[netfilter-cvslog] r4290 - in trunk/conntrack: . extensions include src

laforge at netfilter.org laforge at netfilter.org
Sat Sep 24 20:42:40 CEST 2005 

Author: laforge at netfilter.org
Date: 2005-09-24 20:42:39 +0200 (Sat, 24 Sep 2005)
New Revision: 4290

Modified:
   trunk/conntrack/ChangeLog
   trunk/conntrack/configure.in
   trunk/conntrack/conntrack.8
   trunk/conntrack/extensions/libct_proto_icmp.c
   trunk/conntrack/extensions/libct_proto_sctp.c
   trunk/conntrack/extensions/libct_proto_tcp.c
   trunk/conntrack/extensions/libct_proto_udp.c
   trunk/conntrack/include/libct_proto.h
   trunk/conntrack/src/conntrack.c
   trunk/conntrack/src/libct.c
Log:
major update (See ChangeLog)


Modified: trunk/conntrack/ChangeLog
===================================================================
--- trunk/conntrack/ChangeLog	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/ChangeLog	2005-09-24 18:42:39 UTC (rev 4290)
@@ -1,3 +1,12 @@
+2005-09-24
+<laforge at netfilter.org>
+	o Get rid of C++ style comments
+	o Remove remaining bits of "-A --action", group-mask and dump-mask
+	o Clean up #include's
+	o Fix double-free when exiting via signal handler (Ctrl+C)
+	o Add "version" member to plugins
+	o Fix some Endianness issues when printing CTA_STATUS
+
 2005-08-31
 <pablo at netfilter.org>
 	o Fix packet and bytes counters (use __be64_to_cpu)

Modified: trunk/conntrack/configure.in
===================================================================
--- trunk/conntrack/configure.in	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/configure.in	2005-09-24 18:42:39 UTC (rev 4290)
@@ -74,10 +74,10 @@
                               [ Show location of kernel source. Default is to use uname -r and look in /lib/modules/KERNEL/build/include. ]),
 	       NF_KERNEL_SOURCE($with_kernel),NF_KERNEL_SOURCE())
 
-#if test ! -z "$libdir"; then
-#   MODULE_DIR="\\\"$libdir/\\\""
-#   CFLAGS="$CFLAGS -DCONNTRACK_LIB_DIR=$MODULE_DIR"
-#fi
+if test ! -z "$libdir"; then
+   MODULE_DIR="\\\"$libdir/\\\""
+   CFLAGS="$CFLAGS -DCONNTRACK_LIB_DIR=$MODULE_DIR"
+fi
 
 dnl--------------------------------
 

Modified: trunk/conntrack/conntrack.8
===================================================================
--- trunk/conntrack/conntrack.8	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/conntrack.8	2005-09-24 18:42:39 UTC (rev 4290)
@@ -16,8 +16,6 @@
 .BR "conntrack -E [table] parameters"
 .br
 .BR "conntrack -F [table]"
-.br
-.BR "conntrack -A [table] [options]"
 .SH DESCRIPTION
 .B conntrack
 is used to search, list, inspect and maintain the netfilter connection tracking
@@ -70,9 +68,6 @@
 .TP
 .BI "-F, --flush "
 Flush the whole given table
-.TP
-.BI "-A, --action "
-Set an action.
 .SS PARAMETERS
 .TP
 .BI "-z, --zero "
@@ -85,16 +80,8 @@
 by the kernel to those types to those that you are actually interested in.
 .
 Please note that this is a system-wide setting, so make sure to not disable some events that other ctnetlink-using processes might need!
-This option can only be used in conjunction with "-A, --action".
+This option can only be used in conjunction with "-E, --event".
 .TP
-.BI "-m, --dump-mask " "[ALL|TUPLE|STATUS|TIMEOUT|PROTOINFO|HELPINFO|COUNTERS|MARK][,...]"
-Set the bitmask of data fields that are to be sent with each message generated
-by the in-kernel ctnetlink code.  Using this parameter, you can reduce the
-amount of information sent by the kernel to those bits and pieces that you are
-actually interested in.
-Please note that this is a system-wide setting, so make sure to not disable some data fields that other ctnetlink-using processes might need!
-This option can only be used in conjunction with "-A, --action".
-.TP
 .BI "-g, --group-mask " "[ALL|TCP|UDP|ICMP][,...]"
 Set the group bitmask to those netlink groups (resembling layer 4 protocols)
 that you're actually interested in. 

