From cdf0d6c32f5c6c7c3071d35fa770eaf62fbad312 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 17 Feb 2009 21:36:43 +0100 Subject: src: remove old deprecated API This patch removes the first API version which was scheduled in 2007. That API had several major limitations that the new one solved. I don't know of any known existing client of this old API. Signed-off-by: Pablo Neira Ayuso --- src/deprecated/l3extensions/Makefile.am | 9 -- .../l3extensions/libnetfilter_conntrack_ipv4.c | 88 ----------------- .../l3extensions/libnetfilter_conntrack_ipv6.c | 109 --------------------- 3 files changed, 206 deletions(-) delete mode 100644 src/deprecated/l3extensions/Makefile.am delete mode 100644 src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c delete mode 100644 src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c (limited to 'src/deprecated/l3extensions') diff --git a/src/deprecated/l3extensions/Makefile.am b/src/deprecated/l3extensions/Makefile.am deleted file mode 100644 index f8cb0a2..0000000 --- a/src/deprecated/l3extensions/Makefile.am +++ /dev/null @@ -1,9 +0,0 @@ -include $(top_srcdir)/Make_global.am - -AM_CFLAGS=-fPIC -Wall -LIBS = @LIBNFCONNTRACK_LIBS@ - -noinst_LTLIBRARIES = libnfct_l3proto_ipv4.la libnfct_l3proto_ipv6.la - -libnfct_l3proto_ipv4_la_SOURCES = libnetfilter_conntrack_ipv4.c -libnfct_l3proto_ipv6_la_SOURCES = libnetfilter_conntrack_ipv6.c diff --git a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c deleted file mode 100644 index fb84a6f..0000000 --- a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv4.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * (C) 2005 by Pablo Neira Ayuso - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - */ -#include -#include -#include /* For htons */ -#include -#include -#include - -#include "internal/deprecated.h" - -static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple) -{ - if (cda[CTA_IP_V4_SRC-1]) - tuple->src.v4 = *(u_int32_t *)NFA_DATA(cda[CTA_IP_V4_SRC-1]); - - if (cda[CTA_IP_V4_DST-1]) - tuple->dst.v4 = *(u_int32_t *)NFA_DATA(cda[CTA_IP_V4_DST-1]); -} - -static void build_tuple_proto(struct nfnlhdr *req, int size, - struct nfct_tuple *t) -{ - nfnl_addattr_l(&req->nlh, size, CTA_IP_V4_SRC, &t->src.v4, - sizeof(u_int32_t)); - nfnl_addattr_l(&req->nlh, size, CTA_IP_V4_DST, &t->dst.v4, - sizeof(u_int32_t)); -} - -static int print_proto(char *buf, struct nfct_tuple *tuple) -{ - struct in_addr src = { .s_addr = tuple->src.v4 }; - struct in_addr dst = { .s_addr = tuple->dst.v4 }; - int size; - - size = sprintf(buf, "src=%s ", inet_ntoa(src)); - size += sprintf(buf+size, "dst=%s ", inet_ntoa(dst)); - - return size; -} - -static int compare(struct nfct_conntrack *ct1, - struct nfct_conntrack *ct2, - unsigned int flags) -{ - if (flags & IPV4_ORIG) - if (ct1->tuple[NFCT_DIR_ORIGINAL].l3protonum != - ct2->tuple[NFCT_DIR_ORIGINAL].l3protonum) - return 0; - if (flags & IPV4_REPL) - if (ct1->tuple[NFCT_DIR_REPLY].l3protonum != - ct2->tuple[NFCT_DIR_REPLY].l3protonum) - return 0; - if (flags & IPV4_ORIG_SRC) - if (ct1->tuple[NFCT_DIR_ORIGINAL].src.v4 != - ct2->tuple[NFCT_DIR_ORIGINAL].src.v4) - return 0; - if (flags & IPV4_ORIG_DST) - if (ct1->tuple[NFCT_DIR_ORIGINAL].dst.v4 != - ct2->tuple[NFCT_DIR_ORIGINAL].dst.v4) - return 0; - if (flags & IPV4_REPL_SRC) - if (ct1->tuple[NFCT_DIR_REPLY].src.v4 != - ct2->tuple[NFCT_DIR_REPLY].src.v4) - return 0; - if (flags & IPV4_REPL_DST) - if (ct1->tuple[NFCT_DIR_REPLY].dst.v4 != - ct2->tuple[NFCT_DIR_REPLY].dst.v4) - return 0; - - return 1; -} - -struct nfct_l3proto ipv4 = { - .name = "ipv4", - .protonum = AF_INET, - .parse_proto = parse_proto, - .build_tuple_proto = build_tuple_proto, - .print_proto = print_proto, - .compare = compare, - .version = VERSION -}; diff --git a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c b/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c deleted file mode 100644 index dc13395..0000000 --- a/src/deprecated/l3extensions/libnetfilter_conntrack_ipv6.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * (C) 2005 by Pablo Neira Ayuso - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - */ -#include -#include -#include -#include -#include /* For htons */ -#include -#include -#include -#include - -#include "internal/deprecated.h" - -#ifndef HAVE_INET_NTOP_IPV6 -#warning "inet_ntop does not support IPv6" -#endif - -static void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple) -{ - if (cda[CTA_IP_V6_SRC-1]) - memcpy(tuple->src.v6, NFA_DATA(cda[CTA_IP_V6_SRC-1]), - sizeof(u_int32_t)*4); - - if (cda[CTA_IP_V6_DST-1]) - memcpy(tuple->dst.v6, NFA_DATA(cda[CTA_IP_V6_DST-1]), - sizeof(u_int32_t)*4); -} - -static void build_tuple_proto(struct nfnlhdr *req, int size, - struct nfct_tuple *t) -{ - nfnl_addattr_l(&req->nlh, size, CTA_IP_V6_SRC, &t->src.v6, - sizeof(u_int32_t)*4); - nfnl_addattr_l(&req->nlh, size, CTA_IP_V6_DST, &t->dst.v6, - sizeof(u_int32_t)*4); -} - -static int print_proto(char *buf, struct nfct_tuple *tuple) -{ - struct in6_addr src; - struct in6_addr dst; - char tmp[INET6_ADDRSTRLEN]; - int size; - - memcpy(&src, tuple->src.v6, sizeof(struct in6_addr)); - memcpy(&dst, tuple->dst.v6, sizeof(struct in6_addr)); - - if (!inet_ntop(AF_INET6, &src, tmp, sizeof(tmp))) - return 0; - size = sprintf(buf, "src=%s ", tmp); - if (!inet_ntop(AF_INET6, &dst, tmp, sizeof(tmp))) - return 0; - size += sprintf(buf + size, "dst=%s ", tmp); - - return size; -} - -static int compare(struct nfct_conntrack *ct1, - struct nfct_conntrack *ct2, - unsigned int flags) -{ - if (flags & IPV6_ORIG) - if (ct1->tuple[NFCT_DIR_ORIGINAL].l3protonum != - ct2->tuple[NFCT_DIR_ORIGINAL].l3protonum) - return 0; - if (flags & IPV6_REPL) - if (ct1->tuple[NFCT_DIR_REPLY].l3protonum != - ct2->tuple[NFCT_DIR_REPLY].l3protonum) - return 0; - if (flags & IPV6_ORIG_SRC) - if (memcmp(ct1->tuple[NFCT_DIR_ORIGINAL].src.v6, - ct2->tuple[NFCT_DIR_ORIGINAL].src.v6, - sizeof(u_int32_t)*4) == 0) - return 0; - if (flags & IPV6_ORIG_DST) - if (memcmp(ct1->tuple[NFCT_DIR_ORIGINAL].dst.v6, - ct2->tuple[NFCT_DIR_ORIGINAL].dst.v6, - sizeof(u_int32_t)*4) == 0) - return 0; - if (flags & IPV6_REPL_SRC) - if (memcmp(ct1->tuple[NFCT_DIR_REPLY].src.v6, - ct2->tuple[NFCT_DIR_REPLY].src.v6, - sizeof(u_int32_t)*4) == 0) - return 0; - if (flags & IPV6_REPL_DST) - if (memcmp(ct1->tuple[NFCT_DIR_REPLY].dst.v6, - ct2->tuple[NFCT_DIR_REPLY].dst.v6, - sizeof(u_int32_t)*4) == 0) - return 0; - - return 1; -} - -struct nfct_l3proto ipv6 = { - .name = "ipv6", - .protonum = AF_INET6, - .parse_proto = parse_proto, - .build_tuple_proto = build_tuple_proto, - .print_proto = print_proto, - .compare = compare, - .version = VERSION -}; -- cgit v1.2.3