From d4cf078cb71a943af0dcaa51ed5f950df0fdeca3 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sun, 23 Nov 2008 23:59:44 +0100 Subject: add ukey_* function for key assignation This patch cleans up the current key assignation by introducing a set of functions ukey_* to set the key value as Eric Leblond and we discussed during the latest Netfilter Workshop. This patch is based on an idea from Holger Eitzenberger. Signed-off-by: Eric Leblond --- input/flow/ulogd_inpflow_NFCT.c | 159 ++++++++++++++-------------------------- 1 file changed, 53 insertions(+), 106 deletions(-) (limited to 'input/flow') diff --git a/input/flow/ulogd_inpflow_NFCT.c b/input/flow/ulogd_inpflow_NFCT.c index 58bb0e2..a33ec35 100644 --- a/input/flow/ulogd_inpflow_NFCT.c +++ b/input/flow/ulogd_inpflow_NFCT.c @@ -443,67 +443,39 @@ static int propagate_ct(struct ulogd_pluginstance *upi, { struct ulogd_key *ret = upi->output.keys; - ret[NFCT_CT_EVENT].u.value.ui32 = type; - ret[NFCT_CT_EVENT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_OOB_FAMILY].u.value.ui8 = nfct_get_attr_u8(ct, ATTR_L3PROTO); - ret[NFCT_OOB_FAMILY].flags |= ULOGD_RETF_VALID; - /* FIXME */ - ret[NFCT_OOB_PROTOCOL].u.value.ui8 = 0; - ret[NFCT_OOB_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_CT_EVENT], type); + okey_set_u8(&ret[NFCT_OOB_FAMILY], nfct_get_attr_u8(ct, ATTR_L3PROTO)); + okey_set_u8(&ret[NFCT_OOB_PROTOCOL], 0); /* FIXME */ switch (nfct_get_attr_u8(ct, ATTR_L3PROTO)) { case AF_INET: - ret[NFCT_ORIG_IP_SADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC); - ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_IP_DADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST); - ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_SADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC); - ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_DADDR].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST); - ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID; - + okey_set_u32(&ret[NFCT_ORIG_IP_SADDR], + nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_SRC)); + okey_set_u32(&ret[NFCT_ORIG_IP_DADDR], + nfct_get_attr_u32(ct, ATTR_ORIG_IPV4_DST)); + okey_set_u32(&ret[NFCT_REPLY_IP_SADDR], + nfct_get_attr_u32(ct, ATTR_REPL_IPV4_SRC)); + okey_set_u32(&ret[NFCT_REPLY_IP_DADDR], + nfct_get_attr_u32(ct, ATTR_REPL_IPV4_DST)); break; case AF_INET6: - memcpy(ret[NFCT_ORIG_IP_SADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC), - sizeof(int32_t) * 4); - ret[NFCT_ORIG_IP_SADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_ORIG_IP_DADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_ORIG_IPV6_DST), - sizeof(int32_t) * 4); - ret[NFCT_ORIG_IP_DADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_REPLY_IP_SADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_REPL_IPV6_SRC), - sizeof(int32_t) * 4); - ret[NFCT_REPLY_IP_SADDR].flags |= ULOGD_RETF_VALID; - - memcpy(ret[NFCT_REPLY_IP_DADDR].u.value.ui128, - nfct_get_attr(ct, ATTR_REPL_IPV6_DST), - sizeof(int32_t) * 4); - ret[NFCT_REPLY_IP_DADDR].flags |= ULOGD_RETF_VALID; - + okey_set_u128(&ret[NFCT_ORIG_IP_SADDR], + nfct_get_attr(ct, ATTR_ORIG_IPV6_SRC)); + okey_set_u128(&ret[NFCT_ORIG_IP_DADDR], + nfct_get_attr(ct, ATTR_ORIG_IPV6_DST)); + okey_set_u128(&ret[NFCT_REPLY_IP_SADDR], + nfct_get_attr(ct, ATTR_REPL_IPV6_SRC)); + okey_set_u128(&ret[NFCT_REPLY_IP_DADDR], + nfct_get_attr(ct, ATTR_REPL_IPV6_DST)); break; default: ulogd_log(ULOGD_NOTICE, "Unknown protocol family (%d)\n", nfct_get_attr_u8(ct, ATTR_L3PROTO)); } - ret[NFCT_ORIG_IP_PROTOCOL].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO); - ret[NFCT_ORIG_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_IP_PROTOCOL].