introduce NFCT_SOPT_SETUP_* options to simplify object setup

6 files changed, 54 insertions, 52 deletions

diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 174cf6f..965050f 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -138,6 +138,8 @@ enum {
 	NFCT_SOPT_UNDO_DNAT,
 	NFCT_SOPT_UNDO_SPAT,
 	NFCT_SOPT_UNDO_DPAT,
+	NFCT_SOPT_SETUP_ORIGINAL,
+	NFCT_SOPT_SETUP_REPLY,
 	__NFCT_SOPT_MAX,
 };
 #define NFCT_SOPT_MAX (__NFCT_SOPT_MAX - 1)
diff --git a/src/conntrack/objopt.c b/src/conntrack/objopt.c
index e525b2e..2f00005 100644
--- a/src/conntrack/objopt.c
+++ b/src/conntrack/objopt.c
@@ -7,6 +7,24 @@
 
 #include "internal.h"
 
+static int __autocomplete(struct nf_conntrack *ct, int dir)
+{
+	int other = (dir == __DIR_ORIG) ? __DIR_REPL : __DIR_ORIG;
+
+	ct->tuple[dir].l3protonum = ct->tuple[other].l3protonum;
+	ct->tuple[dir].protonum = ct->tuple[other].protonum;
+
+	memcpy(&ct->tuple[dir].src.v6, 
+	       &ct->tuple[other].dst.v6,
+	       sizeof(union __nfct_address));
+	memcpy(&ct->tuple[dir].dst.v6, 
+	       &ct->tuple[other].src.v6,
+	       sizeof(union __nfct_address));
+
+	ct->tuple[dir].l4src.all = ct->tuple[other].l4dst.all;
+	ct->tuple[dir].l4dst.all = ct->tuple[other].l4src.all;
+}
+
 int __setobjopt(struct nf_conntrack *ct, unsigned int option)
 {
 	switch(option) {
@@ -36,6 +54,12 @@ int __setobjopt(struct nf_conntrack *ct, unsigned int option)
 			ct->tuple[__DIR_ORIG].l4dst.tcp.port;
 		set_bit(ATTR_DNAT_PORT, ct->set);
 		break;
+	case NFCT_SOPT_SETUP_ORIGINAL:
+		__autocomplete(ct, __DIR_ORIG);
+		break;
+	case NFCT_SOPT_SETUP_REPLY:
+		__autocomplete(ct, __DIR_REPL);
+		break;
 	}
 	return 0;
 }
diff --git a/utils/conntrack_create.c b/utils/conntrack_create.c
index 3c41d22..bc591b5 100644
--- a/utils/conntrack_create.c
+++ b/utils/conntrack_create.c
@@ -17,21 +17,15 @@ int main()
 		return 0;
 	}
 
-	nfct_set_attr_u8(ct, ATTR_ORIG_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC, inet_addr("1.1.1.1"));
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_DST, inet_addr("2.2.2.2"));
+	nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
+	nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 	
-	nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, htons(20));
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, htons(10));
+	nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
+	nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
+	nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
 
-	nfct_set_attr_u8(ct, ATTR_REPL_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_SRC, inet_addr("2.2.2.2"));
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_DST, inet_addr("1.1.1.1"));
-	
-	nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_SRC, htons(10));
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_DST, htons(20));
+	nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
 
 	nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_LISTEN);
 	nfct_set_attr_u32(ct, ATTR_TIMEOUT, 100);
diff --git a/utils/conntrack_create_nat.c b/utils/conntrack_create_nat.c
index 591f1bb..3995cd3 100644
--- a/utils/conntrack_create_nat.c
+++ b/utils/conntrack_create_nat.c
@@ -17,21 +17,15 @@ int main()
 		return 0;
 	}
 
-	nfct_set_attr_u8(ct, ATTR_ORIG_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC, inet_addr("1.1.1.1"));
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_DST, inet_addr("2.2.2.2"));
+	nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
+	nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 	
-	nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, htons(20));
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, htons(10));
+	nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
+	nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
+	nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
 
