From 5c0d2ffd9cc954b94344795deaaadb1a8fd68b59 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 30 Sep 2013 16:31:03 +0200
Subject: nfct: timeout: split nfct_cmd_timeout_add in several functions

This patch is a cleanup to split this function in smaller chunks.
It is required to prepare default protocol timeout tuning via
netlink.
---
 src/nfct-extensions/timeout.c | 123 +++++++++++++++++++++++++++---------------
 1 file changed, 80 insertions(+), 43 deletions(-)

(limited to 'src/nfct-extensions/timeout.c')

diff --git a/src/nfct-extensions/timeout.c b/src/nfct-extensions/timeout.c
index 7811bb2..0cf92bb 100644
--- a/src/nfct-extensions/timeout.c
+++ b/src/nfct-extensions/timeout.c
@@ -1,5 +1,5 @@
 /*
- * (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
+ * (C) 2012-2013 by Pablo Neira Ayuso <pablo@netfilter.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published
@@ -174,53 +174,34 @@ static uint32_t nfct_timeout_attr_max[IPPROTO_MAX] = {
 	[IPPROTO_RAW]		= NFCT_TIMEOUT_ATTR_GENERIC_MAX,
 };
 
-int nfct_cmd_timeout_add(int argc, char *argv[])
+static int nfct_cmd_get_l3proto(char *argv[])
 {
-	struct mnl_socket *nl;
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-	uint32_t portid, seq;
-	struct nfct_timeout *t;
-	uint16_t l3proto;
-	uint8_t l4proto;
-	int ret, i;
-	unsigned int j;
-	struct protoent *pent;
-
-	if (argc < 6) {
-		nfct_perror("missing parameters\n"
-			    "syntax: nfct timeout add name "
-			    "family protocol state1 "
-			    "timeout1 state2 timeout2...");
-		return -1;
-	}
-
-	t = nfct_timeout_alloc();
-	if (t == NULL) {
-		nfct_perror("OOM");
-		return -1;
-	}
-
-	nfct_timeout_attr_set(t, NFCT_TIMEOUT_ATTR_NAME, argv[3]);
+	int l3proto;
 
-	if (strcmp(argv[4], "inet") == 0)
+	if (strcmp(*argv, "inet") == 0)
 		l3proto = AF_INET;
-	else if (strcmp(argv[4], "inet6") == 0)
+	else if (strcmp(*argv, "inet6") == 0)
 		l3proto = AF_INET6;
 	else {
 		nfct_perror("unknown layer 3 protocol");
 		return -1;
 	}
-	nfct_timeout_attr_set_u16(t, NFCT_TIMEOUT_ATTR_L3PROTO, l3proto);
+	return l3proto;
+}
+
+static int nfct_cmd_get_l4proto(char *argv[])
+{
+	int l4proto;
+	struct protoent *pent;
 
-	pent = getprotobyname(argv[5]);
+	pent = getprotobyname(*argv);
 	if (!pent) {
 		/* In Debian, /etc/protocols says ipv6-icmp. Support icmpv6
 		 * as well not to break backward compatibility.
 		 */
-		if (strcmp(argv[5], "icmpv6") == 0)
+		if (strcmp(*argv, "icmpv6") == 0)
 			l4proto = IPPROTO_ICMPV6;
-		else if (strcmp(argv[5], "generic") == 0)
+		else if (strcmp(*argv, "generic") == 0)
 			l4proto = IPPROTO_RAW;
 		else {
 			nfct_perror("unknown layer 4 protocol");
@@ -229,9 +210,35 @@ int nfct_cmd_timeout_add(int argc, char *argv[])
 	} else
 		l4proto = pent->p_proto;
 
+	return l4proto;
+}
+
+static int
+nfct_cmd_timeout_parse(struct nfct_timeout *t, int argc, char *argv[])
+{
+	int l3proto, l4proto;
+	unsigned int j;
+	const char *proto_name;
+
+	l3proto = nfct_cmd_get_l3proto(argv);
+	if (l3proto < 0)
+		return -1;
+
+	nfct_timeout_attr_set_u16(t, NFCT_TIMEOUT_ATTR_L3PROTO, l3proto);
+
+	argc--;
+	argv++;
+	proto_name = *argv;
+
+	l4proto = nfct_cmd_get_l4proto(argv);
+	if (l4proto < 0)
+		return -1;
+
 	nfct_timeout_attr_set_u8(t, NFCT_TIMEOUT_ATTR_L4PROTO, l4proto);
+	argc--;
+	argv++;
 
-	for (i=6; i<argc; i+=2) {
+	for (; argc>1; argc-=2, argv+=2) {
 		int matching = -1;
 
 		for (j=0; j<nfct_timeout_attr_max[l4proto]; j++) {
@@ -243,27 +250,57 @@ int nfct_cmd_timeout_add(int argc, char *argv[])
 				nfct_perror("state name is NULL");
 				return -1;
 			}
-			if (strcasecmp(argv[i], state_name) != 0)
+			if (strcasecmp(*argv, state_name) != 0)
 				continue;
 
 			matching = j;
 			break;
 		}
 		if (matching != -1) {
-			if (i+1 >= argc) {
-				nfct_perror("missing value for this timeout");
-				return -1;
-			}
 			nfct_timeout_policy_attr_set_u32(t, matching,
-							 atoi(argv[i+1]));
-			matching = -1;
+							 atoi(*(argv+1)));
 		} else {
 			fprintf(stderr, "nfct v%s: Wrong state name: `%s' "
 					"for protocol `%s'\n",
-					VERSION, argv[i], argv[5]);
+					VERSION, *argv, proto_name);
 			return -1;
 		}
 	}
+	if (argc > 0) {
+		nfct_perror("missing value for this timeout");
+		return -1;
+	}
+
+	return 0;
+}
+
+int nfct_cmd_timeout_add(int argc, char *argv[])
+{
+	struct mnl_socket *nl;
+	char buf[MNL_SOCKET_BUFFER_SIZE];
+	struct nlmsghdr *nlh;
+	uint32_t portid, seq;
+	struct nfct_timeout *t;
+	int ret;
+
+	if (argc < 6) {
+		nfct_perror("missing parameters\n"
+			    "syntax: nfct timeout add name "
+			    "family protocol state1 "
+			    "timeout1 state2 timeout2...");
+		return -1;
+	}
+
+	t = nfct_timeout_alloc();
+	if (t == NULL) {
+		nfct_perror("OOM");
+		return -1;
+	}
+
+	nfct_timeout_attr_set(t, NFCT_TIMEOUT_ATTR_NAME, argv[3]);
+
+	if (nfct_cmd_timeout_parse(t, argc-4, &argv[4]) < 0)
+		return -1;
 
 	seq = time(NULL);
 	nlh = nfct_timeout_nlmsg_build_hdr(buf, IPCTNL_MSG_TIMEOUT_NEW,
-- 
cgit v1.2.3