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO); - ret[NFCT_REPLY_IP_PROTOCOL].flags |= ULOGD_RETF_VALID; + okey_set_u8(&ret[NFCT_ORIG_IP_PROTOCOL], + nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)); + okey_set_u8(&ret[NFCT_REPLY_IP_PROTOCOL], + nfct_get_attr_u8(ct, ATTR_REPL_L4PROTO)); switch (nfct_get_attr_u8(ct, ATTR_ORIG_L4PROTO)) { case IPPROTO_TCP: @@ -511,22 +483,16 @@ static int propagate_ct(struct ulogd_pluginstance *upi, case IPPROTO_UDPLITE: case IPPROTO_SCTP: case IPPROTO_DCCP: - ret[NFCT_ORIG_L4_SPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC)); - ret[NFCT_ORIG_L4_SPORT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_L4_DPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST)); - ret[NFCT_ORIG_L4_DPORT].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_ORIG_L4_SPORT], + htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC))); + okey_set_u16(&ret[NFCT_ORIG_L4_DPORT], + htons(nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST))); break; case IPPROTO_ICMP: - ret[NFCT_ICMP_CODE].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ICMP_CODE); - ret[NFCT_ICMP_CODE].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ICMP_TYPE].u.value.ui8 = - nfct_get_attr_u8(ct, ATTR_ICMP_TYPE); - ret[NFCT_ICMP_TYPE].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_ICMP_CODE], + nfct_get_attr_u8(ct, ATTR_ICMP_CODE)); + okey_set_u16(&ret[NFCT_ICMP_TYPE], + nfct_get_attr_u8(ct, ATTR_ICMP_TYPE)); break; } @@ -536,55 +502,36 @@ static int propagate_ct(struct ulogd_pluginstance *upi, case IPPROTO_UDPLITE: case IPPROTO_SCTP: case IPPROTO_DCCP: - ret[NFCT_REPLY_L4_SPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC)); - ret[NFCT_REPLY_L4_SPORT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_L4_DPORT].u.value.ui16 = - htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST)); - ret[NFCT_REPLY_L4_DPORT].flags |= ULOGD_RETF_VALID; + okey_set_u16(&ret[NFCT_REPLY_L4_SPORT], + htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC))); + okey_set_u16(&ret[NFCT_REPLY_L4_DPORT], + htons(nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST))); } - ret[NFCT_ORIG_RAW_PKTLEN].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES); - ret[NFCT_ORIG_RAW_PKTLEN].flags |= ULOGD_RETF_VALID; - - ret[NFCT_ORIG_RAW_PKTCOUNT].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS); - ret[NFCT_ORIG_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_REPLY_RAW_PKTLEN].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES);; - ret[NFCT_REPLY_RAW_PKTLEN].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_ORIG_RAW_PKTLEN], + nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_BYTES)); + okey_set_u32(&ret[NFCT_ORIG_RAW_PKTCOUNT], + nfct_get_attr_u32(ct, ATTR_ORIG_COUNTER_PACKETS)); + okey_set_u32(&ret[NFCT_REPLY_RAW_PKTLEN], + nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_BYTES)); + okey_set_u32(&ret[NFCT_REPLY_RAW_PKTCOUNT], + nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS)); - ret[NFCT_REPLY_RAW_PKTCOUNT].u.value.ui32 = - nfct_get_attr_u32(ct, ATTR_REPL_COUNTER_PACKETS); - ret[NFCT_REPLY_RAW_PKTCOUNT].flags |= ULOGD_RETF_VALID; - - ret[NFCT_CT_MARK].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_MARK); - ret[NFCT_CT_MARK].flags |= ULOGD_RETF_VALID; - - ret[NFCT_CT_ID].u.value.ui32 = nfct_get_attr_u32(ct, ATTR_ID); - ret[NFCT_CT_ID].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_CT_MARK], nfct_get_attr_u32(ct, ATTR_MARK)); + okey_set_u32(&ret[NFCT_CT_ID], nfct_get_attr_u32(ct, ATTR_ID)); if (ts) { if (ts->time[START].tv_sec) { - ret[NFCT_FLOW_START_SEC].u.value.ui32 = - ts->time[START].tv_sec; - ret[NFCT_FLOW_START_SEC].flags |= ULOGD_RETF_VALID; - - ret[NFCT_FLOW_START_USEC].u.value.ui32 = - ts->time[START].tv_usec; - ret[NFCT_FLOW_START_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_FLOW_START_SEC], + ts->time[START].tv_sec); + okey_set_u32(&ret[NFCT_FLOW_START_USEC], + ts->time[START].tv_usec); } if (ts->time[STOP].tv_sec) { - ret[NFCT_FLOW_END_SEC].u.value.ui32 = - ts->time[STOP].tv_sec; - ret[NFCT_FLOW_END_SEC].flags |= ULOGD_RETF_VALID; - - ret[NFCT_FLOW_END_USEC].u.value.ui32 = - ts->time[STOP].tv_usec; - ret[NFCT_FLOW_END_USEC].flags |= ULOGD_RETF_VALID; + okey_set_u32(&ret[NFCT_FLOW_END_SEC], + ts->time[STOP].tv_sec); + okey_set_u32(&ret[NFCT_FLOW_END_USEC], + ts->time[STOP].tv_usec); } } -- cgit v1.2.3