add ukey_* function for key assignation

This patch cleans up the current key assignation by introducing a
set of functions ukey_* to set the key value as Eric Leblond and
we discussed during the latest Netfilter Workshop. This patch is
based on an idea from Holger Eitzenberger.

Signed-off-by: Eric Leblond <eric@inl.fr>

10 files changed, 165 insertions, 228 deletions

diff --git a/filter/raw2packet/ulogd_raw2packet_BASE.c b/filter/raw2packet/ulogd_raw2packet_BASE.c
index e61d904..c38c696 100644
--- a/filter/raw2packet/ulogd_raw2packet_BASE.c
+++ b/filter/raw2packet/ulogd_raw2packet_BASE.c
@@ -521,43 +521,25 @@ static int _interp_tcp(struct ulogd_pluginstance *pi, struct tcphdr *tcph,
 	if (len < sizeof(struct tcphdr))
 		return ULOGD_IRET_OK;
 	
-	ret[KEY_TCP_SPORT].u.value.ui16 = ntohs(tcph->source);
-	ret[KEY_TCP_SPORT].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_DPORT].u.value.ui16 = ntohs(tcph->dest);
-	ret[KEY_TCP_DPORT].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_SEQ].u.value.ui32 = ntohl(tcph->seq);
-	ret[KEY_TCP_SEQ].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_ACKSEQ].u.value.ui32 = ntohl(tcph->ack_seq);
-	ret[KEY_TCP_ACKSEQ].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_OFFSET].u.value.ui8 = ntohs(tcph->doff);
-	ret[KEY_TCP_OFFSET].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_RESERVED].u.value.ui8 = ntohs(tcph->res1);
-	ret[KEY_TCP_RESERVED].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_WINDOW].u.value.ui16 = ntohs(tcph->window);
-	ret[KEY_TCP_WINDOW].flags |= ULOGD_RETF_VALID;
-
-	ret[KEY_TCP_URG].u.value.b = tcph->urg;
-	ret[KEY_TCP_URG].flags |= ULOGD_RETF_VALID;
-	if (tcph->urg) {
-		ret[KEY_TCP_URGP].u.value.ui16 = ntohs(tcph->urg_ptr);
-		ret[KEY_TCP_URGP].flags |= ULOGD_RETF_VALID;
-	}
-	ret[KEY_TCP_ACK].u.value.b = tcph->ack;
-	ret[KEY_TCP_ACK].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_PSH].u.value.b = tcph->psh;
-	ret[KEY_TCP_PSH].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_RST].u.value.b = tcph->rst;
-	ret[KEY_TCP_RST].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_SYN].u.value.b = tcph->syn;
-	ret[KEY_TCP_SYN].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_FIN].u.value.b = tcph->fin;
-	ret[KEY_TCP_FIN].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_RES1].u.value.b = tcph->res1;
-	ret[KEY_TCP_RES1].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_RES2].u.value.b = tcph->res2;
-	ret[KEY_TCP_RES2].flags |= ULOGD_RETF_VALID;
-	ret[KEY_TCP_CSUM].u.value.ui16 = ntohs(tcph->check);
-	ret[KEY_TCP_CSUM].u.value.ui16 = ULOGD_RETF_VALID;
+	okey_set_u16(&ret[KEY_TCP_SPORT], ntohs(tcph->source));
+	okey_set_u16(&ret[KEY_TCP_DPORT], ntohs(tcph->dest));
+	okey_set_u32(&ret[KEY_TCP_SEQ], ntohl(tcph->seq));
+	okey_set_u32(&ret[KEY_TCP_ACKSEQ], ntohl(tcph->ack_seq));
+	okey_set_u8(&ret[KEY_TCP_OFFSET], ntohs(tcph->doff));
+	okey_set_u8(&ret[KEY_TCP_RESERVED], ntohs(tcph->res1));
+	okey_set_u16(&ret[KEY_TCP_WINDOW], ntohs(tcph->window));
+
+	okey_set_b(&ret[KEY_TCP_URG], tcph->urg);
+	if (tcph->urg)
+		okey_set_u16(&ret[KEY_TCP_URGP], ntohs(tcph->urg_ptr));
+	okey_set_b(&ret[KEY_TCP_ACK], tcph->ack);
+	okey_set_b(&ret[KEY_TCP_PSH], tcph->psh);
+	okey_set_b(&ret[KEY_TCP_RST], tcph->rst);
+	okey_set_b(&ret[KEY_TCP_SYN], tcph->syn);
+	okey_set_b(&ret[KEY_TCP_FIN], tcph->fin);
+	okey_set_b(&ret[KEY_TCP_RES1], tcph->res1);
+	okey_set_b(&ret[KEY_TCP_RES2], tcph->res2);
+	okey_set_u16(&ret[KEY_TCP_CSUM], ntohs(tcph->check));
 	
 	return ULOGD_IRET_OK;
 }
@@ -575,14 +557,10 @@ static int _interp_udp(struct ulogd_pluginstance *pi, struct udphdr *udph,
 	if (len < sizeof(struct udphdr))
 		return ULOGD_IRET_OK;
 