-	nfct_set_attr_u8(ct, ATTR_REPL_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_SRC, inet_addr("2.2.2.2"));
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_DST, inet_addr("1.1.1.1"));
-	
-	nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_SRC, htons(10));
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_DST, htons(20));
+	nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
 
 	nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_LISTEN);
 	nfct_set_attr_u32(ct, ATTR_TIMEOUT, 100);
diff --git a/utils/conntrack_update.c b/utils/conntrack_update.c
index 82b95d5..21e3054 100644
--- a/utils/conntrack_update.c
+++ b/utils/conntrack_update.c
@@ -17,21 +17,15 @@ int main()
 		return 0;
 	}
 
-	nfct_set_attr_u8(ct, ATTR_ORIG_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_SRC, inet_addr("1.1.1.1"));
-	nfct_set_attr_u32(ct, ATTR_ORIG_IPV4_DST, inet_addr("2.2.2.2"));
+	nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
+	nfct_set_attr_u32(ct, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(ct, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 	
-	nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, htons(20));
-	nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, htons(10));
+	nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_TCP);
+	nfct_set_attr_u16(ct, ATTR_PORT_SRC, htons(20));
+	nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(10));
 
-	nfct_set_attr_u8(ct, ATTR_REPL_L3PROTO, AF_INET);
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_SRC, inet_addr("2.2.2.2"));
-	nfct_set_attr_u32(ct, ATTR_REPL_IPV4_DST, inet_addr("1.1.1.1"));
-	
-	nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_SRC, htons(10));
-	nfct_set_attr_u16(ct, ATTR_REPL_PORT_DST, htons(20));
+	nfct_setobjopt(ct, NFCT_SOPT_SETUP_REPLY);
 
 	nfct_set_attr_u8(ct, ATTR_TCP_STATE, TCP_CONNTRACK_SYN_SENT);
 	nfct_set_attr_u32(ct, ATTR_TIMEOUT, 600);
diff --git a/utils/expect_create.c b/utils/expect_create.c
index 9663958..3890c26 100644
--- a/utils/expect_create.c
+++ b/utils/expect_create.c
@@ -22,21 +22,15 @@ int main()
 		exit(EXIT_FAILURE);
 	}
 
-	nfct_set_attr_u8(master, ATTR_ORIG_L3PROTO, AF_INET);
-	nfct_set_attr_u32(master, ATTR_ORIG_IPV4_SRC, inet_addr("1.1.1.1"));
-	nfct_set_attr_u32(master, ATTR_ORIG_IPV4_DST, inet_addr("2.2.2.2"));
+	nfct_set_attr_u8(master, ATTR_L3PROTO, AF_INET);
+	nfct_set_attr_u32(master, ATTR_IPV4_SRC, inet_addr("1.1.1.1"));
+	nfct_set_attr_u32(master, ATTR_IPV4_DST, inet_addr("2.2.2.2"));
 
-	nfct_set_attr_u8(master, ATTR_ORIG_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(master, ATTR_ORIG_PORT_SRC, htons(1025));
-	nfct_set_attr_u16(master, ATTR_ORIG_PORT_DST, htons(21));
+	nfct_set_attr_u8(master, ATTR_L4PROTO, IPPROTO_TCP);
+	nfct_set_attr_u16(master, ATTR_PORT_SRC, htons(1025));
+	nfct_set_attr_u16(master, ATTR_PORT_DST, htons(21));
 
-	nfct_set_attr_u8(master, ATTR_REPL_L3PROTO, AF_INET);
-	nfct_set_attr_u32(master, ATTR_REPL_IPV4_SRC, inet_addr("2.2.2.2"));
-	nfct_set_attr_u32(master, ATTR_REPL_IPV4_DST, inet_addr("1.1.1.1"));
-
-	nfct_set_attr_u8(master, ATTR_REPL_L4PROTO, IPPROTO_TCP);
-	nfct_set_attr_u16(master, ATTR_REPL_PORT_SRC, htons(21));
-	nfct_set_attr_u16(master, ATTR_REPL_PORT_DST, htons(1025));
+	nfct_setobjopt(master, NFCT_SOPT_SETUP_REPLY);
 
 	nfct_set_attr_u8(master, ATTR_TCP_STATE, TCP_CONNTRACK_LISTEN);
 	nfct_set_attr_u32(master, ATTR_TIMEOUT, 200);