diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-08-08 11:40:51 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-08-08 11:40:51 +0000 |
| commit | 8354fefa19bdaadb19a8fd0a818a7097e24bceaf (patch) | |
| tree | b3b28ec2a9872bcd1035fb5ecab889d051bd9e7f /src | |
| parent | 7a60a4748220105e592c583ef0860d51e540a2c6 (diff) | |
Resync to 2.6.14 and libnfnetlink_conntrack
Diffstat (limited to 'src')
| -rw-r--r-- | src/conntrack.c | 10 | ||||
| -rw-r--r-- | src/libct.c | 79 |
2 files changed, 51 insertions, 38 deletions
diff --git a/src/conntrack.c b/src/conntrack.c index 22c6115..ccfb71a 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -880,11 +880,13 @@ int main(int argc, char *argv[]) case EXP_CREATE: if (options & CT_OPT_ORIG) res = create_expectation(&orig, + CTA_TUPLE_ORIG, &exptuple, &mask, timeout); else if (options & CT_OPT_REPL) res = create_expectation(&reply, + CTA_TUPLE_REPLY, &exptuple, &mask, timeout); @@ -915,16 +917,16 @@ int main(int argc, char *argv[]) case EXP_DELETE: if (options & CT_OPT_ORIG) - res = delete_expectation(&orig); + res = delete_expectation(&orig, CTA_TUPLE_ORIG); else if (options & CT_OPT_REPL) - res = delete_expectation(&reply); + res = delete_expectation(&reply, CTA_TUPLE_REPLY); break; case CT_GET: if (options & CT_OPT_ORIG) - res = get_conntrack(&orig, id); + res = get_conntrack(&orig, CTA_TUPLE_ORIG, id); else if (options & CT_OPT_REPL) - res = get_conntrack(&reply, id); + res = get_conntrack(&reply, CTA_TUPLE_REPLY, id); break; case EXP_GET: diff --git a/src/libct.c b/src/libct.c index e03c02a..cf46b99 100644 --- a/src/libct.c +++ b/src/libct.c @@ -162,7 +162,7 @@ static int handler(struct sockaddr_nl *sock, struct nlmsghdr *nlh, void *arg) parse_tuple(attr, &ct.tuple[CTNL_DIR_REPLY]); break; case CTA_STATUS: - ct.status = *(unsigned int *)NFA_DATA(attr); + ct.status = ntohl(*(unsigned int *)NFA_DATA(attr)); flags |= STATUS; break; case CTA_PROTOINFO: @@ -268,6 +268,25 @@ static int event_handler(struct sockaddr_nl *sock, struct nlmsghdr *nlh, return handler(sock, nlh, arg); } +void parse_expect(struct nfattr *attr, struct ctnl_tuple *tuple, + struct ctnl_tuple *mask, unsigned long *timeout, + u_int32_t *id) +{ + struct nfattr *tb[CTA_EXPECT_MAX]; + + memset(tb, 0, CTA_EXPECT_MAX*sizeof(struct nfattr *)); + + nfnl_parse_nested(tb, CTA_EXPECT_MAX, attr); + if (tb[CTA_EXPECT_TUPLE-1]) + parse_tuple(tb[CTA_EXPECT_TUPLE-1], tuple); + if (tb[CTA_EXPECT_MASK-1]) + parse_tuple(tb[CTA_EXPECT_MASK-1], mask); + if (tb[CTA_EXPECT_TIMEOUT-1]) + *timeout = htonl(*(unsigned long *)NFA_DATA(tb[CTA_EXPECT_TIMEOUT-1])); + if (tb[CTA_EXPECT_ID-1]) + *id = htonl(*(u_int32_t *)NFA_DATA(tb[CTA_EXPECT_ID-1])); +} + static int expect_handler(struct sockaddr_nl *sock, struct nlmsghdr *nlh, void *arg) { struct nfgenmsg *nfmsg; @@ -291,19 +310,9 @@ static int expect_handler(struct sockaddr_nl *sock, struct nlmsghdr *nlh, void * while (NFA_OK(attr, attrlen)) { switch(attr->nfa_type) { - - case CTA_EXPECT_TUPLE: - parse_tuple(attr, &tuple); - break; - case CTA_EXPECT_MASK: - parse_tuple(attr, &mask); - break; - case CTA_EXPECT_TIMEOUT: - timeout = htonl(*(unsigned long *) - NFA_DATA(attr)); - break; - case CTA_EXPECT_ID: - id = htonl(*(u_int32_t *)NFA_DATA(attr)); + case CTA_EXPECT: + parse_expect(attr, &tuple, &mask, &timeout, + &id); break; } attr = NFA_NEXT(attr, attrlen); @@ -339,12 +348,12 @@ int create_conntrack(struct ctnl_tuple *orig, ct.tuple[CTNL_DIR_ORIGINAL] = *orig; ct.tuple[CTNL_DIR_REPLY] = *reply; ct.timeout = htonl(timeout); - ct.status = status; + ct.status = htonl(status); ct.protoinfo = *proto; if (range) ct.nat = *range; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ret = ctnl_new_conntrack(&cth, &ct); @@ -367,10 +376,10 @@ int update_conntrack(struct ctnl_tuple *orig, ct.tuple[CTNL_DIR_ORIGINAL] = *orig; ct.tuple[CTNL_DIR_REPLY] = *reply; ct.timeout = htonl(timeout); - ct.status = status; + ct.status = htonl(status); ct.protoinfo = *proto; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ret = ctnl_upd_conntrack(&cth, &ct); @@ -384,7 +393,7 @@ int delete_conntrack(struct ctnl_tuple *tuple, int dir) { int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ret = ctnl_del_conntrack(&cth, tuple, dir); @@ -402,7 +411,7 @@ int get_conntrack(struct ctnl_tuple *tuple, int dir) }; int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ctnl_register_handler(&cth, &h); @@ -421,7 +430,7 @@ int dump_conntrack_table(int zero) .handler = handler }; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ctnl_register_handler(&cth, &h); @@ -454,7 +463,7 @@ int event_conntrack(unsigned int event_mask) }; int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, event_mask)) < 0) + if ((ret = ctnl_open(&cth, event_mask)) < 0) return ret; signal(SIGINT, event_sighandler); @@ -518,7 +527,7 @@ int dump_expect_list() }; int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ctnl_register_handler(&cth, &h); @@ -533,7 +542,7 @@ int flush_conntrack() { int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ret = ctnl_flush_conntrack(&cth); @@ -542,7 +551,8 @@ int flush_conntrack() return ret; } -int get_expect(struct ctnl_tuple *tuple) +int get_expect(struct ctnl_tuple *tuple, + enum ctattr_type t) { struct ctnl_msg_handler h = { .type = IPCTNL_MSG_EXP_NEW, @@ -550,42 +560,43 @@ int get_expect(struct ctnl_tuple *tuple) }; int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return 0; ctnl_register_handler(&cth, &h); - ret = ctnl_get_expect(&cth, tuple); + ret = ctnl_get_expect(&cth, tuple, t); ctnl_close(&cth); return ret; } int create_expectation(struct ctnl_tuple *tuple, + enum ctattr_type t, struct ctnl_tuple *exptuple, struct ctnl_tuple *mask, unsigned long timeout) { int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; - ret = ctnl_new_expect(&cth, tuple, exptuple, mask, timeout); + ret = ctnl_new_expect(&cth, tuple, t, exptuple, mask, timeout); ctnl_close(&cth); return ret; } -int delete_expectation(struct ctnl_tuple *tuple) +int delete_expectation(struct ctnl_tuple *tuple, enum ctattr_type t) { int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; - ret = ctnl_del_expect(&cth, tuple); + ret = ctnl_del_expect(&cth, tuple, t); ctnl_close(&cth); return ret; @@ -603,7 +614,7 @@ int event_expectation(unsigned int event_mask) }; int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, event_mask)) < 0) + if ((ret = ctnl_open(&cth, event_mask)) < 0) return ret; ctnl_register_handler(&cth, &hnew); @@ -618,7 +629,7 @@ int flush_expectation() { int ret; - if ((ret = ctnl_open(&cth, NFNL_SUBSYS_CTNETLINK_EXP, 0)) < 0) + if ((ret = ctnl_open(&cth, 0)) < 0) return ret; ret = ctnl_flush_expect(&cth); |