summaryrefslogtreecommitdiffstats
path: root/libxtables
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2016-02-01 19:29:51 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2016-02-16 19:30:25 +0100
commite9855aaeaceafdb67f920000499882ec4f31e60c (patch)
treedc3f8b706bf170832e450fd1d99fd904b4d9d9ff /libxtables
parent6b60dc5be58a5781cacc4e6f238454d5e8421760 (diff)
xtables: add xt_xlate_add_comment()
This new function allows us to add comments to the nft rule. This can be used to provide a translation for the comment match. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'libxtables')
-rw-r--r--libxtables/xtables.c41
1 files changed, 26 insertions, 15 deletions
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 32d6a5a2..c4b86f51 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -1987,11 +1987,16 @@ void get_kernel_version(void)
kernel_version = LINUX_VERSION(x, y, z);
}
+#include <linux/netfilter/nf_tables.h>
+
struct xt_xlate {
- char *data;
- int size;
- int rem;
- int off;
+ struct {
+ char *data;
+ int size;
+ int rem;
+ int off;
+ } buf;
+ char comment[NFT_USERDATA_MAXLEN];
};
struct xt_xlate *xt_xlate_alloc(int size)
@@ -2002,20 +2007,20 @@ struct xt_xlate *xt_xlate_alloc(int size)
if (xl == NULL)
xtables_error(RESOURCE_PROBLEM, "OOM");
- xl->data = malloc(size);
- if (xl->data == NULL)
+ xl->buf.data = malloc(size);
+ if (xl->buf.data == NULL)
xtables_error(RESOURCE_PROBLEM, "OOM");
- xl->size = size;
- xl->rem = size;
- xl->off = 0;
+ xl->buf.size = size;
+ xl->buf.rem = size;
+ xl->buf.off = 0;
return xl;
}
void xt_xlate_free(struct xt_xlate *xl)
{
- free(xl->data);
+ free(xl->buf.data);
free(xl);
}
@@ -2025,16 +2030,22 @@ void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...)
int len;
va_start(ap, fmt);
- len = vsnprintf(xl->data + xl->off, xl->rem, fmt, ap);
- if (len < 0 || len >= xl->rem)
+ len = vsnprintf(xl->buf.data + xl->buf.off, xl->buf.rem, fmt, ap);
+ if (len < 0 || len >= xl->buf.rem)
xtables_error(RESOURCE_PROBLEM, "OOM");
va_end(ap);
- xl->rem -= len;
- xl->off += len;
+ xl->buf.rem -= len;
+ xl->buf.off += len;
+}
+
+void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment)
+{
+ strncpy(xl->comment, comment, NFT_USERDATA_MAXLEN - 1);
+ xl->comment[NFT_USERDATA_MAXLEN - 1] = '\0';
}
const char *xt_xlate_get(struct xt_xlate *xl)
{
- return xl->data;
+ return xl->buf.data;
}