From b858137bf744126531c50643587be328310f0280 Mon Sep 17 00:00:00 2001 From: Arturo Borrero Date: Mon, 20 Oct 2014 13:52:18 +0200 Subject: utils: fix arp family number NFPROTO_ARP = 3 in kernel space. We need the same value here in userspace in order to correctly communicate with the kernel. The failure solved by this patch made that {XML|JSON}-parsed tables of ARP family unable to be directly injected into kernel. To prevent future errors, this patch changes raw and AF_* values by the mathing NFPROTO_* couterpart as seen in linux/netfilter.h in both functions: * nft_family2str() * nft_str2family() Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- src/utils.c | 43 ++++++++++++++++++++----------------------- 1 file changed, 20 insertions(+), 23 deletions(-) (limited to 'src/utils.c') diff --git a/src/utils.c b/src/utils.c index d70fbf1..9013b68 100644 --- a/src/utils.c +++ b/src/utils.c @@ -20,36 +20,33 @@ #include #include +static const char *const nft_family_str[NFPROTO_NUMPROTO] = { + [NFPROTO_INET] = "inet", + [NFPROTO_IPV4] = "ip", + [NFPROTO_ARP] = "arp", + [NFPROTO_BRIDGE] = "bridge", + [NFPROTO_IPV6] = "ip6", +}; + const char *nft_family2str(uint32_t family) { - switch (family) { - case AF_INET: - return "ip"; - case AF_INET6: - return "ip6"; - case 1: - return "inet"; - case AF_BRIDGE: - return "bridge"; - case 3: /* NFPROTO_ARP */ - return "arp"; - default: + if (nft_family_str[family] == NULL) return "unknown"; - } + + return nft_family_str[family]; } int nft_str2family(const char *family) { - if (strcmp(family, "ip") == 0) - return AF_INET; - else if (strcmp(family, "ip6") == 0) - return AF_INET6; - else if (strcmp(family, "inet") == 0) - return 1; - else if (strcmp(family, "bridge") == 0) - return AF_BRIDGE; - else if (strcmp(family, "arp") == 0) - return 0; + int i; + + for (i = 0; i < NFPROTO_NUMPROTO; i++) { + if (nft_family_str[i] == NULL) + continue; + + if (strcmp(nft_family_str[i], family) == 0) + return i; + } errno = EAFNOSUPPORT; return -1; -- cgit v1.2.3