From 20e0e8f2bec3b06ba5d77ec17d8e635750f4c085 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 24 Jun 2020 16:27:00 +0200 Subject: src: add support for chain ID attribute his patch allows you to refer to chains via the chain ID. The semantics are similar to the NFTA_RULE_ID attribute. Signed-off-by: Pablo Neira Ayuso --- src/expr/data_reg.c | 1 + src/expr/immediate.c | 10 ++++++++++ 2 files changed, 11 insertions(+) (limited to 'src/expr') diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c index 67165fe..4e35a79 100644 --- a/src/expr/data_reg.c +++ b/src/expr/data_reg.c @@ -125,6 +125,7 @@ static int nftnl_verdict_parse_cb(const struct nlattr *attr, void *data) switch(type) { case NFTA_VERDICT_CODE: + case NFTA_VERDICT_CHAIN_ID: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) abi_breakage(); break; diff --git a/src/expr/immediate.c b/src/expr/immediate.c index 47106ae..7f34772 100644 --- a/src/expr/immediate.c +++ b/src/expr/immediate.c @@ -50,6 +50,9 @@ nftnl_expr_immediate_set(struct nftnl_expr *e, uint16_t type, if (!imm->data.chain) return -1; break; + case NFTNL_EXPR_IMM_CHAIN_ID: + memcpy(&imm->data.chain_id, data, sizeof(uint32_t)); + break; default: return -1; } @@ -75,6 +78,9 @@ nftnl_expr_immediate_get(const struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_IMM_CHAIN: *data_len = strlen(imm->data.chain)+1; return imm->data.chain; + case NFTNL_EXPR_IMM_CHAIN_ID: + *data_len = sizeof(imm->data.chain_id); + return &imm->data.chain_id; } return NULL; } @@ -126,6 +132,10 @@ nftnl_expr_immediate_build(struct nlmsghdr *nlh, const struct nftnl_expr *e) mnl_attr_put_u32(nlh, NFTA_VERDICT_CODE, htonl(imm->data.verdict)); if (e->flags & (1 << NFTNL_EXPR_IMM_CHAIN)) mnl_attr_put_strz(nlh, NFTA_VERDICT_CHAIN, imm->data.chain); + if (e->flags & (1 << NFTNL_EXPR_IMM_CHAIN_ID)) { + mnl_attr_put_u32(nlh, NFTA_VERDICT_CHAIN_ID, + htonl(imm->data.chain_id)); + } mnl_attr_nest_end(nlh, nest1); mnl_attr_nest_end(nlh, nest2); -- cgit v1.2.3