-	ret[KEY_UDP_SPORT].u.value.ui16 = ntohs(udph->source);
-	ret[KEY_UDP_SPORT].flags |= ULOGD_RETF_VALID;
-	ret[KEY_UDP_DPORT].u.value.ui16 = ntohs(udph->dest);
-	ret[KEY_UDP_DPORT].flags |= ULOGD_RETF_VALID;
-	ret[KEY_UDP_LEN].u.value.ui16 = ntohs(udph->len);
-	ret[KEY_UDP_LEN].flags |= ULOGD_RETF_VALID;
-	ret[KEY_UDP_CSUM].u.value.ui16 = ntohs(udph->check);
-	ret[KEY_UDP_CSUM].flags |= ULOGD_RETF_VALID;
+	okey_set_u16(&ret[KEY_UDP_SPORT], ntohs(udph->source));
+	okey_set_u16(&ret[KEY_UDP_DPORT], ntohs(udph->dest));
+	okey_set_u16(&ret[KEY_UDP_LEN], ntohs(udph->len));
+	okey_set_u16(&ret[KEY_UDP_CSUM], ntohs(udph->check));
 	
 	return ULOGD_IRET_OK;
 }
@@ -599,33 +577,28 @@ static int _interp_icmp(struct ulogd_pluginstance *pi, struct icmphdr *icmph,
 	if (len < sizeof(struct icmphdr))
 		return ULOGD_IRET_OK;
 
-	ret[KEY_ICMP_TYPE].u.value.ui8 = icmph->type;
-	ret[KEY_ICMP_TYPE].flags |= ULOGD_RETF_VALID;
-	ret[KEY_ICMP_CODE].u.value.ui8 = icmph->code;
-	ret[KEY_ICMP_CODE].flags |= ULOGD_RETF_VALID;
+	okey_set_u8(&ret[KEY_ICMP_TYPE], icmph->type);
+	okey_set_u8(&ret[KEY_ICMP_CODE], icmph->code);
 
 	switch (icmph->type) {
 	case ICMP_ECHO:
 	case ICMP_ECHOREPLY:
-		ret[KEY_ICMP_ECHOID].u.value.ui16 = ntohs(icmph->un.echo.id);
-		ret[KEY_ICMP_ECHOID].flags |= ULOGD_RETF_VALID;
-		ret[KEY_ICMP_ECHOSEQ].u.value.ui16 = ntohs(icmph->un.echo.sequence);
-		ret[KEY_ICMP_ECHOSEQ].flags |= ULOGD_RETF_VALID;
+		okey_set_u16(&ret[KEY_ICMP_ECHOID], ntohs(icmph->un.echo.id));
+		okey_set_u16(&ret[KEY_ICMP_ECHOSEQ],
+			     ntohs(icmph->un.echo.sequence));
 		break;
 	case ICMP_REDIRECT:
 	case ICMP_PARAMETERPROB:
-		ret[KEY_ICMP_GATEWAY].u.value.ui32 = ntohl(icmph->un.gateway);
-		ret[KEY_ICMP_GATEWAY].flags |= ULOGD_RETF_VALID;
+		okey_set_u32(&ret[KEY_ICMP_GATEWAY], ntohl(icmph->un.gateway));
 		break;
 	case ICMP_DEST_UNREACH:
 		if (icmph->code == ICMP_FRAG_NEEDED) {
-			ret[KEY_ICMP_FRAGMTU].u.value.ui16 = ntohs(icmph->un.frag.mtu);
-			ret[KEY_ICMP_FRAGMTU].flags |= ULOGD_RETF_VALID;
+			okey_set_u16(&ret[KEY_ICMP_FRAGMTU],
+				     ntohs(icmph->un.frag.mtu));
 		}
 		break;
 	}
-	ret[KEY_ICMP_CSUM].u.value.ui16 = icmph->checksum;
-	ret[KEY_ICMP_CSUM].flags |= ULOGD_RETF_VALID;
+	okey_set_u16(&ret[KEY_ICMP_CSUM], icmph->checksum);
 
 	return ULOGD_IRET_OK;
 }
@@ -642,22 +615,18 @@ static int _interp_icmpv6(struct ulogd_pluginstance *pi, struct icmp6_hdr *icmph
 	if (len < sizeof(struct icmp6_hdr))
 		return ULOGD_IRET_OK;
 
-	ret[KEY_ICMPV6_TYPE].u.value.ui8 = icmph->icmp6_type;
-	ret[KEY_ICMPV6_TYPE].flags |= ULOGD_RETF_VALID;
-	ret[KEY_ICMPV6_CODE].u.value.ui8 = icmph->icmp6_code;
-	ret[KEY_ICMPV6_CODE].flags |= ULOGD_RETF_VALID;
+	okey_set_u8(&ret[KEY_ICMPV6_TYPE], icmph->icmp6_type);
+	okey_set_u8(&ret[KEY_ICMPV6_CODE], icmph->icmp6_code);
 
