diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-10-21 12:57:37 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-10-21 13:29:35 +0200 |
commit | 90f97f1c9a3a6d3b1a25ce12b75b08399490369a (patch) | |
tree | 632fe0fd14cf9f4f2007cfb53990da11cdbb50d4 /src | |
parent | 97493717e7383ee99527053b60d610fa9f94a886 (diff) |
netlink_linearize: factor out prefix generation
Add a new netlink_gen_prefix() function that encapsulates the prefix
generation.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/netlink_linearize.c | 53 |
1 files changed, 31 insertions, 22 deletions
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c index aa44eea5..a4cd370d 100644 --- a/src/netlink_linearize.c +++ b/src/netlink_linearize.c @@ -290,13 +290,40 @@ static void payload_shift_value(const struct expr *left, struct expr *right) mpz_lshift_ui(right->value, left->payload.offset % BITS_PER_BYTE); } +static struct expr *netlink_gen_prefix(struct netlink_linearize_ctx *ctx, + const struct expr *expr, + enum nft_registers sreg) +{ + struct nft_data_linearize nld, zero = {}; + struct nftnl_expr *nle; + mpz_t mask; + + mpz_init(mask); + mpz_prefixmask(mask, expr->right->len, expr->right->prefix_len); + netlink_gen_raw_data(mask, expr->right->byteorder, + expr->right->len / BITS_PER_BYTE, &nld); + mpz_clear(mask); + + zero.len = nld.len; + + nle = alloc_nft_expr("bitwise"); + netlink_put_register(nle, NFTNL_EXPR_BITWISE_SREG, sreg); + netlink_put_register(nle, NFTNL_EXPR_BITWISE_DREG, sreg); + nftnl_expr_set_u32(nle, NFTNL_EXPR_BITWISE_LEN, nld.len); + nftnl_expr_set(nle, NFTNL_EXPR_BITWISE_MASK, &nld.value, nld.len); + nftnl_expr_set(nle, NFTNL_EXPR_BITWISE_XOR, &zero.value, zero.len); + nftnl_rule_add_expr(ctx->nlr, nle); + + return expr->right->prefix; +} + static void netlink_gen_cmp(struct netlink_linearize_ctx *ctx, const struct expr *expr, enum nft_registers dreg) { + struct nft_data_linearize nld; struct nftnl_expr *nle; enum nft_registers sreg; - struct nft_data_linearize nld, zero = {}; struct expr *right; assert(dreg == NFT_REG_VERDICT); @@ -308,30 +335,12 @@ static void netlink_gen_cmp(struct netlink_linearize_ctx *ctx, netlink_gen_expr(ctx, expr->left, sreg); switch (expr->right->ops->type) { - case EXPR_PREFIX: { - mpz_t mask; - - mpz_init(mask); - mpz_prefixmask(mask, expr->right->len, expr->right->prefix_len); - netlink_gen_raw_data(mask, expr->right->byteorder, - expr->right->len / BITS_PER_BYTE, &nld); - mpz_clear(mask); - - zero.len = nld.len; - - nle = alloc_nft_expr("bitwise"); - netlink_put_register(nle, NFTNL_EXPR_BITWISE_SREG, sreg); - netlink_put_register(nle, NFTNL_EXPR_BITWISE_DREG, sreg); - nftnl_expr_set_u32(nle, NFTNL_EXPR_BITWISE_LEN, nld.len); - nftnl_expr_set(nle, NFTNL_EXPR_BITWISE_MASK, &nld.value, nld.len); - nftnl_expr_set(nle, NFTNL_EXPR_BITWISE_XOR, &zero.value, zero.len); - nftnl_rule_add_expr(ctx->nlr, nle); - - right = expr->right->prefix; + case EXPR_PREFIX: + right = netlink_gen_prefix(ctx, expr, sreg); break; - } default: right = expr->right; + break; } nle = alloc_nft_expr("cmp"); |