summaryrefslogtreecommitdiffstats
path: root/src/conntrack/setter.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/conntrack/setter.c')
-rw-r--r--src/conntrack/setter.c191
1 files changed, 133 insertions, 58 deletions
diff --git a/src/conntrack/setter.c b/src/conntrack/setter.c
index afab94f..dbcd68e 100644
--- a/src/conntrack/setter.c
+++ b/src/conntrack/setter.c
@@ -37,67 +37,80 @@ static const u_int8_t invmap_icmpv6[] = {
[ICMPV6_NI_REPLY - 128] = ICMPV6_NI_REPLY + 1
};
-static void set_attr_orig_ipv4_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_ipv4_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.src.v4 = *((u_int32_t *) value);
}
-static void set_attr_orig_ipv4_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_ipv4_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.dst.v4 = *((u_int32_t *) value);
}
-static void set_attr_repl_ipv4_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_ipv4_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.src.v4 = *((u_int32_t *) value);
}
-static void set_attr_repl_ipv4_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_ipv4_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.dst.v4 = *((u_int32_t *) value);
}
-static void set_attr_orig_ipv6_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_ipv6_src(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->head.orig.src.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_orig_ipv6_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_ipv6_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->head.orig.dst.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_repl_ipv6_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_ipv6_src(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->repl.src.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_repl_ipv6_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_ipv6_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->repl.dst.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_orig_port_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_port_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.l4src.all = *((u_int16_t *) value);
}
-static void set_attr_orig_port_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_port_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.l4dst.all = *((u_int16_t *) value);
}
-static void set_attr_repl_port_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_port_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.l4src.all = *((u_int16_t *) value);
}
-static void set_attr_repl_port_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_port_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.l4dst.all = *((u_int16_t *) value);
}
-static void set_attr_icmp_type(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_icmp_type(struct nf_conntrack *ct, const void *value, size_t len)
{
u_int8_t rtype;
@@ -123,231 +136,292 @@ static void set_attr_icmp_type(struct nf_conntrack *ct, const void *value)
}
-static void set_attr_icmp_code(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_icmp_code(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.l4dst.icmp.code = *((u_int8_t *) value);
ct->repl.l4dst.icmp.code = *((u_int8_t *) value);
}
-static void set_attr_icmp_id(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_icmp_id(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.l4src.icmp.id = *((u_int16_t *) value);
ct->repl.l4src.icmp.id = *((u_int16_t *) value);
}
-static void set_attr_orig_l3proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_l3proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.l3protonum = *((u_int8_t *) value);
}
-static void set_attr_repl_l3proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_l3proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.l3protonum = *((u_int8_t *) value);
}
-static void set_attr_orig_l4proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_l4proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->head.orig.protonum = *((u_int8_t *) value);
}
-static void set_attr_repl_l4proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_l4proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->repl.protonum = *((u_int8_t *) value);
}
-static void set_attr_tcp_state(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_state(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.state = *((u_int8_t *) value);
}
-static void set_attr_tcp_flags_orig(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_flags_orig(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.flags[__DIR_ORIG].value = *((u_int8_t *) value);
}
-static void set_attr_tcp_mask_orig(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_mask_orig(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.flags[__DIR_ORIG].mask = *((u_int8_t *) value);
}
-static void set_attr_tcp_flags_repl(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_flags_repl(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.flags[__DIR_REPL].value = *((u_int8_t *) value);
}
-static void set_attr_tcp_mask_repl(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_mask_repl(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.flags[__DIR_REPL].mask = *((u_int8_t *) value);
}
-static void set_attr_sctp_state(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_sctp_state(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.sctp.state = *((u_int8_t *) value);
}
-static void set_attr_sctp_vtag_orig(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_sctp_vtag_orig(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.sctp.vtag[__DIR_ORIG] = *((u_int32_t *) value);
}
-static void set_attr_sctp_vtag_repl(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_sctp_vtag_repl(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.sctp.vtag[__DIR_REPL] = *((u_int32_t *) value);
}
-static void set_attr_snat_ipv4(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_snat_ipv4(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->snat.min_ip = ct->snat.max_ip = *((u_int32_t *) value);
}
-static void set_attr_dnat_ipv4(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_dnat_ipv4(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->dnat.min_ip = ct->snat.max_ip = *((u_int32_t *) value);
}