 	switch (icmph->icmp6_type) {
 	case ICMP6_ECHO_REQUEST:
 	case ICMP6_ECHO_REPLY:
-		ret[KEY_ICMPV6_ECHOID].u.value.ui16 = ntohs(icmph->icmp6_id);
-		ret[KEY_ICMPV6_ECHOID].flags |= ULOGD_RETF_VALID;
-		ret[KEY_ICMPV6_ECHOSEQ].u.value.ui16 = ntohs(icmph->icmp6_seq);
-		ret[KEY_ICMPV6_ECHOSEQ].flags |= ULOGD_RETF_VALID;
+		okey_set_u16(&ret[KEY_ICMPV6_ECHOID], ntohs(icmph->icmp6_id));
+		okey_set_u16(&ret[KEY_ICMPV6_ECHOSEQ],
+			      ntohs(icmph->icmp6_seq));
 		break;
 	}
-	ret[KEY_ICMPV6_CSUM].u.value.ui16 = icmph->icmp6_cksum;
-	ret[KEY_ICMPV6_CSUM].flags |= ULOGD_RETF_VALID;
+	okey_set_u16(&ret[KEY_ICMPV6_CSUM], icmph->icmp6_cksum);
 
 	return ULOGD_IRET_OK;
 }
@@ -691,33 +660,23 @@ static int _interp_iphdr(struct ulogd_pluginstance *pi, u_int32_t len)
 {
 	struct ulogd_key *ret = pi->output.keys;
 	struct iphdr *iph =
-		GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+		ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
 	void *nexthdr = (u_int32_t *)iph + iph->ihl;
 
 	if (len < sizeof(struct iphdr) || len <= (u_int32_t)(iph->ihl * 4))
 		return ULOGD_IRET_OK;
 	len -= iph->ihl * 4;
 
-	ret[KEY_IP_SADDR].u.value.ui32 = iph->saddr;
-	ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_DADDR].u.value.ui32 = iph->daddr;
-	ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_PROTOCOL].u.value.ui8 = iph->protocol;
-	ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_TOS].u.value.ui8 = iph->tos;
-	ret[KEY_IP_TOS].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_TTL].u.value.ui8 = iph->ttl;
-	ret[KEY_IP_TTL].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_TOTLEN].u.value.ui16 = ntohs(iph->tot_len);
-	ret[KEY_IP_TOTLEN].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_IHL].u.value.ui8 = iph->ihl;
-	ret[KEY_IP_IHL].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_CSUM].u.value.ui16 = ntohs(iph->check);
-	ret[KEY_IP_CSUM].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_ID].u.value.ui16 = ntohs(iph->id);
-	ret[KEY_IP_ID].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP_FRAGOFF].u.value.ui16 = ntohs(iph->frag_off);
-	ret[KEY_IP_FRAGOFF].flags |= ULOGD_RETF_VALID;
+	okey_set_u32(&ret[KEY_IP_SADDR], iph->saddr);
+	okey_set_u32(&ret[KEY_IP_DADDR], iph->daddr);
+	okey_set_u8(&ret[KEY_IP_PROTOCOL], iph->protocol);
+	okey_set_u8(&ret[KEY_IP_TOS], iph->tos);
+	okey_set_u8(&ret[KEY_IP_TTL], iph->ttl);
+	okey_set_u16(&ret[KEY_IP_TOTLEN], ntohs(iph->tot_len));
+	okey_set_u8(&ret[KEY_IP_IHL], iph->ihl);
+	okey_set_u16(&ret[KEY_IP_CSUM], ntohs(iph->check));
+	okey_set_u16(&ret[KEY_IP_ID], ntohs(iph->id));
+	okey_set_u16(&ret[KEY_IP_FRAGOFF], ntohs(iph->frag_off));
 
 	switch (iph->protocol) {
 	case IPPROTO_TCP:
@@ -760,8 +719,7 @@ static int ip6_ext_hdr(u_int8_t nexthdr)
 static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
 {
 	struct ulogd_key *ret = pi->output.keys;
-	struct ip6_hdr *ipv6h =
-		GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+	struct ip6_hdr *ipv6h = ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
 	unsigned int ptr, hdrlen = 0;
 	u_int8_t curhdr;
 	int fragment = 0;
@@ -769,20 +727,14 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
 	if (len < sizeof(struct ip6_hdr))
 		return ULOGD_IRET_OK;
 
-	memcpy(ret[KEY_IP_SADDR].u.value.ui128, &ipv6h->ip6_src,
-	       sizeof(ipv6h->ip6_src));
-	ret[KEY_IP_SADDR].flags |= ULOGD_RETF_VALID;
-	memcpy(ret[KEY_IP_DADDR].u.value.ui128, &ipv6h->ip6_dst,
-	       sizeof(ipv6h->ip6_dst));
-	ret[KEY_IP_DADDR].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP6_PAYLOAD_LEN].u.value.ui16 = ntohs(ipv6h->ip6_plen);
-	ret[KEY_IP6_PAYLOAD_LEN].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP6_PRIORITY].u.value.ui8 = ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20;
-	ret[KEY_IP6_PRIORITY].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP6_FLOWLABEL].u.value.ui32 = ntohl(ipv6h->ip6_flow & 0x000fffff);
-	ret[KEY_IP6_FLOWLABEL].flags |= ULOGD_RETF_VALID;
-	ret[KEY_IP6_HOPLIMIT].u.value.ui8 = ipv6h->ip6_hlim;
-	ret[KEY_IP6_HOPLIMIT].flags |= ULOGD_RETF_VALID;
+	okey_set_u128(&ret[KEY_IP_SADDR], &ipv6h->ip6_src);
+	okey_set_u128(&ret[KEY_IP_DADDR], &ipv6h->ip6_dst);
+	okey_set_u16(&ret[KEY_IP6_PAYLOAD_LEN], ntohs(ipv6h->ip6_plen));
+	okey_set_u8(&ret[KEY_IP6_PRIORITY],
+		    ntohl(ipv6h->ip6_flow & 0x0ff00000) >> 20);
+	okey_set_u32(&ret[KEY_IP6_FLOWLABEL],
+		     ntohl(ipv6h->ip6_flow & 0x000fffff));
+	okey_set_u8(&ret[KEY_IP6_HOPLIMIT], ipv6h->ip6_hlim);
 
