diff options
Diffstat (limited to 'src/expr/socket.c')
-rw-r--r-- | src/expr/socket.c | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/src/expr/socket.c b/src/expr/socket.c index 02d86f8..edd28ca 100644 --- a/src/expr/socket.c +++ b/src/expr/socket.c @@ -12,6 +12,7 @@ #include <string.h> #include <arpa/inet.h> #include <errno.h> +#include <assert.h> #include <linux/netfilter/nf_tables.h> #include "internal.h" @@ -126,6 +127,47 @@ nftnl_expr_socket_parse(struct nftnl_expr *e, struct nlattr *attr) return 0; } +static int +nftnl_expr_socket_reg_len(const struct nftnl_expr *e) +{ + const struct nftnl_expr_socket *socket = nftnl_expr_data(e); + + switch(socket->key) { + case NFT_SOCKET_TRANSPARENT: + case NFT_SOCKET_WILDCARD: + return sizeof(uint8_t); + case NFT_SOCKET_MARK: + return sizeof(uint32_t); + case NFT_SOCKET_CGROUPV2: + return sizeof(uint64_t); + default: + assert(0); + break; + } + + return sizeof(uint32_t); +} + +static bool +nftnl_expr_socket_reg_cmp(const struct nftnl_reg *reg, + const struct nftnl_expr *e) +{ + const struct nftnl_expr_socket *socket = nftnl_expr_data(e); + + return reg->socket.key == socket->key && + reg->socket.level == socket->level; +} + +static void +nftnl_expr_socket_reg_update(struct nftnl_reg *reg, + const struct nftnl_expr *e) +{ + const struct nftnl_expr_socket *socket = nftnl_expr_data(e); + + reg->socket.key = socket->key; + reg->socket.level = socket->level; +} + static const char *socket_key2str_array[NFT_SOCKET_MAX + 1] = { [NFT_SOCKET_TRANSPARENT] = "transparent", [NFT_SOCKET_MARK] = "mark", @@ -166,4 +208,9 @@ struct expr_ops expr_ops_socket = { .parse = nftnl_expr_socket_parse, .build = nftnl_expr_socket_build, .snprintf = nftnl_expr_socket_snprintf, + .reg = { + .len = nftnl_expr_socket_reg_len, + .cmp = nftnl_expr_socket_reg_cmp, + .update = nftnl_expr_socket_reg_update, + }, }; |