From 8dbd12018152683d253ff59ca22f646a410c1a82 Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>
Date: Sun, 30 Oct 2005 14:58:23 +0000
Subject: o make static protocol handler functions o move build_tuple_proto and
 build_protoinfo to the extensions where it really belongs to. o Reworked the
 conntrack and expect netlink handlers o Fix expectation table output, now
 it's similar to the /proc output o Bumped version to 0.2.1

---
 extensions/libnetfilter_conntrack_icmp.c | 22 +++++++++++++++++----
 extensions/libnetfilter_conntrack_sctp.c | 22 +++++++++++++++------
 extensions/libnetfilter_conntrack_tcp.c  | 34 ++++++++++++++++++++++++++------
 extensions/libnetfilter_conntrack_udp.c  | 18 +++++++++++++----
 4 files changed, 76 insertions(+), 20 deletions(-)

(limited to 'extensions')

diff --git a/extensions/libnetfilter_conntrack_icmp.c b/extensions/libnetfilter_conntrack_icmp.c
index 747fedf..07997d1 100644
--- a/extensions/libnetfilter_conntrack_icmp.c
+++ b/extensions/libnetfilter_conntrack_icmp.c
@@ -16,7 +16,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 #include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
 
-void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
+static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 {
 	if (cda[CTA_PROTO_ICMP_TYPE-1])
 		tuple->l4dst.icmp.type =
@@ -31,7 +31,20 @@ void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_ICMP_ID-1]);
 }
 
-int print_proto(char *buf, struct nfct_tuple *t)
+static void build_tuple_proto(struct nfnlhdr *req, int size,
+			      struct nfct_tuple *t)
+{
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_CODE,
+		       &t->l4dst.icmp.code, sizeof(u_int8_t));
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_TYPE,
+		       &t->l4dst.icmp.type, sizeof(u_int8_t));
+	/* This is an ICMP echo */
+	if (t->l4dst.icmp.type == 8)
+		nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_ID,
+			       &t->l4src.icmp.id, sizeof(u_int16_t));
+}
+
+static int print_proto(char *buf, struct nfct_tuple *t)
 {
 	int size = 0;
 	
@@ -48,13 +61,14 @@ static struct nfct_proto icmp = {
 	.name 			= "icmp",
 	.protonum		= IPPROTO_ICMP,
 	.parse_proto		= parse_proto,
+	.build_tuple_proto	= build_tuple_proto,
 	.print_proto		= print_proto,
 	.version		= LIBNETFILTER_CONNTRACK_VERSION
 };
 
-void __attribute__ ((constructor)) init(void);
+static void __attribute__ ((constructor)) init(void);
 
-void init(void)
+static void init(void)
 {
 	nfct_register_proto(&icmp);
 }
diff --git a/extensions/libnetfilter_conntrack_sctp.c b/extensions/libnetfilter_conntrack_sctp.c
index f533287..564d641 100644
--- a/extensions/libnetfilter_conntrack_sctp.c
+++ b/extensions/libnetfilter_conntrack_sctp.c
@@ -16,7 +16,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 #include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
 
-void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
+static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 {
 	if (cda[CTA_PROTO_SRC_PORT-1])
 		tuple->l4src.sctp.port =
@@ -26,7 +26,7 @@ void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]);
 }
 
-void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
+static void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
 {
 /*	if (cda[CTA_PROTOINFO_SCTP_STATE-1])
                 ct->protoinfo.sctp.state =
@@ -34,13 +34,22 @@ void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
 */
 }
 
-int print_protoinfo(char *buf, union nfct_protoinfo *protoinfo)
+static void build_tuple_proto(struct nfnlhdr *req, int size, 
+			      struct nfct_tuple *t)
+{
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_SRC_PORT,
+		       &t->l4src.tcp.port, sizeof(u_int16_t));
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_DST_PORT,
+		       &t->l4dst.tcp.port, sizeof(u_int16_t));
+}
+
+static int print_protoinfo(char *buf, union nfct_protoinfo *protoinfo)
 {
 /*	fprintf(stdout, "%s ", states[protoinfo->sctp.state]); */
 	return 0;
 }
 
-int print_proto(char *buf, struct nfct_tuple *tuple)
+static int print_proto(char *buf, struct nfct_tuple *tuple)
 {
 	return(sprintf(buf, "sport=%u dport=%u ", htons(tuple->l4src.sctp.port),
 						  htons(tuple->l4dst.sctp.port)));
@@ -51,14 +60,15 @@ static struct nfct_proto sctp = {
 	.protonum		= IPPROTO_SCTP,
 	.parse_proto		= parse_proto,
 	.parse_protoinfo	= parse_protoinfo,
+	.build_tuple_proto	= build_tuple_proto,
 	.print_proto		= print_proto,
 	.print_protoinfo	= print_protoinfo,
 	.version		= LIBNETFILTER_CONNTRACK_VERSION
 };
 
-void __attribute__ ((constructor)) init(void);
+static void __attribute__ ((constructor)) init(void);
 
