src: allow to use nfct handler for conntrack and expectations at the same time

This patch re-works the callback handling to allow the use the same socket
to send/receive commands and listen to events of both conntrack and
expectation subsystems. Now you can register one callback for conntrack
and one for expectation with the same handler with no problems (before
this patch, this was not possible, you required two different handlers).

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

3 files changed, 77 insertions, 1 deletions

diff --git a/utils/.gitignore b/utils/.gitignore
index 7dd7bb8..04897ba 100644
--- a/utils/.gitignore
+++ b/utils/.gitignore
@@ -16,3 +16,4 @@
 /expect_events
 /expect_flush
 /expect_get
+/ctexp_events
diff --git a/utils/Makefile.am b/utils/Makefile.am
index ec4bb85..dcb3fec 100644
--- a/utils/Makefile.am
+++ b/utils/Makefile.am
@@ -6,7 +6,8 @@ check_PROGRAMS = expect_dump expect_create expect_get expect_delete \
 	       conntrack_delete conntrack_flush conntrack_create_nat \
 	       conntrack_get conntrack_events \
 	       conntrack_master conntrack_filter \
-	       conntrack_grp_create
+	       conntrack_grp_create \
+	       ctexp_events
 
 conntrack_grp_create_SOURCES = conntrack_grp_create.c
 conntrack_grp_create_LDADD = ../src/libnetfilter_conntrack.la
@@ -79,3 +80,7 @@ expect_flush_LDFLAGS = -dynamic -ldl
 expect_events_SOURCES = expect_events.c
 expect_events_LDADD = ../src/libnetfilter_conntrack.la
 expect_events_LDFLAGS = -dynamic -ldl
+
+ctexp_events_SOURCES = ctexp_events.c
+ctexp_events_LDADD = ../src/libnetfilter_conntrack.la
+ctexp_events_LDFLAGS = -dynamic -ldl
diff --git a/utils/ctexp_events.c b/utils/ctexp_events.c
new file mode 100644
index 0000000..1df5729
--- /dev/null
+++ b/utils/ctexp_events.c
@@ -0,0 +1,70 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+
+#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
+
+static int n = 0;
+
+static int
+ct_event_cb(enum nf_conntrack_msg_type type,struct nf_conntrack *ct, void *data)
+{
+	char buf[1024];
+
+	nfct_snprintf(buf, 1024, ct, type, NFCT_O_PLAIN, NFCT_OF_TIME);
+	printf("[CT] %s\n", buf);
+
+	if (++n == 20)
+		return NFCT_CB_STOP;
+
+	return NFCT_CB_CONTINUE;
+}
+
+static int
+exp_event_cb(enum nf_conntrack_msg_type type,struct nf_expect *exp, void *data)
+{
+	char buf[1024];
+
+	nfexp_snprintf(buf, 1024, exp, type, NFCT_O_DEFAULT, 0);
+	printf("[EXP] %s\n", buf);
+
+	if (++n == 20)
+		return NFCT_CB_STOP;
+
+	return NFCT_CB_CONTINUE;
+}
+
+int main(void)
+{
+	int ret = 0;
+	struct nfct_handle *h;
+
+	h = nfct_open(NFNL_SUBSYS_NONE, NF_NETLINK_CONNTRACK_EXP_NEW |
+					NF_NETLINK_CONNTRACK_EXP_UPDATE |
+					NF_NETLINK_CONNTRACK_EXP_DESTROY |
+					NF_NETLINK_CONNTRACK_NEW |
+					NF_NETLINK_CONNTRACK_UPDATE |
+					NF_NETLINK_CONNTRACK_DESTROY);
+	if (h == NULL) {
+		perror("nfct_open");
+		return -1;
+	}
+
+	nfexp_callback_register(h, NFCT_T_ALL, exp_event_cb, NULL);
+	nfct_callback_register(h, NFCT_T_ALL, ct_event_cb, NULL);
+
+	printf("TEST: waiting for 20 expectation events...\n");
+
+	/* we may use nfexp_catch() instead, it would also work. */
+	ret = nfct_catch(h);
+
+	printf("TEST: expectation events ");
+	if (ret == -1)
+		printf("(%d)(%s)\n", ret, strerror(errno));
+	else
+		printf("(OK)\n");
+
+	nfct_close(h);
+
+	ret == -1 ? exit(EXIT_FAILURE) : exit(EXIT_SUCCESS);
+}