diff options
Diffstat (limited to 'src/expr/socket.c')
-rw-r--r-- | src/expr/socket.c | 66 |
1 files changed, 12 insertions, 54 deletions
diff --git a/src/expr/socket.c b/src/expr/socket.c index edd28ca..7a25cdf 100644 --- a/src/expr/socket.c +++ b/src/expr/socket.c @@ -12,7 +12,6 @@ #include <string.h> #include <arpa/inet.h> #include <errno.h> -#include <assert.h> #include <linux/netfilter/nf_tables.h> #include "internal.h" @@ -34,16 +33,14 @@ nftnl_expr_socket_set(struct nftnl_expr *e, uint16_t type, switch (type) { case NFTNL_EXPR_SOCKET_KEY: - memcpy(&socket->key, data, sizeof(socket->key)); + memcpy(&socket->key, data, data_len); break; case NFTNL_EXPR_SOCKET_DREG: - memcpy(&socket->dreg, data, sizeof(socket->dreg)); + memcpy(&socket->dreg, data, data_len); break; case NFTNL_EXPR_SOCKET_LEVEL: - memcpy(&socket->level, data, sizeof(socket->level)); + memcpy(&socket->level, data, data_len); break; - default: - return -1; } return 0; } @@ -127,47 +124,6 @@ nftnl_expr_socket_parse(struct nftnl_expr *e, struct nlattr *attr) return 0; } -static int -nftnl_expr_socket_reg_len(const struct nftnl_expr *e) -{ - const struct nftnl_expr_socket *socket = nftnl_expr_data(e); - - switch(socket->key) { - case NFT_SOCKET_TRANSPARENT: - case NFT_SOCKET_WILDCARD: - return sizeof(uint8_t); - case NFT_SOCKET_MARK: - return sizeof(uint32_t); - case NFT_SOCKET_CGROUPV2: - return sizeof(uint64_t); - default: - assert(0); - break; - } - - return sizeof(uint32_t); -} - -static bool -nftnl_expr_socket_reg_cmp(const struct nftnl_reg *reg, - const struct nftnl_expr *e) -{ - const struct nftnl_expr_socket *socket = nftnl_expr_data(e); - - return reg->socket.key == socket->key && - reg->socket.level == socket->level; -} - -static void -nftnl_expr_socket_reg_update(struct nftnl_reg *reg, - const struct nftnl_expr *e) -{ - const struct nftnl_expr_socket *socket = nftnl_expr_data(e); - - reg->socket.key = socket->key; - reg->socket.level = socket->level; -} - static const char *socket_key2str_array[NFT_SOCKET_MAX + 1] = { [NFT_SOCKET_TRANSPARENT] = "transparent", [NFT_SOCKET_MARK] = "mark", @@ -199,18 +155,20 @@ nftnl_expr_socket_snprintf(char *buf, size_t len, return 0; } +static struct attr_policy socket_attr_policy[__NFTNL_EXPR_SOCKET_MAX] = { + [NFTNL_EXPR_SOCKET_KEY] = { .maxlen = sizeof(uint32_t) }, + [NFTNL_EXPR_SOCKET_DREG] = { .maxlen = sizeof(uint32_t) }, + [NFTNL_EXPR_SOCKET_LEVEL] = { .maxlen = sizeof(uint32_t) }, +}; + struct expr_ops expr_ops_socket = { .name = "socket", .alloc_len = sizeof(struct nftnl_expr_socket), - .max_attr = NFTA_SOCKET_MAX, + .nftnl_max_attr = __NFTNL_EXPR_SOCKET_MAX - 1, + .attr_policy = socket_attr_policy, .set = nftnl_expr_socket_set, .get = nftnl_expr_socket_get, .parse = nftnl_expr_socket_parse, .build = nftnl_expr_socket_build, - .snprintf = nftnl_expr_socket_snprintf, - .reg = { - .len = nftnl_expr_socket_reg_len, - .cmp = nftnl_expr_socket_reg_cmp, - .update = nftnl_expr_socket_reg_update, - }, + .output = nftnl_expr_socket_snprintf, }; |