diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-10-07 17:43:50 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-10-07 17:43:50 +0200 |
commit | 92e66d4e07d20e73606e2110144199b81663dc35 (patch) | |
tree | 7e0ef1425480c079e9de53745830bd9d2cdf62e3 /src | |
parent | b24f4ac006dcc3f2c6a904af2f3eb02bd4d16ea2 (diff) |
expect: add support for CTA_EXPECT_FLAGS
This patch allows to set the expectation flags from user-space.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/expect/build.c | 9 | ||||
-rw-r--r-- | src/expect/getter.c | 6 | ||||
-rw-r--r-- | src/expect/parse.c | 5 | ||||
-rw-r--r-- | src/expect/setter.c | 6 | ||||
-rw-r--r-- | src/expect/snprintf_default.c | 21 |
5 files changed, 44 insertions, 3 deletions
diff --git a/src/expect/build.c b/src/expect/build.c index e7f547f..c1a5a1d 100644 --- a/src/expect/build.c +++ b/src/expect/build.c @@ -20,6 +20,12 @@ static void __build_zone(struct nfnlhdr *req, size_t size, nfnl_addattr16(&req->nlh, size, CTA_EXPECT_ZONE, htons(exp->zone)); } +static void __build_flags(struct nfnlhdr *req, + size_t size, const struct nf_expect *exp) +{ + nfnl_addattr32(&req->nlh, size, CTA_EXPECT_FLAGS,htonl(exp->flags)); +} + int __build_expect(struct nfnl_subsys_handle *ssh, struct nfnlhdr *req, size_t size, @@ -63,7 +69,8 @@ int __build_expect(struct nfnl_subsys_handle *ssh, if (test_bit(ATTR_EXP_TIMEOUT, exp->set)) __build_timeout(req, size, exp); - + if (test_bit(ATTR_EXP_FLAGS, exp->set)) + __build_flags(req, size, exp); if (test_bit(ATTR_EXP_ZONE, exp->set)) __build_zone(req, size, exp); diff --git a/src/expect/getter.c b/src/expect/getter.c index d655c92..f2022d9 100644 --- a/src/expect/getter.c +++ b/src/expect/getter.c @@ -32,10 +32,16 @@ static const void *get_exp_attr_zone(const struct nf_expect *exp) return &exp->zone; } +static const void *get_exp_attr_flags(const struct nf_expect *exp) +{ + return &exp->flags; +} + get_exp_attr get_exp_attr_array[ATTR_EXP_MAX] = { [ATTR_EXP_MASTER] = get_exp_attr_master, [ATTR_EXP_EXPECTED] = get_exp_attr_expected, [ATTR_EXP_MASK] = get_exp_attr_mask, [ATTR_EXP_TIMEOUT] = get_exp_attr_timeout, [ATTR_EXP_ZONE] = get_exp_attr_zone, + [ATTR_EXP_FLAGS] = get_exp_attr_flags, }; diff --git a/src/expect/parse.c b/src/expect/parse.c index f274497..d09abcf 100644 --- a/src/expect/parse.c +++ b/src/expect/parse.c @@ -60,4 +60,9 @@ void __parse_expect(const struct nlmsghdr *nlh, ntohs(*(u_int16_t *)NFA_DATA(cda[CTA_EXPECT_ZONE-1])); set_bit(ATTR_EXP_ZONE, exp->set); } + if (cda[CTA_EXPECT_FLAGS-1]) { + exp->flags = + ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_FLAGS-1])); + set_bit(ATTR_EXP_FLAGS, exp->set); + } } diff --git a/src/expect/setter.c b/src/expect/setter.c index dbdad0b..1270860 100644 --- a/src/expect/setter.c +++ b/src/expect/setter.c @@ -32,10 +32,16 @@ static void set_exp_attr_zone(struct nf_expect *exp, const void *value) exp->zone = *((u_int16_t *) value); } +static void set_exp_attr_flags(struct nf_expect *exp, const void *value) +{ + exp->flags = *((u_int32_t *) value); +} + set_exp_attr set_exp_attr_array[ATTR_EXP_MAX] = { [ATTR_EXP_MASTER] = set_exp_attr_master, [ATTR_EXP_EXPECTED] = set_exp_attr_expected, [ATTR_EXP_MASK] = set_exp_attr_mask, [ATTR_EXP_TIMEOUT] = set_exp_attr_timeout, [ATTR_EXP_ZONE] = set_exp_attr_zone, + [ATTR_EXP_FLAGS] = set_exp_attr_flags, }; diff --git a/src/expect/snprintf_default.c b/src/expect/snprintf_default.c index e780bf1..7b088e7 100644 --- a/src/expect/snprintf_default.c +++ b/src/expect/snprintf_default.c @@ -23,6 +23,7 @@ int __snprintf_expect_default(char *buf, unsigned int flags) { int ret = 0, size = 0, offset = 0; + char *delim = ""; switch(msg_type) { case NFCT_T_NEW: @@ -48,8 +49,24 @@ int __snprintf_expect_default(char *buf, BUFFER_SIZE(ret, size, len, offset); } - /* Delete the last blank space */ - size--; + if (exp->flags & NF_CT_EXPECT_PERMANENT) { + ret = snprintf(buf+offset, len, "PERMANENT"); + BUFFER_SIZE(ret, size, len, offset); + delim = ","; + } + if (exp->flags & NF_CT_EXPECT_INACTIVE) { + ret = snprintf(buf+offset, len, "%sINACTIVE", delim); + BUFFER_SIZE(ret, size, len, offset); + delim = ","; + } + if (exp->flags & NF_CT_EXPECT_USERSPACE) { + ret = snprintf(buf+offset, len, "%sUSERSPACE", delim); + BUFFER_SIZE(ret, size, len, offset); + } + + /* Delete the last blank space if needed */ + if (len > 0 && buf[size-1] == ' ') + size--; return size; } |