diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-10-16 19:44:46 +0000 |
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-10-16 19:44:46 +0000 |
| commit | f9dc4d2ed9f724057ed107839aa8ca6122f7b46c (patch) | |
| tree | 0cdbdd97ac3a90e5ee034806ff47d40a11a4f4c6 /extensions/libnetfilter_conntrack_icmp.c | |
| parent | 9307f9476ba20c3f08a5740ce06274a15d85b8c7 (diff) | |
Major changes, this library isn't libnfnetlink_conntrack anymore.
We provide an high level interface that abstracts from the netlink
sockets. Now users don't need to know anything about them.
Diffstat (limited to 'extensions/libnetfilter_conntrack_icmp.c')
| -rw-r--r-- | extensions/libnetfilter_conntrack_icmp.c | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/extensions/libnetfilter_conntrack_icmp.c b/extensions/libnetfilter_conntrack_icmp.c new file mode 100644 index 0000000..38ad41a --- /dev/null +++ b/extensions/libnetfilter_conntrack_icmp.c @@ -0,0 +1,65 @@ +/* + * (C) 2005 by Pablo Neira Ayuso <pablo@netfilter.org> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + */ +#include <stdio.h> +#include <getopt.h> +#include <stdlib.h> +#include <string.h> +#include <netinet/in.h> /* For htons */ +#include <linux/netfilter/nfnetlink_conntrack.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack.h> + +void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple) +{ + if (cda[CTA_PROTO_ICMP_TYPE-1]) + tuple->l4dst.icmp.type = + *(u_int8_t *)NFA_DATA(cda[CTA_PROTO_ICMP_TYPE-1]); + + if (cda[CTA_PROTO_ICMP_CODE-1]) + tuple->l4dst.icmp.code = + *(u_int8_t *)NFA_DATA(cda[CTA_PROTO_ICMP_CODE-1]); + + if (cda[CTA_PROTO_ICMP_ID-1]) + tuple->l4src.icmp.id = + *(u_int16_t *)NFA_DATA(cda[CTA_PROTO_ICMP_ID-1]); +} + +int print_proto(char *buf, struct nfct_tuple *t) +{ + int size = 0; + + size += sprintf(buf, "type=%d code=%d ", t->l4dst.icmp.type, + t->l4dst.icmp.code); + /* ID only makes sense with ECHO */ + if (t->l4dst.icmp.type == 8) + size += sprintf(buf, "id=%d ", t->l4src.icmp.id); + + return size; +} + +static struct nfct_proto icmp = { + .name = "icmp", + .protonum = IPPROTO_ICMP, + .parse_proto = parse_proto, + .print_proto = print_proto, + .version = LIBNETFILTER_CONNTRACK_VERSION +}; + +void __attribute__ ((constructor)) init(void); +void __attribute__ ((destructor)) fini(void); + +void init(void) +{ + nfct_register_proto(&icmp); +} + +void fini(void) +{ + nfct_unregister_proto(&icmp); +} |