[libnetfilter_conntrack] src: unset all the callback handler in the nfct_close() path.

Pablo Neira netfilter-cvslog-bounces at lists.netfilter.org
Thu Jul 16 11:44:31 CEST 2009 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_conntrack.git;a=commit;h=f18e7875e7019671112ea0258a836f8454f237eb
commit f18e7875e7019671112ea0258a836f8454f237eb
Author:     Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Thu Jul 16 11:41:58 2009 +0200
Commit:     Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Thu Jul 16 11:41:58 2009 +0200

    src: unset all the callback handler in the nfct_close() path.
    
    This patch unsets all the existing callbacks if we call
    nfct_close().
    
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

commit f48fd16527a26fdf0779119a8e1ed889a3b02b23
Author:     Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Thu Jul 16 11:38:34 2009 +0200
Commit:     Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Thu Jul 16 11:38:34 2009 +0200

    expect: add new callback interface while keeping backward compatibility
    
    This patch the new expectation callback interface. This change is
    like 20ed81b10714dfe78e31e9721e2d4f42b4beabb2 but related to
    expectations. The netlink message contains the portID that is useful
    to identify the origin of the message.
    
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
       via  f18e7875e7019671112ea0258a836f8454f237eb (commit)
       via  f48fd16527a26fdf0779119a8e1ed889a3b02b23 (commit)
      from  867cda50716d393e132001484c6f0a4ae50e7eb9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f18e7875e7019671112ea0258a836f8454f237eb
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date:   Thu Jul 16 11:41:58 2009 +0200

    src: unset all the callback handler in the nfct_close() path.
    
    This patch unsets all the existing callbacks if we call
    nfct_close().
    
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

commit f48fd16527a26fdf0779119a8e1ed889a3b02b23
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date:   Thu Jul 16 11:38:34 2009 +0200

    expect: add new callback interface while keeping backward compatibility
    
    This patch the new expectation callback interface. This change is
    like 20ed81b10714dfe78e31e9721e2d4f42b4beabb2 but related to
    expectations. The netlink message contains the portID that is useful
    to identify the origin of the message.
    
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

-----------------------------------------------------------------------

 include/internal/object.h                          |    6 ++
 .../libnetfilter_conntrack.h                       |   11 +++
 src/expect/api.c                                   |   75 ++++++++++++++++++++
 src/expect/callback.c                              |    2 +
 src/main.c                                         |    3 +
 5 files changed, 97 insertions(+), 0 deletions(-)
This patch the new expectation callback interface. This change is
like 20ed81b10714dfe78e31e9721e2d4f42b4beabb2 but related to
expectations. The netlink message contains the portID that is useful
to identify the origin of the message.

Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

diff --git a/include/internal/object.h b/include/internal/object.h
index cd06b88..04d64b6 100644
--- a/include/internal/object.h
+++ b/include/internal/object.h
@@ -34,6 +34,12 @@ struct nfct_handle {
 	int			(*expect_cb)(enum nf_conntrack_msg_type type, 
 					     struct nf_expect *exp,
 					     void *data);
+
+	/* second version of the expect callback: it includes netlink header */
+	int			(*expect_cb2)(const struct nlmsghdr *nlh,
+					      enum nf_conntrack_msg_type type, 
+					      struct nf_expect *exp,
+					      void *data);
 };
 
 /* container used to pass data to nfnl callbacks */
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
index 346039c..b0487b6 100644
--- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h
+++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h
@@ -519,6 +519,17 @@ extern int nfexp_callback_register(struct nfct_handle *h,
 
 extern void nfexp_callback_unregister(struct nfct_handle *h);
 