 	curhdr = ipv6h->ip6_nxt;
 	ptr = sizeof(struct ip6_hdr);
@@ -803,10 +755,10 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
 				return ULOGD_IRET_OK;
 			len -= hdrlen;
 
-			ret[KEY_IP6_FRAG_OFF].u.value.ui16 = ntohs(fh->ip6f_offlg & IP6F_OFF_MASK);
-			ret[KEY_IP6_FRAG_OFF].flags |= ULOGD_RETF_VALID;
-			ret[KEY_IP6_FRAG_ID].u.value.ui32 = ntohl(fh->ip6f_ident);
-			ret[KEY_IP6_FRAG_ID].flags |= ULOGD_RETF_VALID;
+			okey_set_u16(&ret[KEY_IP6_FRAG_OFF],
+				     ntohs(fh->ip6f_offlg & IP6F_OFF_MASK));
+			okey_set_u32(&ret[KEY_IP6_FRAG_ID],
+				     ntohl(fh->ip6f_ident));
 
 			if (ntohs(fh->ip6f_offlg & IP6F_OFF_MASK))
 				fragment = 1;
@@ -857,8 +809,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
 		goto out;
 
 
-	ret[KEY_IP_PROTOCOL].u.value.ui8 = curhdr;
-	ret[KEY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID;
+	okey_set_u8(&ret[KEY_IP_PROTOCOL], curhdr);
 
 	switch (curhdr) {
 	case IPPROTO_TCP:
@@ -873,8 +824,7 @@ static int _interp_ipv6hdr(struct ulogd_pluginstance *pi, u_int32_t len)
 	}
 
 out:
-	ret[KEY_IP6_NEXTHDR].u.value.ui8 = curhdr;
-	ret[KEY_IP6_NEXTHDR].flags |= ULOGD_RETF_VALID;
+	okey_set_u8(&ret[KEY_IP6_NEXTHDR], curhdr);
 	return ULOGD_IRET_OK;
 }
 
@@ -885,31 +835,19 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len)
 {
 	struct ulogd_key *ret = pi->output.keys;
 	const struct ether_arp *arph =
-		GET_VALUE(pi->input.keys, INKEY_RAW_PCKT).ptr;
+		ikey_get_ptr(&pi->input.keys[INKEY_RAW_PCKT]);
 
 	if (len < sizeof(struct ether_arp))
 		return ULOGD_IRET_OK;
 
-	ret[KEY_ARP_HTYPE].u.value.ui16 = ntohs(arph->arp_hrd);
-	SET_VALID(ret[KEY_ARP_HTYPE]);
-	ret[KEY_ARP_PTYPE].u.value.ui16 = ntohs(arph->arp_pro);
-	SET_VALID(ret[KEY_ARP_PTYPE]);
-	ret[KEY_ARP_OPCODE].u.value.ui16 = ntohs(arph->arp_op);
-	SET_VALID(ret[KEY_ARP_OPCODE]);
-
-	ret[KEY_ARP_SHA].u.value.ptr = &arph->arp_sha;
-	SET_VALID(ret[KEY_ARP_SHA]);
-
-	memcpy(&ret[KEY_ARP_SPA].u.value.ui32, &arph->arp_spa,
-	       sizeof(u_int32_t));
-	SET_VALID(ret[KEY_ARP_SPA]);
-
-	ret[KEY_ARP_THA].u.value.ptr = &arph->arp_tha;
-	SET_VALID(ret[KEY_ARP_THA]);
+	okey_set_u16(&ret[KEY_ARP_HTYPE], ntohs(arph->arp_hrd));
+	okey_set_u16(&ret[KEY_ARP_PTYPE], ntohs(arph->arp_pro));
+	okey_set_u16(&ret[KEY_ARP_OPCODE], ntohs(arph->arp_op));
 
