summaryrefslogtreecommitdiffstats
path: root/src/conntrack
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2010-05-03 15:44:30 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2010-05-03 15:44:30 +0200
commitcf7130ab75b3e11142cf1bb749ef97f69a190148 (patch)
tree6690adab6c7ee0b044432903108e73cb2420feab /src/conntrack
parentbee0b3c9d1f38f03b325e7c67a5a918a0837f900 (diff)
ct: add zone support
Add Patrick's zone support for libnetfilter_conntrack. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack')
-rw-r--r--src/conntrack/build.c10
-rw-r--r--src/conntrack/compare.c10
-rw-r--r--src/conntrack/copy.c7
-rw-r--r--src/conntrack/getter.c6
-rw-r--r--src/conntrack/parse.c5
-rw-r--r--src/conntrack/setter.c6
-rw-r--r--src/conntrack/snprintf_default.c11
-rw-r--r--src/conntrack/snprintf_xml.c5
8 files changed, 60 insertions, 0 deletions
diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index e8bb9ac..043c401 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -365,6 +365,13 @@ static void __build_helper_name(struct nfnlhdr *req,
nfnl_nest_end(&req->nlh, nest);
}
+static void __build_zone(struct nfnlhdr *req,
+ size_t size,
+ const struct nf_conntrack *ct)
+{
+ nfnl_addattr16(&req->nlh, size, CTA_ZONE, htons(ct->zone));
+}
+
int __build_conntrack(struct nfnl_subsys_handle *ssh,
struct nfnlhdr *req,
size_t size,
@@ -472,5 +479,8 @@ int __build_conntrack(struct nfnl_subsys_handle *ssh,
if (test_bit(ATTR_HELPER_NAME, ct->set))
__build_helper_name(req, size, ct);
+ if (test_bit(ATTR_ZONE, ct->set))
+ __build_zone(req, size, ct);
+
return 0;
}
diff --git a/src/conntrack/compare.c b/src/conntrack/compare.c
index ba3fdf8..134cefd 100644
--- a/src/conntrack/compare.c
+++ b/src/conntrack/compare.c
@@ -360,6 +360,14 @@ cmp_dccp_state(const struct nf_conntrack *ct1,
return (ct1->protoinfo.dccp.state == ct2->protoinfo.dccp.state);
}
+static int
+cmp_zone(const struct nf_conntrack *ct1,
+ const struct nf_conntrack *ct2,
+ unsigned int flags)
+{
+ return (ct1->zone == ct2->zone);
+}
+
static int cmp_meta(const struct nf_conntrack *ct1,
const struct nf_conntrack *ct2,
unsigned int flags)
@@ -378,6 +386,8 @@ static int cmp_meta(const struct nf_conntrack *ct1,
return 0;
if (!__cmp(ATTR_DCCP_STATE, ct1, ct2, flags, cmp_dccp_state))
return 0;
+ if (!__cmp(ATTR_ZONE, ct1, ct2, flags, cmp_zone))
+ return 0;
return 1;
}
diff --git a/src/conntrack/copy.c b/src/conntrack/copy.c
index 7f7514d..dc31f07 100644
--- a/src/conntrack/copy.c
+++ b/src/conntrack/copy.c
@@ -409,6 +409,12 @@ static void copy_attr_helper_name(struct nf_conntrack *dest,
dest->helper_name[__NFCT_HELPER_NAMELEN-1] = '\0';
}
+static void copy_attr_zone(struct nf_conntrack *dest,
+ const struct nf_conntrack *orig)
+{
+ dest->zone = orig->zone;
+}
+
copy_attr copy_attr_array[ATTR_MAX] = {
[ATTR_ORIG_IPV4_SRC] = copy_attr_orig_ipv4_src,
[ATTR_ORIG_IPV4_DST] = copy_attr_orig_ipv4_dst,
@@ -471,4 +477,5 @@ copy_attr copy_attr_array[ATTR_MAX] = {
[ATTR_DCCP_HANDSHAKE_SEQ] = copy_attr_dccp_handshake_seq,
[ATTR_TCP_WSCALE_ORIG] = copy_attr_tcp_wscale_orig,
[ATTR_TCP_WSCALE_REPL] = copy_attr_tcp_wscale_repl,
+ [ATTR_ZONE] = copy_attr_zone,
};
diff --git a/src/conntrack/getter.c b/src/conntrack/getter.c
index 507a3a2..e288d62 100644