-void init(void)
+static void init(void)
 {
 	nfct_register_proto(&sctp);
 }
diff --git a/extensions/libnetfilter_conntrack_tcp.c b/extensions/libnetfilter_conntrack_tcp.c
index ecb988f..32a0971 100644
--- a/extensions/libnetfilter_conntrack_tcp.c
+++ b/extensions/libnetfilter_conntrack_tcp.c
@@ -29,7 +29,7 @@ static const char *states[] = {
 	"LISTEN"
 };
 
-void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
+static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 {
 	if (cda[CTA_PROTO_SRC_PORT-1])
 		tuple->l4src.tcp.port =
@@ -39,7 +39,7 @@ void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]);
 }
 
-void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
+static void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
 {
 	struct nfattr *tb[CTA_PROTOINFO_TCP_MAX];
 	
@@ -50,12 +50,32 @@ void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)
                         *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_TCP_STATE-1]);
 }
 
-int print_protoinfo(char *buf, union nfct_protoinfo *protoinfo)
+static void build_tuple_proto(struct nfnlhdr *req, int size,
+			      struct nfct_tuple *t)
+{
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_SRC_PORT,
+		       &t->l4src.tcp.port, sizeof(u_int16_t));
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_DST_PORT,
+		       &t->l4dst.tcp.port, sizeof(u_int16_t));
+}
+
+static void build_protoinfo(struct nfnlhdr *req, int size, 
+			    struct nfct_conntrack *ct)
+{
+	struct nfattr *nest_proto;
+
+	nest_proto = nfnl_nest(&req->nlh, size, CTA_PROTOINFO_TCP);
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTOINFO_TCP_STATE,
+		       &ct->protoinfo.tcp.state, sizeof(u_int8_t));
+	nfnl_nest_end(&req->nlh, nest_proto);
+}
+
+static int print_protoinfo(char *buf, union nfct_protoinfo *protoinfo)
 {
 	return(sprintf(buf, "%s ", states[protoinfo->tcp.state]));
 }
 
-int print_proto(char *buf, struct nfct_tuple *tuple)
+static int print_proto(char *buf, struct nfct_tuple *tuple)
 {
 	return(sprintf(buf, "sport=%u dport=%u ", htons(tuple->l4src.tcp.port),
 					          htons(tuple->l4dst.tcp.port)));
@@ -66,14 +86,16 @@ static struct nfct_proto tcp = {
 	.protonum		= IPPROTO_TCP,
 	.parse_protoinfo	= parse_protoinfo,
 	.parse_proto		= parse_proto,
+	.build_tuple_proto	= build_tuple_proto,
+	.build_protoinfo	= build_protoinfo,
 	.print_protoinfo	= print_protoinfo,
 	.print_proto		= print_proto,
 	.version		= LIBNETFILTER_CONNTRACK_VERSION
 };
 
-void __attribute__ ((constructor)) init(void);
+static void __attribute__ ((constructor)) init(void);
 
-void init(void)
+static void init(void)
 {
 	nfct_register_proto(&tcp);
 }
diff --git a/extensions/libnetfilter_conntrack_udp.c b/extensions/libnetfilter_conntrack_udp.c
index 44fd85c..2fe3da2 100644
--- a/extensions/libnetfilter_conntrack_udp.c
+++ b/extensions/libnetfilter_conntrack_udp.c
@@ -16,7 +16,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 #include <libnetfilter_conntrack/libnetfilter_conntrack_extensions.h>
 
-void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
+static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 {
 	if (cda[CTA_PROTO_SRC_PORT-1])
 		tuple->l4src.udp.port =
@@ -26,23 +26,33 @@ void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)
 			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]);
 }
 
-int print_proto(char *buf, struct nfct_tuple *tuple)
+static int print_proto(char *buf, struct nfct_tuple *tuple)
 {
 	return (sprintf(buf, "sport=%u dport=%u ", htons(tuple->l4src.udp.port),
 					           htons(tuple->l4dst.udp.port)));
 }
 
+static void build_tuple_proto(struct nfnlhdr *req, int size, 
+			      struct nfct_tuple *t)
+{
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_SRC_PORT,
+		       &t->l4src.tcp.port, sizeof(u_int16_t));
+	nfnl_addattr_l(&req->nlh, size, CTA_PROTO_DST_PORT,
+		       &t->l4dst.tcp.port, sizeof(u_int16_t));
+}
+
 static struct nfct_proto udp = {
 	.name 			= "udp",
 	.protonum		= IPPROTO_UDP,
+	.build_tuple_proto	= build_tuple_proto,
 	.parse_proto		= parse_proto,
 	.print_proto		= print_proto,
 	.version		= LIBNETFILTER_CONNTRACK_VERSION,
 };
 
-void __attribute__ ((constructor)) init(void);
+static void __attribute__ ((constructor)) init(void);
 
-void init(void)
+static void init(void)
 {
 	nfct_register_proto(&udp);
 }
-- 
cgit v1.2.3