diff options
author | Varsha Rao <rvarsha016@gmail.com> | 2017-08-02 12:43:08 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-08-02 15:03:31 +0200 |
commit | 67cc041bd34ac7a3b3f6a3e7e811cf33ca757226 (patch) | |
tree | 98c729dc48a773ded6d2df7909e37e15a68a4019 /src/netlink.c | |
parent | 9871458e20c941f08bc8a825ee24f2a868f875d2 (diff) |
src: netlink: Subscribe nft monitor and nft monitor trace to respective groups.
Subscribe nft monitor to both NFNLGRP_NFTABLES and NFNLGRP_NFTRACE.
nft monitor trace subscribes only to NFNLGRP_NFTRACE. Other event
reporting options to only NFNLGRP_NFTABLES.
Joint work with Pablo Neira.
Signed-off-by: Varsha Rao <rvarsha016@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink.c')
-rw-r--r-- | src/netlink.c | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/src/netlink.c b/src/netlink.c index b4386ad4..ffdadfb1 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -3080,22 +3080,26 @@ int netlink_monitor(struct netlink_mon_handler *monhandler, { int group; - group = NFNLGRP_NFTABLES; - if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP, &group, - sizeof(int)) < 0) - return netlink_io_error(monhandler->ctx, monhandler->loc, - "Could not bind to netlink socket %s", - strerror(errno)); - - group = NFNLGRP_NFTRACE; - if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP, &group, - sizeof(int)) < 0) - return netlink_io_error(monhandler->ctx, monhandler->loc, - "Could not bind to netlink socket %s", - strerror(errno)); - - return mnl_nft_event_listener(nf_sock, netlink_events_cb, - monhandler); + if (monhandler->monitor_flags & (1 << NFT_MSG_TRACE)) { + group = NFNLGRP_NFTRACE; + if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP, + &group, sizeof(int)) < 0) + return netlink_io_error(monhandler->ctx, + monhandler->loc, + "Could not bind to netlink socket %s", + strerror(errno)); + } + if (monhandler->monitor_flags & ~(1 << NFT_MSG_TRACE)) { + group = NFNLGRP_NFTABLES; + if (mnl_socket_setsockopt(nf_sock, NETLINK_ADD_MEMBERSHIP, + &group, sizeof(int)) < 0) + return netlink_io_error(monhandler->ctx, + monhandler->loc, + "Could not bind to netlink socket %s", + strerror(errno)); + } + + return mnl_nft_event_listener(nf_sock, netlink_events_cb, monhandler); } bool netlink_batch_supported(struct mnl_socket *nf_sock) |