Modified: trunk/conntrack/extensions/libct_proto_icmp.c
===================================================================
--- trunk/conntrack/extensions/libct_proto_icmp.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/extensions/libct_proto_icmp.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -111,7 +111,8 @@
 	.print_proto	= print_proto,
 	.final_check	= final_check,
 	.help		= help,
-	.opts		= opts
+	.opts		= opts,
+	.version	= LIBCT_VERSION,
 };
 
 void __attribute__ ((constructor)) init(void);

Modified: trunk/conntrack/extensions/libct_proto_sctp.c
===================================================================
--- trunk/conntrack/extensions/libct_proto_sctp.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/extensions/libct_proto_sctp.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -176,7 +176,8 @@
 	.print_protoinfo	= print_protoinfo,
 	.final_check		= final_check,
 	.help			= help,
-	.opts			= opts
+	.opts			= opts,
+	.version		= LIBCT_VERSION,
 };
 
 void __attribute__ ((constructor)) init(void);

Modified: trunk/conntrack/extensions/libct_proto_tcp.c
===================================================================
--- trunk/conntrack/extensions/libct_proto_tcp.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/extensions/libct_proto_tcp.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -13,9 +13,10 @@
 #include <string.h>
 #include <netinet/in.h> /* For htons */
 #include <linux/netfilter/nfnetlink_conntrack.h>
-#include "libct_proto.h"
 #include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
 
+#include "libct_proto.h"
+
 static struct option opts[] = {
 	{"orig-port-src", 1, 0, '1'},
 	{"orig-port-dst", 1, 0, '2'},
@@ -197,7 +198,8 @@
 	.print_protoinfo	= print_protoinfo,
 	.final_check		= final_check,
 	.help			= help,
-	.opts			= opts
+	.opts			= opts,
+	.version		= LIBCT_VERSION,
 };
 
 void __attribute__ ((constructor)) init(void);

Modified: trunk/conntrack/extensions/libct_proto_udp.c
===================================================================
--- trunk/conntrack/extensions/libct_proto_udp.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/extensions/libct_proto_udp.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -149,7 +149,8 @@
 	.print_proto		= print_proto,
 	.final_check		= final_check,
 	.help			= help,
-	.opts			= opts
+	.opts			= opts,
+	.version		= LIBCT_VERSION,
 };
 
 void __attribute__ ((constructor)) init(void);

Modified: trunk/conntrack/include/libct_proto.h
===================================================================
--- trunk/conntrack/include/libct_proto.h	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/include/libct_proto.h	2005-09-24 18:42:39 UTC (rev 4290)
@@ -7,6 +7,8 @@
 #include <getopt.h>
 #include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
 
+#define LIBCT_VERSION	"0.1.0"
+
 struct cta_proto;
 
 struct ctproto_handler {
@@ -14,6 +16,7 @@
 
 	char 			*name;
 	u_int16_t 		protonum;
+	char			*version;
 
 	enum ctattr_protoinfo	protoinfo_attr;
 	

Modified: trunk/conntrack/src/conntrack.c
===================================================================
--- trunk/conntrack/src/conntrack.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/src/conntrack.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -43,13 +43,12 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <string.h>
-#include <linux/netfilter_ipv4/ip_conntrack.h>
 #include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
 #include "linux_list.h"
 #include "libct_proto.h"
 
 #define PROGNAME "conntrack"
-#define VERSION "0.80"
+#define VERSION "0.81"
 
 #if 0
 #define DEBUGP printf
@@ -651,8 +650,6 @@
 fprintf(stdout, "-p proto		Layer 4 Protocol\n");
 fprintf(stdout, "-t timeout		Set timeout\n");
 fprintf(stdout, "-u status		Set status\n");
-fprintf(stdout, "-m dumpmask		Set dump mask\n");
-fprintf(stdout, "-g groupmask		Set group mask\n");
 fprintf(stdout, "-e eventmask		Set event mask\n");
 fprintf(stdout, "-a min_ip[-max_ip]	NAT ip range\n");
 fprintf(stdout, "-z 			Zero Counters\n");
@@ -670,7 +667,7 @@
 	unsigned long timeout = 0;
 	unsigned int status = IPS_CONFIRMED;
 	unsigned long id = 0;
-	unsigned int type = 0, dump_mask = 0, extra_flags = 0, event_mask = 0;
+	unsigned int type = 0, extra_flags = 0, event_mask = 0;
 	int manip = -1;
 	int res = 0, retry = 2;
 

