (diff) |
set_elem: add NFT_SET_ELEM_ATTR_DATA to set data for mapping
We need this new attribute to configure the data that is attached
to an element. This is useful for the mapping feature to retrieve
data based on keys (like a dictionary) that nftables provides.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/set_elem.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/set_elem.c b/src/set_elem.c index fb03d71..dae1f8c 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -58,6 +58,7 @@ void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr) case NFT_SET_ELEM_ATTR_FLAGS: case NFT_SET_ELEM_ATTR_KEY: /* NFTA_SET_ELEM_KEY */ case NFT_SET_ELEM_ATTR_VERDICT: /* NFTA_SET_ELEM_DATA */ + case NFT_SET_ELEM_ATTR_DATA: /* NFTA_SET_ELEM_DATA */ break; default: return; @@ -87,6 +88,10 @@ void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, s->data.chain = strdup(data); break; + case NFT_SET_ELEM_ATTR_DATA: /* NFTA_SET_ELEM_DATA */ + memcpy(s->data.val, data, data_len); + s->data.len = data_len; + break; default: return; } @@ -121,6 +126,12 @@ void *nft_set_elem_attr_get(struct nft_set_elem *s, uint16_t attr, size_t *data_ if (s->flags & (1 << NFT_SET_ELEM_ATTR_CHAIN)) return &s->data.chain; break; + case NFT_SET_ELEM_ATTR_DATA: /* NFTA_SET_ELEM_DATA */ + if (s->flags & (1 << NFT_SET_ELEM_ATTR_DATA)) { + *data_len = s->data.len; + return &s->data.val; + } + break; default: break; } @@ -189,6 +200,13 @@ void nft_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh, mnl_attr_nest_end(nlh, nest1); mnl_attr_nest_end(nlh, nest2); } + if (e->flags & (1 << NFT_SET_ELEM_ATTR_DATA)) { + struct nlattr *nest1; + + nest1 = mnl_attr_nest_start(nlh, NFTA_SET_ELEM_DATA); + mnl_attr_put(nlh, NFTA_DATA_VALUE, e->data.len, e->data.val); + mnl_attr_nest_end(nlh, nest1); + } } void nft_set_elems_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s) @@ -271,6 +289,9 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest) case DATA_CHAIN: s->flags |= (1 << NFT_SET_ELEM_ATTR_CHAIN); break; + case DATA_VALUE: + s->flags |= (1 << NFT_SET_ELEM_ATTR_DATA); + break; } } if (ret < 0) |