diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-10-30 20:44:25 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-10-30 20:44:25 +0100 |
commit | 7dd5289076160ee2844978bfd1640ca7aa34f4da (patch) | |
tree | a91a1c1dcea8238bf01f933352f41526f6581ba0 /include/libnetfilter_conntrack | |
parent | 215d42fef86577ad74151cda553a20b1bdb58a30 (diff) |
groups: add attribute group API
This new API allows you to set and get some logical set of
attributes. This is not intended to replace the existing
per-attribute get/set API but to provide more efficient way
to get/set certain attributes. This change includes an example
file (conntrack_grp_create.c) of the use of the attribute group API.
See ATTR_GRP_* for more information on the existing groups.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/libnetfilter_conntrack')
-rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index e66f0f8..2fde9a8 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -124,6 +124,45 @@ enum nf_conntrack_attr { ATTR_MAX }; +/* conntrack attribute groups */ +enum nf_conntrack_attr_grp { + ATTR_GRP_ORIG_IPV4 = 0, /* struct nfct_attr_grp_ipv4 */ + ATTR_GRP_REPL_IPV4, /* struct nfct_attr_grp_ipv4 */ + ATTR_GRP_ORIG_IPV6, /* struct nfct_attr_grp_ipv6 */ + ATTR_GRP_REPL_IPV6, /* struct nfct_attr_grp_ipv6 */ + ATTR_GRP_ORIG_PORT = 4, /* struct nfct_attr_grp_port */ + ATTR_GRP_REPL_PORT, /* struct nfct_attr_grp_port */ + ATTR_GRP_ICMP, /* struct nfct_attr_grp_icmp */ + ATTR_GRP_MASTER_IPV4, /* struct nfct_attr_grp_ipv4 */ + ATTR_GRP_MASTER_IPV6 = 8, /* struct nfct_attr_grp_ipv6 */ + ATTR_GRP_MASTER_PORT, /* struct nfct_attr_grp_port */ + ATTR_GRP_ORIG_COUNTERS, /* struct nfct_attr_grp_ctrs */ + ATTR_GRP_REPL_COUNTERS, /* struct nfct_attr_grp_ctrs */ + ATTR_GRP_MAX +}; + +struct nfct_attr_grp_ipv4 { + u_int32_t src, dst; +}; + +struct nfct_attr_grp_ipv6 { + u_int32_t src[4], dst[4]; +}; + +struct nfct_attr_grp_port { + u_int16_t sport, dport; +}; + +struct nfct_attr_grp_icmp { + u_int16_t id; + u_int8_t code, type; +}; + +struct nfct_attr_grp_ctrs { + u_int64_t packets; + u_int64_t bytes; +}; + /* message type */ enum nf_conntrack_msg_type { NFCT_T_UNKNOWN = 0, @@ -238,6 +277,23 @@ extern int nfct_attr_is_set(const struct nf_conntrack *ct, extern int nfct_attr_unset(struct nf_conntrack *ct, const enum nf_conntrack_attr type); +/* group setter */ +extern void nfct_set_attr_grp(struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type, + const void *value); +/* group getter */ +extern int nfct_get_attr_grp(const struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type, + void *data); + +/* group checker */ +extern int nfct_attr_grp_is_set(const struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type); + +/* unsetter */ +extern int nfct_attr_grp_unset(struct nf_conntrack *ct, + const enum nf_conntrack_attr_grp type); + /* print */ /* output type */ |