summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2021-02-20 16:18:13 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2021-03-01 16:18:22 +0100
commit985955fe41f53019d0def894cf9b697228e4b774 (patch)
tree70f402941745ce8e4fa01a1ce67a0973332bcf4a
parentc3fdda6ac8675aea9b35772458544f03157be415 (diff)
table: add table owner support
Add support for NFTA_TABLE_OWNER. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--include/libnftnl/table.h1
-rw-r--r--include/linux/netfilter/nf_tables.h1
-rw-r--r--src/table.c14
3 files changed, 15 insertions, 1 deletions
diff --git a/include/libnftnl/table.h b/include/libnftnl/table.h
index a37fba2..d28c375 100644
--- a/include/libnftnl/table.h
+++ b/include/libnftnl/table.h
@@ -24,6 +24,7 @@ enum nftnl_table_attr {
NFTNL_TABLE_USE,
NFTNL_TABLE_HANDLE,
NFTNL_TABLE_USERDATA,
+ NFTNL_TABLE_OWNER,
__NFTNL_TABLE_MAX
};
#define NFTNL_TABLE_MAX (__NFTNL_TABLE_MAX - 1)
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 5cf3faf..b21be8a 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -181,6 +181,7 @@ enum nft_table_attributes {
NFTA_TABLE_HANDLE,
NFTA_TABLE_PAD,
NFTA_TABLE_USERDATA,
+ NFTA_TABLE_OWNER,
__NFTA_TABLE_MAX
};
#define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1)
diff --git a/src/table.c b/src/table.c
index 731c818..32f1bf7 100644
--- a/src/table.c
+++ b/src/table.c
@@ -34,6 +34,7 @@ struct nftnl_table {
uint64_t handle;
uint32_t use;
uint32_t flags;
+ uint32_t owner;
struct {
void *data;
uint32_t len;
@@ -76,8 +77,8 @@ void nftnl_table_unset(struct nftnl_table *t, uint16_t attr)
case NFTNL_TABLE_FLAGS:
case NFTNL_TABLE_HANDLE:
case NFTNL_TABLE_FAMILY:
- break;
case NFTNL_TABLE_USE:
+ case NFTNL_TABLE_OWNER:
break;
}
t->flags &= ~(1 << attr);
@@ -127,6 +128,9 @@ int nftnl_table_set_data(struct nftnl_table *t, uint16_t attr,
memcpy(t->user.data, data, data_len);
t->user.len = data_len;
break;
+ case NFTNL_TABLE_OWNER:
+ memcpy(&t->owner, data, sizeof(t->owner));
+ break;
}
t->flags |= (1 << attr);
return 0;
@@ -188,6 +192,9 @@ const void *nftnl_table_get_data(const struct nftnl_table *t, uint16_t attr,
case NFTNL_TABLE_USERDATA:
*data_len = t->user.len;
return t->user.data;
+ case NFTNL_TABLE_OWNER:
+ *data_len = sizeof(uint32_t);
+ return &t->owner;
}
return NULL;
}
@@ -258,6 +265,7 @@ static int nftnl_table_parse_attr_cb(const struct nlattr *attr, void *data)
break;
case NFTA_TABLE_FLAGS:
case NFTA_TABLE_USE:
+ case NFTA_TABLE_OWNER:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
abi_breakage();
break;
@@ -308,6 +316,10 @@ int nftnl_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_table *t)
if (ret < 0)
return ret;
}
+ if (tb[NFTA_TABLE_OWNER]) {
+ t->owner = ntohl(mnl_attr_get_u32(tb[NFTA_TABLE_OWNER]));
+ t->flags |= (1 << NFTNL_TABLE_OWNER);
+ }
t->family = nfg->nfgen_family;
t->flags |= (1 << NFTNL_TABLE_FAMILY);