-	memcpy(&ret[KEY_ARP_TPA].u.value.ui32, &arph->arp_tpa,
-	       sizeof(u_int32_t));
-	SET_VALID(ret[KEY_ARP_TPA]);
+	okey_set_ptr(&ret[KEY_ARP_SHA], &arph->arp_sha);
+	okey_set_ptr(&ret[KEY_ARP_SPA], &arph->arp_spa),
+	okey_set_ptr(&ret[KEY_ARP_THA], &arph->arp_tha);
+	okey_set_ptr(&ret[KEY_ARP_TPA], &arph->arp_tpa);
 
 	return ULOGD_IRET_OK;
 }
@@ -921,7 +859,7 @@ static int _interp_arp(struct ulogd_pluginstance *pi, u_int32_t len)
 static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len)
 {
 	const u_int16_t proto =
-		GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16;
+		ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL]);
 
 	switch (proto) {
 	case ETH_P_IP:
@@ -942,13 +880,12 @@ static int _interp_bridge(struct ulogd_pluginstance *pi, u_int32_t len)
 
 static int _interp_pkt(struct ulogd_pluginstance *pi)
 {
-	u_int32_t len = GET_VALUE(pi->input.keys, INKEY_RAW_PCKTLEN).ui32;
-	u_int8_t family = GET_VALUE(pi->input.keys, INKEY_OOB_FAMILY).ui8;
+	u_int32_t len = ikey_get_u32(&pi->input.keys[INKEY_RAW_PCKTLEN]);
+	u_int8_t family = ikey_get_u8(&pi->input.keys[INKEY_OOB_FAMILY]);
 	struct ulogd_key *ret = pi->output.keys;
 
-	ret[KEY_OOB_PROTOCOL].u.value.ui16 =
-		GET_VALUE(pi->input.keys, INKEY_OOB_PROTOCOL).ui16;
-	SET_VALID(ret[KEY_OOB_PROTOCOL]);
+	okey_set_u16(&ret[KEY_OOB_PROTOCOL],
+		     ikey_get_u16(&pi->input.keys[INKEY_OOB_PROTOCOL]));
 
 	switch (family) {
 	case AF_INET:
diff --git a/filter/raw2packet/ulogd_raw2packet_LOCAL.c b/filter/raw2packet/ulogd_raw2packet_LOCAL.c
index bf400d7..fdfc7c8 100644
--- a/filter/raw2packet/ulogd_raw2packet_LOCAL.c
+++ b/filter/raw2packet/ulogd_raw2packet_LOCAL.c
@@ -51,11 +51,8 @@ static ulog_iret_t *_interp_local(ulog_interpreter_t *ip,
     gettimeofday(&tv, NULL);
 
     /* put date */
-    ret[0].value.ui32 = (unsigned long) tv.tv_sec;
-    ret[0].flags |= ULOGD_RETF_VALID;
-
-    ret[1].value.ptr = hostname;
-    ret[1].flags |= ULOGD_RETF_VALID;
+    okey_set_ui32(&ret[0], (unsigned long) tv.tv_sec);
+    okey_set_ptr(&ret[1], hostname);
 
     return ret;
 }
diff --git a/filter/ulogd_filter_HWHDR.c b/filter/ulogd_filter_HWHDR.c
index 8df4f00..33e8316 100644
--- a/filter/ulogd_filter_HWHDR.c
+++ b/filter/ulogd_filter_HWHDR.c
@@ -3,6 +3,7 @@
  * ulogd interpreter plugin for HWMAC
  *
  * (C) 2008 by Eric Leblond <eric@inl.fr>
+ * (C) 2008 by Pablo Neira Ayuso <pablo@netfilter.org>
  *
  * Based on ulogd_filter_IFINDEX.c Harald Welte <laforge@gnumonks.org>
  *
@@ -128,32 +129,41 @@ static int parse_mac2str(struct ulogd_key *ret, unsigned char *mac,
 		buf_cur += sprintf(buf_cur, "%02x%c", mac[i],
 				i == len - 1 ? 0 : ':');
 
-	ret[okey].u.value.ptr = mac_str;
-	ret[okey].flags |= ULOGD_RETF_VALID;
+	okey_set_ptr(&ret[okey], mac_str);
 
 	return ULOGD_IRET_OK;
 }
 
+static void *hwhdr_get_saddr(struct ulogd_key *inp)
+{
+	return ikey_get_ptr(&inp[KEY_RAW_MAC]) + ETH_ALEN;
+}
+
+static void *hwhdr_get_daddr(struct ulogd_key *inp)
+{
+	return ikey_get_ptr(&inp[KEY_RAW_MAC]);
+}
+
+static u_int16_t hwhdr_get_len(struct ulogd_key *inp)
+{
+	void *len = ikey_get_ptr(&inp[KEY_RAW_MAC]) + 2 * ETH_ALEN;
+	return ntohs(*(u_int16_t *) len);
+}
 static int parse_ethernet(struct ulogd_key *ret, struct ulogd_key *inp)
 {
 	int fret;
 	if (!pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
-		fret = parse_mac2str(ret, 
-				     GET_VALUE(inp, KEY_RAW_MAC).ptr
-					+ ETH_ALEN,
+		fret = parse_mac2str(ret, hwhdr_get_saddr(inp),
 				     KEY_MAC_SADDR, ETH_ALEN);
 		if (fret != ULOGD_IRET_OK)
 			return fret;
 	}
-	fret = parse_mac2str(ret, GET_VALUE(inp, KEY_RAW_MAC).ptr,
+	fret = parse_mac2str(ret, hwhdr_get_daddr(inp),
 			     KEY_MAC_DADDR, ETH_ALEN);
 	if (fret != ULOGD_IRET_OK)
 		return fret;
 
