conntrack: add nfct_set_attr_l and ATTR_HELPER_INFO

This adds the ATTR_HELPER_INFO that can be used to send binary data
that will be attached to the conntrack. This is useful for the
user-space connection tracking support.

This patch also adds a new interface:

 nfct_set_attr_l(attr, type, value, length);

that is used to set the variable length helper information.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 17 insertions, 0 deletions

diff --git a/src/conntrack/copy.c b/src/conntrack/copy.c
index 3c47b15..a6aa9f7 100644
--- a/src/conntrack/copy.c
+++ b/src/conntrack/copy.c
@@ -434,6 +434,22 @@ static void copy_attr_timestamp_stop(struct nf_conntrack *dest,
 	dest->timestamp.stop = orig->timestamp.stop;
 }
 
+static void copy_attr_help_info(struct nf_conntrack *dest,
+				const struct nf_conntrack *orig)
+{
+	if (orig->helper_info == NULL)
+		return;
+
+	if (dest->helper_info != NULL)
+		free(dest->helper_info);
+
+	dest->helper_info = calloc(1, orig->helper_info_len);
+	if (dest->helper_info == NULL)
+		return;
+
+	memcpy(dest->helper_info, orig->helper_info, orig->helper_info_len);
+}
+
 const copy_attr copy_attr_array[ATTR_MAX] = {
 	[ATTR_ORIG_IPV4_SRC]		= copy_attr_orig_ipv4_src,
 	[ATTR_ORIG_IPV4_DST] 		= copy_attr_orig_ipv4_dst,
@@ -500,6 +516,7 @@ const copy_attr copy_attr_array[ATTR_MAX] = {
 	[ATTR_SECCTX]			= copy_attr_secctx,
 	[ATTR_TIMESTAMP_START]		= copy_attr_timestamp_start,
 	[ATTR_TIMESTAMP_STOP]		= copy_attr_timestamp_stop,
+	[ATTR_HELPER_INFO]		= copy_attr_help_info,
 };
 
 /* this is used by nfct_copy() with the NFCT_CP_OVERRIDE flag set. */