--- a/src/conntrack/getter.c
+++ b/src/conntrack/getter.c
@@ -312,6 +312,11 @@ static const void *get_attr_dccp_handshake_seq(const struct nf_conntrack *ct)
return &ct->protoinfo.dccp.handshake_seq;
}
+static const void *get_attr_zone(const struct nf_conntrack *ct)
+{
+ return &ct->zone;
+}
+
get_attr get_attr_array[ATTR_MAX] = {
[ATTR_ORIG_IPV4_SRC] = get_attr_orig_ipv4_src,
[ATTR_ORIG_IPV4_DST] = get_attr_orig_ipv4_dst,
@@ -374,4 +379,5 @@ get_attr get_attr_array[ATTR_MAX] = {
[ATTR_DCCP_HANDSHAKE_SEQ] = get_attr_dccp_handshake_seq,
[ATTR_TCP_WSCALE_ORIG] = get_attr_tcp_wscale_orig,
[ATTR_TCP_WSCALE_REPL] = get_attr_tcp_wscale_repl,
+ [ATTR_ZONE] = get_attr_zone,
};
diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c
index 60dabe4..b7fe0f6 100644
--- a/src/conntrack/parse.c
+++ b/src/conntrack/parse.c
@@ -516,4 +516,9 @@ void __parse_conntrack(const struct nlmsghdr *nlh,
if (cda[CTA_HELP-1])
__parse_helper(cda[CTA_HELP-1], ct);
+
+ if (cda[CTA_ZONE-1]) {
+ ct->zone = ntohs(*(u_int16_t *)NFA_DATA(cda[CTA_ZONE-1]));
+ set_bit(ATTR_ZONE, ct->set);
+ }
}
diff --git a/src/conntrack/setter.c b/src/conntrack/setter.c
index dd87860..5554e1d 100644
--- a/src/conntrack/setter.c
+++ b/src/conntrack/setter.c
@@ -330,6 +330,11 @@ set_attr_dccp_handshake_seq(struct nf_conntrack *ct, const void *value)
ct->protoinfo.dccp.handshake_seq = *((u_int64_t *) value);
}
+static void set_attr_zone(struct nf_conntrack *ct, const void *value)
+{
+ ct->zone = *((u_int16_t *) value);
+}
+
static void set_attr_do_nothing(struct nf_conntrack *ct, const void *value) {}
set_attr set_attr_array[ATTR_MAX] = {
@@ -392,4 +397,5 @@ set_attr set_attr_array[ATTR_MAX] = {
[ATTR_DCCP_STATE] = set_attr_dccp_state,
[ATTR_DCCP_ROLE] = set_attr_dccp_role,
[ATTR_DCCP_HANDSHAKE_SEQ] = set_attr_dccp_handshake_seq,
+ [ATTR_ZONE] = set_attr_zone,
};
diff --git a/src/conntrack/snprintf_default.c b/src/conntrack/snprintf_default.c
index c89cce5..ce5a477 100644
--- a/src/conntrack/snprintf_default.c
+++ b/src/conntrack/snprintf_default.c
@@ -219,6 +219,12 @@ __snprintf_id(char *buf, unsigned int len, const struct nf_conntrack *ct)
return (snprintf(buf, len, "id=%u ", ct->id));
}
+static int
+__snprintf_zone(char *buf, unsigned int len, const struct nf_conntrack *ct)
+{
+ return (snprintf(buf, len, "zone=%u ", ct->zone));
+}
+
int __snprintf_conntrack_default(char *buf,
unsigned int len,
const struct nf_conntrack *ct,
@@ -325,6 +331,11 @@ int __snprintf_conntrack_default(char *buf,
BUFFER_SIZE(ret, size, len, offset);
}
+ if (test_bit(ATTR_ZONE, ct->set)) {
+ ret = __snprintf_zone(buf+offset, len, ct);
+ BUFFER_SIZE(ret, size, len, offset);
+ }
+
/* Delete the last blank space */
size--;
diff --git a/src/conntrack/snprintf_xml.c b/src/conntrack/snprintf_xml.c
index aa9a9ec..a518617 100644
--- a/src/conntrack/snprintf_xml.c
+++ b/src/conntrack/snprintf_xml.c
@@ -342,6 +342,11 @@ int __snprintf_conntrack_xml(char *buf,
BUFFER_SIZE(ret, size, len, offset);
}
+ if (test_bit(ATTR_ZONE, ct->set)) {
+ ret = snprintf(buf+offset, len, "<zone>%u</zone>", ct->zone);
+ BUFFER_SIZE(ret, size, len, offset);
+ }
+
if (test_bit(ATTR_USE, ct->set)) {
ret = snprintf(buf+offset, len, "<use>%u</use>", ct->use);
BUFFER_SIZE(ret, size, len, offset);