From af00174af3ef478d7d8d96d15647ad1bbb0bc919 Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Wed, 22 Aug 2018 17:03:46 +0200
Subject: src: osf: import nfnl_osf.c to load osf fingerprints

Import iptables/utils/nfnl_osf.c into nftables tree with some changes in order
to load OS fingerprints automatically from pf.os file.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/rule.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/rule.c')

diff --git a/src/rule.c b/src/rule.c
index 570d6671..df35f3e1 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1323,6 +1323,7 @@ static int do_add_set(struct netlink_ctx *ctx, const struct cmd *cmd,
 static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 {
 	uint32_t flags = excl ? NLM_F_EXCL : 0;
+	int err;
 
 	if (ctx->octx->echo) {
 		int ret;
@@ -1341,7 +1342,10 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 	case CMD_OBJ_CHAIN:
 		return netlink_add_chain_batch(ctx, cmd, flags);
 	case CMD_OBJ_RULE:
-		return netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND);
+		err = netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND);
+		if (osf_init)
+			nfnl_osf_load_fingerprints(ctx, 0);
+		return err;
 	case CMD_OBJ_SET:
 		return do_add_set(ctx, cmd, flags);
 	case CMD_OBJ_SETELEM:
-- 
cgit v1.2.3