Modified: trunk/conntrack/src/libct.c
===================================================================
--- trunk/conntrack/src/libct.c	2005-09-24 17:57:44 UTC (rev 4289)
+++ trunk/conntrack/src/libct.c	2005-09-24 18:42:39 UTC (rev 4290)
@@ -17,9 +17,6 @@
 /* From kernel.h */
 #define INT_MAX         ((int)(~0U>>1))
 #define INT_MIN         (-INT_MAX - 1)
-#include <linux/netfilter_ipv4/ip_conntrack.h>
-#include <linux/netfilter/nfnetlink_conntrack.h>
-#include <libnfnetlink/libnfnetlink.h>
 #include <libnfnetlink_conntrack/libnfnetlink_conntrack.h>
 #include "linux_list.h"
 #include "libct_proto.h"
@@ -187,7 +184,7 @@
 			parse_tuple(attr, &ct.tuple[CTNL_DIR_REPLY]);
 			break;
 		case CTA_STATUS:
-			ct.status = *(unsigned int *)NFA_DATA(attr);
+			ct.status = ntohl(*(u_int32_t *)NFA_DATA(attr));
 			flags |= STATUS;
 			break;
 		case CTA_PROTOINFO:
@@ -195,11 +192,11 @@
 			flags |= PROTOINFO;
 			break;
 		case CTA_TIMEOUT:
-			ct.timeout = ntohl(*(unsigned long *)NFA_DATA(attr));
+			ct.timeout = ntohl(*(u_int32_t *)NFA_DATA(attr));
 			flags |= TIMEOUT;
 			break;
 		case CTA_MARK:
-			ct.mark = ntohl(*(unsigned long *)NFA_DATA(attr));
+			ct.mark = ntohl(*(u_int32_t *)NFA_DATA(attr));
 			flags |= MARK;
 			break;
 		case CTA_COUNTERS_ORIG:
@@ -208,7 +205,7 @@
 			flags |= COUNTERS;
 			break;
 		case CTA_USE:
-			ct.use = ntohl(*(unsigned int *)NFA_DATA(attr));
+			ct.use = ntohl(*(u_int32_t *)NFA_DATA(attr));
 			flags |= USE;
 			break;
 		case CTA_ID:
@@ -256,7 +253,8 @@
 			ct.counters[CTNL_DIR_REPLY].packets,
 			ct.counters[CTNL_DIR_REPLY].bytes);
 	
-	print_status(ct.status);
+	if (flags & STATUS)
+		print_status(ct.status);
 
 	if (flags & MARK)
 		fprintf(stdout, "mark=%lu ", ct.mark);
@@ -272,15 +270,15 @@
 
 static char *typemsg2str(type, flags)
 {
-	char *ret = "UNKNOWN";
+	char *ret = "[UNKNOWN]";
 
 	if (type == IPCTNL_MSG_CT_NEW) {
 		if (flags & NLM_F_CREATE)
-			ret = "NEW";
+			ret = "[NEW]";
 		else
-			ret = "UPDATE";
+			ret = "[UPDATE]";
 	} else if (type == IPCTNL_MSG_CT_DELETE)
-		ret = "DESTROY";
+		ret = "[DESTROY]";
 
 	return ret;
 }
@@ -289,7 +287,7 @@
 			 void *arg)
 {
 	int type = NFNL_MSG_TYPE(nlh->nlmsg_type);
-	fprintf(stdout, "[%s] ", typemsg2str(type, nlh->nlmsg_flags));
+	fprintf(stdout, "%9s ", typemsg2str(type, nlh->nlmsg_flags));
 	return handler(sock, nlh, arg);
 }
 
@@ -465,6 +463,7 @@
 {
 	fprintf(stdout, "Now closing conntrack event dumping...\n");
 	ctnl_close(&cth);
+	exit(0);
 }
 
 int event_conntrack(unsigned int event_mask)
@@ -527,6 +526,11 @@
 
 void register_proto(struct ctproto_handler *h)
 {
+	if (strcmp(h->version, LIBCT_VERSION) != 0) {
+		fprintf(stderr, "plugin `%s': version %s (I'm %s)\n",
+			h->name, h->version, LIBCT_VERSION);
+		exit(1);
+	}
 	list_add(&h->head, &proto_list);
 }

More information about the netfilter-cvslog mailing list