From 19f35b21dbe2bb4386eeced4e0d87f3b2e1dd8bf Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 14 Jul 2009 17:16:08 +0200 Subject: src: add support for DCCP 64-bits sequence number tracking From: Pablo Neira Ayuso This patch adds the support for the DCCP sequence number tracking that is included in the upcoming Linux kernel 2.6.31. Signed-off-by: Pablo Neira Ayuso --- src/conntrack/api.c | 29 +++++++++++++++++++++++++++++ src/conntrack/build.c | 5 +++++ src/conntrack/copy.c | 7 +++++++ src/conntrack/getter.c | 6 ++++++ src/conntrack/parse.c | 5 +++++ src/conntrack/setter.c | 6 ++++++ 6 files changed, 58 insertions(+) (limited to 'src') diff --git a/src/conntrack/api.c b/src/conntrack/api.c index 0639b5f..56a3a8a 100644 --- a/src/conntrack/api.c +++ b/src/conntrack/api.c @@ -340,6 +340,19 @@ void nfct_set_attr_u32(struct nf_conntrack *ct, nfct_set_attr(ct, type, &value); } +/** + * nfct_set_attr_u64 - set the value of a certain conntrack attribute + * @ct: pointer to a valid conntrack + * @type: attribute type + * @value: unsigned 64 bits attribute value + */ +void nfct_set_attr_u64(struct nf_conntrack *ct, + const enum nf_conntrack_attr type, + u_int64_t value) +{ + nfct_set_attr(ct, type, &value); +} + /** * nfct_get_attr - get a conntrack attribute * ct: pointer to a valid conntrack @@ -416,6 +429,22 @@ u_int32_t nfct_get_attr_u32(const struct nf_conntrack *ct, return ret == NULL ? 0 : *ret; } +/** + * nfct_get_attr_u64 - get attribute of unsigned 32-bits long + * @ct: pointer to a valid conntrack + * @type: attribute type + * + * Returns the value of the requested attribute, if the attribute is not + * set, 0 is returned. In order to check if the attribute is set or not, + * use nfct_attr_is_set. + */ +u_int64_t nfct_get_attr_u64(const struct nf_conntrack *ct, + const enum nf_conntrack_attr type) +{ + const u_int64_t *ret = nfct_get_attr(ct, type); + return ret == NULL ? 0 : *ret; +} + /** * nfct_attr_is_set - check if a certain attribute is set * @ct: pointer to a valid conntrack object diff --git a/src/conntrack/build.c b/src/conntrack/build.c index c739396..4f2307f 100644 --- a/src/conntrack/build.c +++ b/src/conntrack/build.c @@ -160,6 +160,11 @@ static void __build_protoinfo(struct nfnlhdr *req, size_t size, CTA_PROTOINFO_DCCP_ROLE, &ct->protoinfo.dccp.role, sizeof(u_int8_t)); + if (test_bit(ATTR_DCCP_SEQ, ct->set)) + nfnl_addattr_l(&req->nlh, size, + CTA_PROTOINFO_DCCP_SEQ, + &ct->protoinfo.dccp.seq, + sizeof(u_int64_t)); nfnl_nest_end(&req->nlh, nest_proto); nfnl_nest_end(&req->nlh, nest); default: diff --git a/src/conntrack/copy.c b/src/conntrack/copy.c index 90eea03..a76edf4 100644 --- a/src/conntrack/copy.c +++ b/src/conntrack/copy.c @@ -256,6 +256,12 @@ static void copy_attr_dccp_role(struct nf_conntrack *dest, dest->protoinfo.dccp.role = orig->protoinfo.dccp.role; } +static void copy_attr_dccp_seq(struct nf_conntrack *dest, + const struct nf_conntrack *orig) +{ + dest->protoinfo.dccp.seq = orig->protoinfo.dccp.seq; +} + static void copy_attr_snat_ipv4(struct nf_conntrack *dest, const struct nf_conntrack *orig) { @@ -448,4 +454,5 @@ copy_attr copy_attr_array[ATTR_MAX] = { [ATTR_HELPER_NAME] = copy_attr_helper_name, [ATTR_DCCP_STATE] = copy_attr_dccp_state, [ATTR_DCCP_ROLE] = copy_attr_dccp_role, + [ATTR_DCCP_SEQ] = copy_attr_dccp_seq, }; diff --git a/src/conntrack/getter.c b/src/conntrack/getter.c index 6e50a5b..4314058 100644 --- a/src/conntrack/getter.c +++ b/src/conntrack/getter.c @@ -297,6 +297,11 @@ static const void *get_attr_dccp_role(const struct nf_conntrack *ct) return &ct->protoinfo.dccp.role; } +static const void *get_attr_dccp_seq(const struct nf_conntrack *ct) +{ + return &ct->protoinfo.dccp.seq; +} + get_attr get_attr_array[ATTR_MAX] = { [ATTR_ORIG_IPV4_SRC] = get_attr_orig_ipv4_src, [ATTR_ORIG_IPV4_DST] = get_attr_orig_ipv4_dst, @@ -356,4 +361,5 @@ get_attr get_attr_array[ATTR_MAX] = { [ATTR_HELPER_NAME] = get_attr_helper_name, [ATTR_DCCP_STATE] = get_attr_dccp_state, [ATTR_DCCP_ROLE] = get_attr_dccp_role, + [ATTR_DCCP_SEQ] = get_attr_dccp_seq, }; diff --git a/src/conntrack/parse.c b/src/conntrack/parse.c index 98e4d7d..99dc913 100644 --- a/src/conntrack/parse.c +++ b/src/conntrack/parse.c @@ -261,6 +261,11 @@ static void __parse_protoinfo_dccp(const struct nfattr *attr, *(u_int8_t *)NFA_DATA(tb[CTA_PROTOINFO_DCCP_ROLE-1]); set_bit(ATTR_DCCP_ROLE, ct->set); } + if (tb[CTA_PROTOINFO_DCCP_SEQ-1]) { + ct->protoinfo.dccp.seq = + *(u_int64_t *)NFA_DATA(tb[CTA_PROTOINFO_DCCP_SEQ-1]); + set_bit(ATTR_DCCP_SEQ, ct->set); + } } static void __parse_protoinfo(const struct nfattr *attr, diff --git a/src/conntrack/setter.c b/src/conntrack/setter.c index 3fe74c5..da7d4b1 100644 --- a/src/conntrack/setter.c +++ b/src/conntrack/setter.c @@ -324,6 +324,11 @@ static void set_attr_dccp_role(struct nf_conntrack *ct, const void *value) ct->protoinfo.dccp.role = *((u_int8_t *) value); } +static void set_attr_dccp_seq(struct nf_conntrack *ct, const void *value) +{ + ct->protoinfo.dccp.seq = *((u_int64_t *) value); +} + static void set_attr_do_nothing(struct nf_conntrack *ct, const void *value) {} set_attr set_attr_array[ATTR_MAX] = { @@ -385,4 +390,5 @@ set_attr set_attr_array[ATTR_MAX] = { [ATTR_HELPER_NAME] = set_attr_helper_name, [ATTR_DCCP_STATE] = set_attr_dccp_state, [ATTR_DCCP_ROLE] = set_attr_dccp_role, + [ATTR_DCCP_SEQ] = set_attr_dccp_seq, }; -- cgit v1.2.3