-	ret[KEY_MAC_PROTOCOL].u.value.ui16 =
-		ntohs(*(u_int16_t *) (GET_VALUE(inp, KEY_RAW_MAC).ptr
-					+ 2 * ETH_ALEN));
-	ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID;
+	okey_set_u16(&ret[KEY_MAC_PROTOCOL], hwhdr_get_len(inp));
 
 	return ULOGD_IRET_OK;
 }
@@ -164,46 +174,41 @@ static int interp_mac2str(struct ulogd_pluginstance *pi)
 	struct ulogd_key *inp = pi->input.keys;
 	u_int16_t type = 0;
 
-	if (pp_is_valid(inp, KEY_OOB_PROTOCOL)) {
-		ret[KEY_MAC_PROTOCOL].u.value.ui16 =
-			GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16;
-		ret[KEY_MAC_PROTOCOL].flags |= ULOGD_RETF_VALID;
-	}
+	if (pp_is_valid(inp, KEY_OOB_PROTOCOL))
+		okey_set_u16(&ret[KEY_MAC_PROTOCOL],
+			     ikey_get_u16(&inp[KEY_OOB_PROTOCOL]));
 
 	if (pp_is_valid(inp, KEY_RAW_MAC_SADDR)) {
 		int fret;
 		fret = parse_mac2str(ret,
-				     GET_VALUE(inp, KEY_RAW_MAC_SADDR).ptr,
+				     ikey_get_ptr(&inp[KEY_RAW_MAC_SADDR]),
 				     KEY_MAC_SADDR,
-				     GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16);
+				     ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]));
 		if (fret != ULOGD_IRET_OK)
 			return fret;
 	}
 
 	if (pp_is_valid(inp, KEY_RAW_MAC)) {
-		if (GET_VALUE(inp, KEY_RAW_MAC_ADDRLEN).ui16 == ETH_ALEN) {
-			ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_ETHER;
-			ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
-		} else {
-			ret[KEY_MAC_TYPE].u.value.ui16 = ARPHRD_VOID;
-			ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
-		}
+		if (ikey_get_u16(&inp[KEY_RAW_MAC_ADDRLEN]) == ETH_ALEN)
+			okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_ETHER);
+		else
+			okey_set_u16(&ret[KEY_MAC_TYPE], ARPHRD_VOID);
+
 		return ULOGD_IRET_OK;
 	}
 
 	if (pp_is_valid(inp, KEY_RAW_TYPE)) {
 		/* NFLOG with Linux >= 2.6.27 case */
-		ret[KEY_MAC_TYPE].u.value.ui16 = type =
-			GET_VALUE(inp, KEY_RAW_TYPE).ui16;
-		ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+		type = ikey_get_u16(&inp[KEY_RAW_TYPE]);
+		okey_set_u16(&ret[KEY_MAC_TYPE], type);
 	} else {
 		/* ULOG case, treat ethernet encapsulation */
-		if (GET_VALUE(inp, KEY_RAW_MACLEN).ui16 == ETH_HLEN) {
-			ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_ETHER;
-			ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+		if (ikey_get_u16(&inp[KEY_RAW_MACLEN]) == ETH_HLEN) {
+			type = ARPHRD_ETHER;
+			okey_set_u16(&ret[KEY_MAC_TYPE], type);
 		} else {
-			ret[KEY_MAC_TYPE].u.value.ui16 = type = ARPHRD_VOID;
-			ret[KEY_MAC_TYPE].flags |= ULOGD_RETF_VALID;
+			type = ARPHRD_VOID;
+			okey_set_u16(&ret[KEY_MAC_TYPE], type);
 		}
 	}
 
@@ -213,10 +218,9 @@ static int interp_mac2str(struct ulogd_pluginstance *pi)
 		default:
 			/* convert raw header to string */
 			return parse_mac2str(ret,
-					     GET_VALUE(inp, KEY_RAW_MAC).ptr,
-					     KEY_MAC_ADDR,
-					     GET_VALUE(inp,
-						     KEY_RAW_MACLEN).ui16);
+					    ikey_get_ptr(&inp[KEY_RAW_MAC]),
+					    KEY_MAC_ADDR,
+					    ikey_get_u16(&inp[KEY_RAW_MACLEN]));
 	}
 	return ULOGD_IRET_OK;
 }
diff --git a/filter/ulogd_filter_IFINDEX.c b/filter/ulogd_filter_IFINDEX.c
index f7571bd..f56ee0b 100644
--- a/filter/ulogd_filter_IFINDEX.c
+++ b/filter/ulogd_filter_IFINDEX.c
@@ -3,6 +3,7 @@
  * ulogd interpreter plugin for ifindex to ifname conversion
  *
  * (C) 2005 by Harald Welte <laforge@gnumonks.org>
+ * (C) 2008 by Pablo Neira Ayuso <pablo@netfilter.org>
  *
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License version 2 
@@ -61,20 +62,25 @@ static int interp_ifindex(struct ulogd_pluginstance *pi)
 {
 	struct ulogd_key *ret = pi->output.keys;
 	struct ulogd_key *inp = pi->input.keys;
+	void *ptr;
 
