[netfilter-cvslog] r4325 - in trunk/libnfnetlink_conntrack: .
include include/libnfnetlink_conntrack src utils
laforge at netfilter.org
laforge at netfilter.org
Sat Oct 8 00:46:53 CEST 2005
Author: laforge at netfilter.org
Date: 2005-10-08 00:46:50 +0200 (Sat, 08 Oct 2005)
New Revision: 4325
Added:
trunk/libnfnetlink_conntrack/include/libnfnetlink_conntrack/Makefile.am
Modified:
trunk/libnfnetlink_conntrack/Makefile.am
trunk/libnfnetlink_conntrack/include/Makefile.am
trunk/libnfnetlink_conntrack/src/libnfnetlink_conntrack.c
trunk/libnfnetlink_conntrack/utils/ctnl_test.c
Log:
- Add missing files: include/libnfnetlink_conntrack/Makefile.am and include/Makefile.am.
- Rename list_conntrack_handler to callback_handler, IMHO a proper name for such function.
- Use new nfnl_open prototype: Now it's got four parameters.
- Kill recurrent definition of the structure nfnlhdr: Actually this should go somewhere in
libnfnetlink, later.
- Ignore utils subdirectory. It contains a testsuite that is currently broken. Yes I know you're
aware of it ;) it's on the TODO list. I'll fix later.
- ctnl_error now has a nicer definition.
- kill some unneeded ctnl_error messages on failure.
(Pablo Neira)
Modified: trunk/libnfnetlink_conntrack/Makefile.am
===================================================================
--- trunk/libnfnetlink_conntrack/Makefile.am 2005-10-07 17:59:45 UTC (rev 4324)
+++ trunk/libnfnetlink_conntrack/Makefile.am 2005-10-07 22:46:50 UTC (rev 4325)
@@ -1,7 +1,7 @@
AUTOMAKE_OPTIONS = foreign dist-bzip2 1.6
INCLUDES =$(all_includes) -I$(top_srcdir)/include -I${KERNELDIR}
-SUBDIRS = include src utils
+SUBDIRS = include src
LINKOPTS = -lnfnetlink
man_MANS = #nfnetlink_conntrack.3 nfnetlink_conntrack.7
Modified: trunk/libnfnetlink_conntrack/include/Makefile.am
===================================================================
--- trunk/libnfnetlink_conntrack/include/Makefile.am 2005-10-07 17:59:45 UTC (rev 4324)
+++ trunk/libnfnetlink_conntrack/include/Makefile.am 2005-10-07 22:46:50 UTC (rev 4325)
@@ -1,2 +1,2 @@
-nobase_include_HEADERS = libnfnetlink_conntrack/libnfnetlink_conntrack.h
+SUBDIRS = libnfnetlink_conntrack
Added: trunk/libnfnetlink_conntrack/include/libnfnetlink_conntrack/Makefile.am
===================================================================
--- trunk/libnfnetlink_conntrack/include/libnfnetlink_conntrack/Makefile.am 2005-10-07 17:59:45 UTC (rev 4324)
+++ trunk/libnfnetlink_conntrack/include/libnfnetlink_conntrack/Makefile.am 2005-10-07 22:46:50 UTC (rev 4325)
@@ -0,0 +1,6 @@
+
+pkginclude_HEADERS = libnfnetlink_conntrack.h
+
+
+pkginclude_HEADERS = libnfnetlink_conntrack.h
+
Modified: trunk/libnfnetlink_conntrack/src/libnfnetlink_conntrack.c
===================================================================
--- trunk/libnfnetlink_conntrack/src/libnfnetlink_conntrack.c 2005-10-07 17:59:45 UTC (rev 4324)
+++ trunk/libnfnetlink_conntrack/src/libnfnetlink_conntrack.c 2005-10-07 22:46:50 UTC (rev 4325)
@@ -28,8 +28,13 @@
#include <libnfnetlink/libnfnetlink.h>
#include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
-#define ctnl_error printf
+#define ctnl_error(format, args...) fprintf(stderr, format, ## args)
+struct nfnlhdr {
+ struct nlmsghdr nlh;
+ struct nfgenmsg nfmsg;
+};
+
/***********************************************************************
* low level stuff
***********************************************************************/
@@ -40,10 +45,7 @@
int ctnl_wilddump_request(struct ctnl_handle *cth, int family, int type)
{
- struct {
- struct nlmsghdr nlh;
- struct nfgenmsg g;
- } req;
+ struct nfnlhdr req;
nfnl_fill_hdr(&cth->nfnlh, &req.nlh, 0, AF_INET, 0,
type, NLM_F_ROOT|NLM_F_MATCH|NLM_F_REQUEST);
@@ -52,8 +54,8 @@
}
/* handler used for nfnl_listen */
-static int list_conntrack_handler(struct sockaddr_nl *nladdr,
- struct nlmsghdr *n, void *arg)
+static int callback_handler(struct sockaddr_nl *nladdr,
+ struct nlmsghdr *n, void *arg)
{
struct ctnl_handle *cth = (struct ctnl_handle *) arg;
int type = NFNL_MSG_TYPE(n->nlmsg_type);
@@ -63,7 +65,7 @@
if (NFNL_SUBSYS_ID(n->nlmsg_type) != NFNL_SUBSYS_CTNETLINK &&
NFNL_SUBSYS_ID(n->nlmsg_type) != NFNL_SUBSYS_CTNETLINK_EXP) {
ctnl_error("received message for wrong subsys, skipping\n");
- nfnl_dump_packet(n, n->nlmsg_len, "list_conntrack_handler");
+ nfnl_dump_packet(n, n->nlmsg_len, "callback_handler");
return 0;
}
@@ -97,10 +99,22 @@
unsigned subscriptions)
{
int err;
+ u_int8_t cb_count;
+ switch(subsys_id) {
+ case NFNL_SUBSYS_CTNETLINK:
+ cb_count = IPCTNL_MSG_MAX;
+ break;
+ case NFNL_SUBSYS_CTNETLINK_EXP:
