summaryrefslogtreecommitdiffstats
path: root/src/conntrack/filter_dump.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/conntrack/filter_dump.c')
-rw-r--r--src/conntrack/filter_dump.c46
1 files changed, 29 insertions, 17 deletions
diff --git a/src/conntrack/filter_dump.c b/src/conntrack/filter_dump.c
index 3894d06..fd2d002 100644
--- a/src/conntrack/filter_dump.c
+++ b/src/conntrack/filter_dump.c
@@ -8,6 +8,7 @@
*/
#include "internal/internal.h"
+#include <libmnl/libmnl.h>
static void
set_filter_dump_attr_mark(struct nfct_filter_dump *filter_dump,
@@ -36,29 +37,40 @@ set_filter_dump_attr_family(struct nfct_filter_dump *filter_dump,
filter_dump->l3num = *((uint8_t *)value);
}
+static void
+set_filter_dump_attr_zone(struct nfct_filter_dump *filter_dump,
+ const void *value)
+{
+ filter_dump->zone = *((uint16_t *)value);
+}
+
+static void
+set_filter_dump_attr_tuple(struct nfct_filter_dump *filter_dump,
+ const void *value)
+{
+ memcpy(&filter_dump->ct, value, sizeof(struct nf_conntrack));
+}
+
const set_filter_dump_attr set_filter_dump_attr_array[NFCT_FILTER_DUMP_MAX] = {
[NFCT_FILTER_DUMP_MARK] = set_filter_dump_attr_mark,
[NFCT_FILTER_DUMP_L3NUM] = set_filter_dump_attr_family,
[NFCT_FILTER_DUMP_STATUS] = set_filter_dump_attr_status,
+ [NFCT_FILTER_DUMP_ZONE] = set_filter_dump_attr_zone,
+ [NFCT_FILTER_DUMP_TUPLE] = set_filter_dump_attr_tuple,
};
-void __build_filter_dump(struct nfnlhdr *req, size_t size,
- const struct nfct_filter_dump *filter_dump)
+int __build_filter_dump(struct nfnlhdr *req, size_t size,
+ const struct nfct_filter_dump *filter_dump)
{
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_MARK)) {
- nfnl_addattr32(&req->nlh, size, CTA_MARK,
- htonl(filter_dump->mark.val));
- nfnl_addattr32(&req->nlh, size, CTA_MARK_MASK,
- htonl(filter_dump->mark.mask));
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_L3NUM)) {
- struct nfgenmsg *nfg = NLMSG_DATA(&req->nlh);
- nfg->nfgen_family = filter_dump->l3num;
- }
- if (filter_dump->set & (1 << NFCT_FILTER_DUMP_STATUS)) {
- nfnl_addattr32(&req->nlh, size, CTA_STATUS,
- htonl(filter_dump->status.val));
- nfnl_addattr32(&req->nlh, size, CTA_STATUS_MASK,
- htonl(filter_dump->status.mask));
+ return nfct_nlmsg_build_filter(&req->nlh, filter_dump);
+}
+
+int __build_filter_flush(struct nfnlhdr *req, size_t size,
+ const struct nfct_filter_dump *filter_dump)
+{
+ if (filter_dump->set & (1 << NFCT_FILTER_DUMP_TUPLE)) {
+ errno = ENOTSUP;
+ return -1;
}
+ return nfct_nlmsg_build_filter(&req->nlh, filter_dump);
}