From ff48b0628e95d458bd38e1a95aeed116bcabb133 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Sat, 8 Jun 2013 19:15:40 +0200
Subject: set_elem: add NFT_SET_ELEM_ATTR_DATA to set data for mapping

We need this new attribute to configure the data that is attached
to an element. This is useful for the mapping feature to retrieve
data based on keys (like a dictionary) that nftables provides.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/set_elem.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'src/set_elem.c')

diff --git a/src/set_elem.c b/src/set_elem.c
index fb03d71..dae1f8c 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -58,6 +58,7 @@ void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr)
 	case NFT_SET_ELEM_ATTR_FLAGS:
 	case NFT_SET_ELEM_ATTR_KEY:	/* NFTA_SET_ELEM_KEY */
 	case NFT_SET_ELEM_ATTR_VERDICT:	/* NFTA_SET_ELEM_DATA */
+	case NFT_SET_ELEM_ATTR_DATA:	/* NFTA_SET_ELEM_DATA */
 		break;
 	default:
 		return;
@@ -87,6 +88,10 @@ void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr,
 
 		s->data.chain = strdup(data);
 		break;
+	case NFT_SET_ELEM_ATTR_DATA:	/* NFTA_SET_ELEM_DATA */
+		memcpy(s->data.val, data, data_len);
+		s->data.len = data_len;
+		break;
 	default:
 		return;
 	}
@@ -121,6 +126,12 @@ void *nft_set_elem_attr_get(struct nft_set_elem *s, uint16_t attr, size_t *data_
 		if (s->flags & (1 << NFT_SET_ELEM_ATTR_CHAIN))
 			return &s->data.chain;
 		break;
+	case NFT_SET_ELEM_ATTR_DATA:	/* NFTA_SET_ELEM_DATA */
+		if (s->flags & (1 << NFT_SET_ELEM_ATTR_DATA)) {
+			*data_len = s->data.len;
+			return &s->data.val;
+		}
+		break;
 	default:
 		break;
 	}
@@ -189,6 +200,13 @@ void nft_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh,
 		mnl_attr_nest_end(nlh, nest1);
 		mnl_attr_nest_end(nlh, nest2);
 	}
+	if (e->flags & (1 << NFT_SET_ELEM_ATTR_DATA)) {
+		struct nlattr *nest1;
+
+		nest1 = mnl_attr_nest_start(nlh, NFTA_SET_ELEM_DATA);
+		mnl_attr_put(nlh, NFTA_DATA_VALUE, e->data.len, e->data.val);
+		mnl_attr_nest_end(nlh, nest1);
+	}
 }
 
 void nft_set_elems_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s)
@@ -271,6 +289,9 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
 		case DATA_CHAIN:
 			s->flags |= (1 << NFT_SET_ELEM_ATTR_CHAIN);
 			break;
+		case DATA_VALUE:
+			s->flags |= (1 << NFT_SET_ELEM_ATTR_DATA);
+			break;
 		}
         }
 	if (ret < 0)
-- 
cgit v1.2.3