+ cb_count = IPCTNL_MSG_EXP_MAX;
+ break;
+ default:
+ return -ENOENT;
+ break;
+ }
memset(cth, 0, sizeof(*cth));
- err = nfnl_open(&cth->nfnlh, subsys_id, IPCTNL_MSG_MAX, subscriptions);
+ err = nfnl_open(&cth->nfnlh, subsys_id, cb_count, subscriptions);
if (err < 0) {
return err;
}
@@ -155,14 +169,10 @@
int ctnl_flush_conntrack(struct ctnl_handle *cth)
{
- struct {
- struct nlmsghdr nlh;
- struct nfgenmsg g;
- } *req;
+ struct nfnlhdr *req;
+ char buf[sizeof(*req)];
- char buf[sizeof(*req)];
memset(&buf, 0, sizeof(buf));
-
req = (void *) &buf;
nfnl_fill_hdr(&cth->nfnlh, (struct nlmsghdr *) &buf,
@@ -172,7 +182,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 )
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
/**
@@ -185,7 +195,7 @@
if (ctnl_wilddump_request(cth, family, IPCTNL_MSG_CT_GET) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
int ctnl_list_conntrack_zero_counters(struct ctnl_handle *cth, int family)
@@ -193,19 +203,14 @@
if (ctnl_wilddump_request(cth, family, IPCTNL_MSG_CT_GET_CTRZERO) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
int ctnl_event_conntrack(struct ctnl_handle *cth, int family)
{
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
-struct nfnlhdr {
- struct nlmsghdr nlh;
- struct nfgenmsg nfmsg;
-};
-
static void ctnl_build_tuple_ip(struct nfnlhdr *req, int size,
struct ctnl_tuple *t)
{
@@ -243,9 +248,13 @@
break;
case IPPROTO_ICMP:
nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_CODE,
- &t->l4src.icmp.code, sizeof(u_int8_t));
+ &t->l4dst.icmp.code, sizeof(u_int8_t));
nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_TYPE,
&t->l4dst.icmp.type, sizeof(u_int8_t));
+ /* This is an ICMP echo */
+ if (t->l4dst.icmp.type == 8)
+ nfnl_addattr_l(&req->nlh, size, CTA_PROTO_ICMP_ID,
+ &t->l4src.icmp.id, sizeof(u_int16_t));
break;
}
nfnl_nest_end(&req->nlh, nest);
@@ -272,10 +281,16 @@
nest = nfnl_nest(&req->nlh, size, CTA_PROTOINFO);
switch (ct->tuple[CTNL_DIR_ORIGINAL].protonum) {
- case IPPROTO_TCP:
+ case IPPROTO_TCP: {
+ struct nfattr *nest_proto;
+ nest_proto = nfnl_nest(&req->nlh, size, CTA_PROTOINFO_TCP);
nfnl_addattr_l(&req->nlh, size, CTA_PROTOINFO_TCP_STATE,
&ct->protoinfo.tcp.state, sizeof(u_int8_t));
+ nfnl_nest_end(&req->nlh, nest_proto);
break;
+ }
+ default:
+ break;
}
nfnl_nest_end(&req->nlh, nest);
@@ -370,7 +385,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
/**
@@ -398,7 +413,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
static int new_update_conntrack(struct ctnl_handle *cth,
struct ctnl_conntrack *ct,
@@ -419,7 +434,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 )
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
/**
@@ -447,13 +462,13 @@
if (ctnl_wilddump_request(cth, family, IPCTNL_MSG_EXP_GET) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
int ctnl_event_expect(struct ctnl_handle *cth, int family)
{
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
int ctnl_flush_expect(struct ctnl_handle *cth)
@@ -471,7 +486,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 )
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
/**
@@ -508,12 +523,10 @@
sizeof(timeout)) < 0)
return -1;
- if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 ) {
- ctnl_error("error while nfnl_send\n");
+ if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 )
return -1;
- }
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
/**
@@ -540,7 +553,7 @@
if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0)
return -1;
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
int ctnl_get_expect(struct ctnl_handle *cth,
@@ -558,11 +571,9 @@
ctnl_build_tuple(req, sizeof(buf), tuple, CTA_EXPECT_MASTER);
- if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 ) {
- ctnl_error("error while nfnl_send\n");
+ if (nfnl_send(&cth->nfnlh, (struct nlmsghdr *)&buf) < 0 )
return -1;
- }
- return nfnl_listen(&cth->nfnlh, &list_conntrack_handler, cth);
+ return nfnl_listen(&cth->nfnlh, &callback_handler, cth);
}
Modified: trunk/libnfnetlink_conntrack/utils/ctnl_test.c
===================================================================
--- trunk/libnfnetlink_conntrack/utils/ctnl_test.c 2005-10-07 17:59:45 UTC (rev 4324)
+++ trunk/libnfnetlink_conntrack/utils/ctnl_test.c 2005-10-07 22:46:50 UTC (rev 4325)
@@ -1,5 +1,6 @@
#include <stdlib.h>
#include <stdio.h>
+#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
@@ -14,6 +15,7 @@
#include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
+#if 0
static struct ctnl_handle *cth;
#if 0
@@ -193,3 +195,4 @@
return 0;
}
+#endif
More information about the netfilter-cvslog
mailing list