summaryrefslogtreecommitdiffstats
path: root/src/object.c
Commit message (Collapse)AuthorAgeFilesLines
* object: fix crash when object ops is nullFlorian Westphal2017-02-271-1/+2
| | | | | | | | | when debugging nft with invalid object type (during development), this will crash here with null deref. Print (unknown) instead if obj->ops is null. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
* object: don't set NFTNL_OBJ_TYPE unless obj->ops is non-nullFlorian Westphal2017-02-271-1/+4
| | | | | | | | | If nft sets an invalid type, nftnl_obj_ops_lookup will return NULL. In this case we must not set NFTNL_OBJ_TYPE flag, else we later get crash in nftnl_obj_nlmsg_build_payload as it dereferences obj->ops. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: get rid of aliases and compatPablo Neira Ayuso2016-12-201-4/+4
| | | | | | | | | | | This machinery was introduced to avoid sudden compilation breakage of old nftables releases. With the upcoming release of 0.7 (and 0.6 which is now 6 months old) this is not required anymore. Moreover, users gain nothing from older releases since they are half-boiled and buggy. So let's get rid of aliases now. Bump LIBVERSION and update map file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: add stateful object reference expressionPablo Neira Ayuso2016-12-091-0/+5
| | | | | | | This patch adds a new "objref" expression that you can use to refer to stateful objects from rules. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: support for stateful objectsPablo Neira Ayuso2016-12-091-0/+573
This patch allows you to add, to delete and to get stateful objects, this support two object types: counter and quota. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>