-	ret[0].u.value.ptr = calloc(IFNAMSIZ, sizeof(char)); 
-	nlif_index2name(nlif_inst, inp[0].u.source->u.value.ui32,
-			ret[0].u.value.ptr);
-	if (((char *)ret[0].u.value.ptr)[0] == '*')
-		((char *)(ret[0].u.value.ptr))[0] = 0; 
-	ret[0].flags |= ULOGD_RETF_VALID;
-
-	ret[1].u.value.ptr = calloc(IFNAMSIZ, sizeof(char)); 
-	nlif_index2name(nlif_inst, inp[1].u.source->u.value.ui32,
-			ret[1].u.value.ptr);
-	if (((char *)ret[1].u.value.ptr)[0] == '*')
-		((char *)(ret[1].u.value.ptr))[0] = 0; 
-	ret[1].flags |= ULOGD_RETF_VALID;
+	ptr = calloc(IFNAMSIZ, sizeof(char));
+	if (!ptr)
+		return ULOGD_IRET_ERR;
+
+	nlif_index2name(nlif_inst, ikey_get_u32(&inp[0]), ptr);
+	if (((char *)ptr)[0] == '*')
+		((char *)(ptr))[0] = 0;
+	okey_set_ptr(&ret[0], ptr);
+
+	ptr = calloc(IFNAMSIZ, sizeof(char));
+	if (!ptr)
+		return ULOGD_IRET_ERR;
+
+	nlif_index2name(nlif_inst, ikey_get_u32(&inp[1]), ptr);
+	if (((char *)ptr)[0] == '*')
+		((char *)(ptr))[0] = 0; 
+	okey_set_ptr(&ret[1], ptr);
 
 	return ULOGD_IRET_OK;
 }
diff --git a/filter/ulogd_filter_IP2BIN.c b/filter/ulogd_filter_IP2BIN.c
index 2d9fc16..1d2865e 100644
--- a/filter/ulogd_filter_IP2BIN.c
+++ b/filter/ulogd_filter_IP2BIN.c
@@ -137,12 +137,12 @@ static char *ip2bin(struct ulogd_key* inp, int index, char family)
 
 	switch (family) {
 		case AF_INET6:
-			addr = (struct in6_addr *) GET_VALUE(inp, index).ui128;
+			addr = (struct in6_addr *)ikey_get_u128(&inp[index]);
 			break;
 		case AF_INET:
 			/* Convert IPv4 to IPv4 in IPv6 */
 			addr = &ip4_addr;
-			uint32_to_ipv6(GET_VALUE(inp, index).ui32, addr);
+			uint32_to_ipv6(ikey_get_u32(&inp[index]), addr);
 			break;
 		default:
 			/* TODO handle error */
@@ -176,13 +176,12 @@ static int interp_ip2bin(struct ulogd_pluginstance *pi)
 	struct ulogd_key *ret = pi->output.keys;
 	struct ulogd_key *inp = pi->input.keys;
 	int i;
-	int oob_family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8;
+	int oob_family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
 
 	/* Iter on all addr fields */
 	for(i = START_KEY; i < MAX_KEY; i++) {
 		if (pp_is_valid(inp, i)) {
-			ret[i-1].u.value.ptr = ip2bin(inp, i, oob_family);
-			ret[i-1].flags |= ULOGD_RETF_VALID;
+			okey_set_ptr(&ret[i-1], ip2bin(inp, i, oob_family));
 		}
 	}
 
diff --git a/filter/ulogd_filter_IP2STR.c b/filter/ulogd_filter_IP2STR.c
index a1c1e87..df94c72 100644
--- a/filter/ulogd_filter_IP2STR.c
+++ b/filter/ulogd_filter_IP2STR.c
@@ -145,7 +145,7 @@ static struct ulogd_key ip2str_keys[] = {
 static char *ip2str(struct ulogd_key *inp, int index)
 {
 	char tmp[IPADDR_LENGTH];
-	char family = GET_VALUE(inp, KEY_OOB_FAMILY).ui8;
+	char family = ikey_get_u8(&inp[KEY_OOB_FAMILY]);
 	char convfamily = family;
 
 	if (family == AF_BRIDGE) {
@@ -154,7 +154,7 @@ static char *ip2str(struct ulogd_key *inp, int index)
 				  "No protocol inside AF_BRIDGE packet\n");
 			return NULL;
 		}
-		switch (GET_VALUE(inp, KEY_OOB_PROTOCOL).ui16) {
+		switch (ikey_get_u16(&inp[KEY_OOB_PROTOCOL])) {
 		case ETH_P_IPV6:
 			convfamily = AF_INET6;
 			break;
@@ -172,15 +172,15 @@ static char *ip2str(struct ulogd_key *inp, int index)
 	}
 
 	switch (convfamily) {
+		u_int32_t ip;
 	case AF_INET6:
 		inet_ntop(AF_INET6,
-			  GET_VALUE(inp, index).ui128,
+			  ikey_get_u128(&inp[index]),
 			  tmp, sizeof(tmp));
 		break;
 	case AF_INET:
-		inet_ntop(AF_INET,
-			  &GET_VALUE(inp, index).ui32,
-			  tmp, sizeof(tmp));
+		ip = ikey_get_u32(&inp[index]);
+		inet_ntop(AF_INET, &ip, tmp, sizeof(tmp));
 		break;
 	default:
 		/* TODO error handling */
@@ -199,8 +199,7 @@ static int interp_ip2str(struct ulogd_pluginstance *pi)
 	/* Iter on all addr fields */
 	for (i = START_KEY; i <= MAX_KEY; i++) {
 		if (pp_is_valid(inp, i)) {
-			ret[i-START_KEY].u.value.ptr = ip2str(inp, i);
-			ret[i-START_KEY].flags |= ULOGD_RETF_VALID;
+			okey_set_ptr(&ret[i-START_KEY], ip2str(inp, i));
 		}
 	}
 