-static void set_attr_snat_port(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_snat_port(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->snat.l4min.all = ct->snat.l4max.all = *((u_int16_t *) value);
}
-static void set_attr_dnat_port(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_dnat_port(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->dnat.l4min.all = ct->dnat.l4max.all = *((u_int16_t *) value);
}
-static void set_attr_timeout(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_timeout(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->timeout = *((u_int32_t *) value);
}
-static void set_attr_mark(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_mark(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->mark = *((u_int32_t *) value);
}
-static void set_attr_secmark(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_secmark(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->secmark = *((u_int32_t *) value);
}
-static void set_attr_status(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_status(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->status = *((u_int32_t *) value);
}
-static void set_attr_id(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_id(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->id = *((u_int32_t *) value);
}
-static void set_attr_master_ipv4_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_ipv4_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.src.v4 = *((u_int32_t *) value);
}
-static void set_attr_master_ipv4_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_ipv4_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.dst.v4 = *((u_int32_t *) value);
}
-static void set_attr_master_ipv6_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_ipv6_src(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->master.src.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_master_ipv6_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_ipv6_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
memcpy(&ct->master.dst.v6, value, sizeof(u_int32_t)*4);
}
-static void set_attr_master_port_src(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_port_src(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.l4src.all = *((u_int16_t *) value);
}
-static void set_attr_master_port_dst(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_port_dst(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.l4dst.all = *((u_int16_t *) value);
}
-static void set_attr_master_l3proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_l3proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.l3protonum = *((u_int8_t *) value);
}
-static void set_attr_master_l4proto(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_master_l4proto(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->master.protonum = *((u_int8_t *) value);
}
-static void set_attr_orig_cor_pos(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_cor_pos(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_ORIG].correction_pos = *((u_int32_t *) value);
}
-static void set_attr_orig_off_bfr(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_off_bfr(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_ORIG].offset_before = *((u_int32_t *) value);
}
-static void set_attr_orig_off_aft(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_orig_off_aft(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_ORIG].offset_after = *((u_int32_t *) value);
}
-static void set_attr_repl_cor_pos(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_cor_pos(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_REPL].correction_pos = *((u_int32_t *) value);
}
-static void set_attr_repl_off_bfr(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_off_bfr(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_REPL].offset_before = *((u_int32_t *) value);
}
-static void set_attr_repl_off_aft(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_repl_off_aft(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->natseq[__DIR_REPL].offset_after = *((u_int32_t *) value);
}
-static void set_attr_helper_name(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_helper_name(struct nf_conntrack *ct, const void *value, size_t len)
{
strncpy(ct->helper_name, value, NFCT_HELPER_NAME_MAX);
ct->helper_name[NFCT_HELPER_NAME_MAX-1] = '\0';
}
-static void set_attr_dccp_state(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_dccp_state(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.dccp.state = *((u_int8_t *) value);
}
-static void set_attr_dccp_role(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_dccp_role(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.dccp.role = *((u_int8_t *) value);
}
static void
-set_attr_dccp_handshake_seq(struct nf_conntrack *ct, const void *value)
+set_attr_dccp_handshake_seq(struct nf_conntrack *ct, const void *value,
+ size_t len)
{
ct->protoinfo.dccp.handshake_seq = *((u_int64_t *) value);
}
-static void set_attr_tcp_wscale_orig(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_wscale_orig(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.wscale[__DIR_ORIG] = *((u_int8_t *) value);
}
-static void set_attr_tcp_wscale_repl(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_tcp_wscale_repl(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->protoinfo.tcp.wscale[__DIR_REPL] = *((u_int8_t *) value);
}
-static void set_attr_zone(struct nf_conntrack *ct, const void *value)
+static void
+set_attr_zone(struct nf_conntrack *ct, const void *value, size_t len)
{
ct->zone = *((u_int16_t *) value);
}
-static void set_attr_do_nothing(struct nf_conntrack *ct, const void *value) {}
+static void
+set_attr_helper_info(struct nf_conntrack *ct, const void *value, size_t len)
+{
+ if (ct->helper_info == NULL) {
+retry:
+ ct->helper_info = calloc(1, len);
+ if (ct->helper_info == NULL)
+ return;
+
+ memcpy(ct->helper_info, value, len);
+ } else {
+ free(ct->helper_info);
+ goto retry;
+ }
+}
+
+static void
+set_attr_do_nothing(struct nf_conntrack *ct, const void *value, size_t len) {}
const set_attr set_attr_array[ATTR_MAX] = {
[ATTR_ORIG_IPV4_SRC] = set_attr_orig_ipv4_src,
@@ -415,4 +489,5 @@ const set_attr set_attr_array[ATTR_MAX] = {
[ATTR_SECCTX] = set_attr_do_nothing,
[ATTR_TIMESTAMP_START] = set_attr_do_nothing,
[ATTR_TIMESTAMP_STOP] = set_attr_do_nothing,
+ [ATTR_HELPER_INFO] = set_attr_helper_info,
};