+/* register / unregister callback: extended version including netlink header */
+extern int nfexp_callback_register2(struct nfct_handle *h,
+				    enum nf_conntrack_msg_type type,
+				    int (*cb)(const struct nlmsghdr *nlh,
+				    	      enum nf_conntrack_msg_type type,
+					      struct nf_expect *exp,
+					      void *data),
+				    void *data);
+
+extern void nfexp_callback_unregister2(struct nfct_handle *h);
+
 /* setter */
 extern void nfexp_set_attr(struct nf_expect *exp,
 			   const enum nf_expect_attr type,
diff --git a/src/expect/api.c b/src/expect/api.c
index 5ed4e4b..b532e00 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -160,6 +160,81 @@ void nfexp_callback_unregister(struct nfct_handle *h)
 }
 
 /**
+ * nfexp_callback_register2 - register a callback
+ * @h: library handler
+ * @cb: callback used to process expect received
+ * @data: data used by the callback, if any.
+ *
+ * This function register a callback to handle the expect received, 
+ * in case of error -1 is returned and errno is set appropiately, otherwise
+ * 0 is returned.
+ *
+ * Note that the data parameter is optional, if you do not want to pass any
+ * data to your callback, then use NULL.
+ *
+ * NOTICE: The difference with nfexp_callback_register() is that this function
+ * uses the new callback interface that includes the Netlink header.
+ *
+ * WARNING: Don't mix nfexp_callback_register() and nfexp_callback_register2()
+ * calls, use only once at a time.
+ */
+int nfexp_callback_register2(struct nfct_handle *h,
+			     enum nf_conntrack_msg_type type,
+			     int (*cb)(const struct nlmsghdr *nlh,
+			     	       enum nf_conntrack_msg_type type,
+			   	       struct nf_expect *exp, 
+				       void *data),
+			     void *data)
+{
+	struct __data_container *container;
+
+	assert(h != NULL);
+
+	container = malloc(sizeof(struct __data_container));
+	if (!container)
+		return -1;
+	memset(container, 0, sizeof(struct __data_container));
+
+	h->expect_cb2 = cb;
+	container->h = h;
+	container->type = type;
+	container->data = data;
+
+	h->nfnl_cb.call = __expect_callback;
+	h->nfnl_cb.data = container;
+	h->nfnl_cb.attr_count = CTA_EXPECT_MAX;
+
+	nfnl_callback_register(h->nfnlssh_exp, 
+			       IPCTNL_MSG_EXP_NEW,
+			       &h->nfnl_cb);
+
+	nfnl_callback_register(h->nfnlssh_exp,
+			       IPCTNL_MSG_EXP_DELETE,
+			       &h->nfnl_cb);
+
+	return 0;
+}
+
+/**
+ * nfexp_callback_unregister2 - unregister a callback
+ * @h: library handler
+ */
+void nfexp_callback_unregister2(struct nfct_handle *h)
+{
+	assert(h != NULL);
+
+	nfnl_callback_unregister(h->nfnlssh_exp, IPCTNL_MSG_EXP_NEW);
+	nfnl_callback_unregister(h->nfnlssh_exp, IPCTNL_MSG_EXP_DELETE);
+
+	h->expect_cb2 = NULL;
+	free(h->nfnl_cb.data);
+
+	h->nfnl_cb.call = NULL;
+	h->nfnl_cb.data = NULL;
+	h->nfnl_cb.attr_count = 0;
+}
+
+/**
  * nfexp_set_attr - set the value of a certain expect attribute
  * @exp: pointer to a valid expect 
  * @type: attribute type
diff --git a/src/expect/callback.c b/src/expect/callback.c
index 6a45b0e..d2cc26e 100644
--- a/src/expect/callback.c
+++ b/src/expect/callback.c
@@ -31,6 +31,8 @@ int __expect_callback(struct nlmsghdr *nlh, struct nfattr *nfa[], void *data)
 
 	if (container->h->expect_cb)
 		ret = container->h->expect_cb(type, exp, container->data);
+	else if (container->h->expect_cb2)
+		ret = container->h->expect_cb2(nlh, type, exp, container->data);
 
 	switch(ret) {
 	case NFCT_CB_FAILURE:

More information about the netfilter-cvslog mailing list