diff options
author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2014-10-20 13:52:18 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-10-21 09:57:52 +0200 |
commit | b858137bf744126531c50643587be328310f0280 (patch) | |
tree | e5ca340b5c27a970ce09ab5b99f0399ea4cccb7d /src | |
parent | fa22d7b058016ed748b78c7b9b65ce593f1d2e8c (diff) |
utils: fix arp family number
NFPROTO_ARP = 3 in kernel space.
We need the same value here in userspace in order to correctly communicate
with the kernel.
The failure solved by this patch made that {XML|JSON}-parsed tables of ARP
family unable to be directly injected into kernel.
To prevent future errors, this patch changes raw and AF_* values by the mathing
NFPROTO_* couterpart as seen in linux/netfilter.h in both functions:
* nft_family2str()
* nft_str2family()
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/utils.c | 43 |
1 files changed, 20 insertions, 23 deletions
diff --git a/src/utils.c b/src/utils.c index d70fbf1..9013b68 100644 --- a/src/utils.c +++ b/src/utils.c @@ -20,36 +20,33 @@ #include <linux/netfilter.h> #include <linux/netfilter/nf_tables.h> +static const char *const nft_family_str[NFPROTO_NUMPROTO] = { + [NFPROTO_INET] = "inet", + [NFPROTO_IPV4] = "ip", + [NFPROTO_ARP] = "arp", + [NFPROTO_BRIDGE] = "bridge", + [NFPROTO_IPV6] = "ip6", +}; + const char *nft_family2str(uint32_t family) { - switch (family) { - case AF_INET: - return "ip"; - case AF_INET6: - return "ip6"; - case 1: - return "inet"; - case AF_BRIDGE: - return "bridge"; - case 3: /* NFPROTO_ARP */ - return "arp"; - default: + if (nft_family_str[family] == NULL) return "unknown"; - } + + return nft_family_str[family]; } int nft_str2family(const char *family) { - if (strcmp(family, "ip") == 0) - return AF_INET; - else if (strcmp(family, "ip6") == 0) - return AF_INET6; - else if (strcmp(family, "inet") == 0) - return 1; - else if (strcmp(family, "bridge") == 0) - return AF_BRIDGE; - else if (strcmp(family, "arp") == 0) - return 0; + int i; + + for (i = 0; i < NFPROTO_NUMPROTO; i++) { + if (nft_family_str[i] == NULL) + continue; + + if (strcmp(nft_family_str[i], family) == 0) + return i; + } errno = EAFNOSUPPORT; return -1; |