diff --git a/filter/ulogd_filter_MARK.c b/filter/ulogd_filter_MARK.c
index 98f5dae..1a7c2fd 100644
--- a/filter/ulogd_filter_MARK.c
+++ b/filter/ulogd_filter_MARK.c
@@ -72,14 +72,14 @@ static int interp_mark(struct ulogd_pluginstance *pi)
 {
 	struct ulogd_key *inp = pi->input.keys;
 	if (pp_is_valid(inp, KEY_CT_MARK)) {
-		if ((GET_VALUE(inp, KEY_CT_MARK).ui32 &
+		if ((ikey_get_u32(&inp[KEY_CT_MARK]) &
 			pi->config_kset->ces[MARK_MASK].u.value) !=
 			(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
 		   ) {
 			return ULOGD_IRET_STOP;
 		}
 	} else if (pp_is_valid(inp, KEY_OOB_MARK)) {
-		if ((GET_VALUE(inp, KEY_OOB_MARK).ui32 &
+		if ((ikey_get_u32(&inp[KEY_OOB_MARK]) &
 			pi->config_kset->ces[MARK_MASK].u.value) !=
 			(u_int32_t) pi->config_kset->ces[MARK_MARK].u.value
 		   ) {
diff --git a/filter/ulogd_filter_PRINTFLOW.c b/filter/ulogd_filter_PRINTFLOW.c
index b78c37b..1de1ba6 100644
--- a/filter/ulogd_filter_PRINTFLOW.c
+++ b/filter/ulogd_filter_PRINTFLOW.c
@@ -37,8 +37,7 @@ static int printflow_interp(struct ulogd_pluginstance *upi)
 	static char buf[4096];
 
 	printflow_print(inp, buf);
-	ret[0].u.value.ptr = buf;
-	ret[0].flags |= ULOGD_RETF_VALID;
+	okey_set_ptr(&ret[0], buf);
 	return ULOGD_IRET_OK;
 }
 
diff --git a/filter/ulogd_filter_PRINTPKT.c b/filter/ulogd_filter_PRINTPKT.c
index 62a3cf7..3313194 100644
--- a/filter/ulogd_filter_PRINTPKT.c
+++ b/filter/ulogd_filter_PRINTPKT.c
@@ -37,8 +37,7 @@ static int printpkt_interp(struct ulogd_pluginstance *upi)
 	static char buf[4096];
 
 	printpkt_print(inp, buf);
-	ret[0].u.value.ptr = buf;
-	ret[0].flags |= ULOGD_RETF_VALID;
+	okey_set_ptr(&ret[0], buf);
 	return ULOGD_IRET_OK;
 }
 
diff --git a/filter/ulogd_filter_PWSNIFF.c b/filter/ulogd_filter_PWSNIFF.c
index 3cbafb6..a6cbf94 100644
--- a/filter/ulogd_filter_PWSNIFF.c
+++ b/filter/ulogd_filter_PWSNIFF.c
@@ -116,25 +116,22 @@ static int interp_pwsniff(struct ulogd_pluginstance *pi)
 	}
 
 	if (len) {
-		ret[0].u.value.ptr = (char *) malloc(len+1);
-		ret[0].flags |= ULOGD_RETF_VALID;
-		if (!ret[0].u.value.ptr) {
-			ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", len);
+		char *ptr;
+		ptr = (char *) malloc(len+1);
+		if (!ptr)
 			return ULOGD_IRET_ERR;
-		}
-		strncpy((char *) ret[0].u.value.ptr, (char *)begp, len);
-		*((char *)ret[0].u.value.ptr + len) = '\0';
+		strncpy(ptr, (char *)begp, len);
+		ptr[len] = '\0';
+		okey_set_ptr(&ret[0], ptr);
 	}
 	if (pw_len) {
-		ret[1].u.value.ptr = (char *) malloc(pw_len+1);
-		ret[1].flags |= ULOGD_RETF_VALID;
-		if (!ret[1].u.value.ptr){
-			ulogd_log(ULOGD_ERROR, "OOM (size=%u)\n", pw_len);
+		char *ptr;
+		ptr = (char *) malloc(pw_len+1);
+		if (!ptr)
 			return ULOGD_IRET_ERR;
-		}
-		strncpy((char *)ret[1].u.value.ptr, (char *)pw_begp, pw_len);
-		*((char *)ret[1].u.value.ptr + pw_len) = '\0';
-
+		strncpy(ptr, (char *)pw_begp, pw_len);
+		ptr[pw_len] = '\0';
+		okey_set_ptr(&ret[1], ptr);
 	}
 	return ULOGD_IRET_OK;
 }