summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2019-05-02 14:07:52 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2019-05-02 16:29:48 +0200
commita2fa46c606a36904a26aaf38598fa194c3fbcf4b (patch)
tree96766c6a06030331911ca68fc03cd7e47fe772c9 /src
parent9ddc4362ce64a0b273c2fbcb819fa061aadd02a5 (diff)
expect: add missing handling for CTA_EXPECT_* attributes
Add missing code to handle CTA_EXPECT_CLASS, CTA_EXPECT_NAT and CTA_EXPECT_FN from libmnl parser. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/expect/parse_mnl.c64
1 files changed, 61 insertions, 3 deletions
diff --git a/src/expect/parse_mnl.c b/src/expect/parse_mnl.c
index 69feef5..e7bbc16 100644
--- a/src/expect/parse_mnl.c
+++ b/src/expect/parse_mnl.c
@@ -47,6 +47,53 @@ static int nlmsg_parse_expection_attr_cb(const struct nlattr *attr, void *data)
return MNL_CB_OK;
}
+static int nfexp_nlmsg_parse_nat_attr_cb(const struct nlattr *attr, void *data)
+{
+ int type = mnl_attr_get_type(attr);
+ const struct nlattr **tb = data;
+
+ if (mnl_attr_type_valid(attr, CTA_MAX) < 0)
+ return MNL_CB_OK;
+
+ switch(type) {
+ case CTA_EXPECT_NAT_TUPLE:
+ if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0)
+ abi_breakage();
+ break;
+ case CTA_EXPECT_NAT_DIR:
+ if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
+ abi_breakage();
+ break;
+ }
+
+ tb[type] = attr;
+ return MNL_CB_OK;
+}
+
+static void nfexp_nlmsg_parse_nat(struct nfgenmsg *nfg,
+ const struct nlattr *attr,
+ struct nf_expect *exp)
+{
+ struct nlattr *tb[CTA_EXPECT_NAT_MAX + 1] = {};
+
+ if (mnl_attr_parse_nested(attr, nfexp_nlmsg_parse_nat_attr_cb, tb) < 0)
+ return;
+
+ exp->nat.orig.l3protonum = nfg->nfgen_family;
+ set_bit(ATTR_ORIG_L3PROTO, exp->nat.set);
+
+ if (tb[CTA_EXPECT_NAT_TUPLE]) {
+ nfct_parse_tuple(tb[CTA_EXPECT_NAT_TUPLE], &exp->nat.orig,
+ __DIR_ORIG, exp->nat.set);
+ set_bit(ATTR_EXP_NAT_TUPLE, exp->set);
+ }
+ if (tb[CTA_EXPECT_NAT_DIR]) {
+ exp->nat_dir =
+ ntohl(mnl_attr_get_u32(tb[CTA_EXPECT_NAT_DIR]));
+ set_bit(ATTR_EXP_NAT_DIR, exp->set);
+ }
+}
+
int nfexp_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_expect *exp)
{
struct nlattr *tb[CTA_EXPECT_MAX+1] = {};
@@ -83,22 +130,33 @@ int nfexp_nlmsg_parse(const struct nlmsghdr *nlh, struct nf_expect *exp)
exp->timeout = ntohl(mnl_attr_get_u32(tb[CTA_EXPECT_TIMEOUT]));
set_bit(ATTR_EXP_TIMEOUT, exp->set);
}
-
if (tb[CTA_EXPECT_ZONE]) {
exp->zone = ntohs(mnl_attr_get_u16(tb[CTA_EXPECT_ZONE]));
set_bit(ATTR_EXP_ZONE, exp->set);
}
-
if (tb[CTA_EXPECT_FLAGS]) {
exp->flags = ntohl(mnl_attr_get_u32(tb[CTA_EXPECT_FLAGS]));
set_bit(ATTR_EXP_FLAGS, exp->set);
}
-
if (tb[CTA_EXPECT_HELP_NAME]) {
strncpy(exp->helper_name,
mnl_attr_get_str(tb[CTA_EXPECT_HELP_NAME]),
NFCT_HELPER_NAME_MAX);
set_bit(ATTR_EXP_HELPER_NAME, exp->set);
}
+ if (tb[CTA_EXPECT_CLASS]) {
+ exp->class = ntohl(mnl_attr_get_u32(tb[CTA_EXPECT_CLASS]));
+ set_bit(ATTR_EXP_CLASS, exp->set);
+ }
+ if (tb[CTA_EXPECT_NAT])
+ nfexp_nlmsg_parse_nat(nfg, tb[CTA_EXPECT_NAT], exp);
+
+ if (tb[CTA_EXPECT_FN]) {
+ strncpy(exp->expectfn, mnl_attr_get_payload(tb[CTA_EXPECT_FN]),
+ __NFCT_EXPECTFN_MAX);
+ exp->expectfn[__NFCT_EXPECTFN_MAX - 1] = '\0';
+ set_bit(ATTR_EXP_FN, exp->set);
+ }
+
return 0;
}