[libnetfilter_conntrack] src: add support for GRE transport protocol

Pablo Neira netfilter-cvslog-bounces at lists.netfilter.org
Thu Mar 5 13:27:11 CET 2009


Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_conntrack.git;a=commit;h=f693586d1b69114049a47fa615872ad4c14dcff2
commit f693586d1b69114049a47fa615872ad4c14dcff2
Author:     Pablo Neira Ayuso <pablo at netfilter.org>
AuthorDate: Thu Mar 5 13:26:29 2009 +0100
Commit:     Pablo Neira Ayuso <pablo at netfilter.org>
CommitDate: Thu Mar 5 13:26:29 2009 +0100

    src: add support for GRE transport protocol
    
    This patch adds support for GRE transport protocol.
    
    Tested-by: Byan Buff <bduff at ecessa.com>
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
       via  f693586d1b69114049a47fa615872ad4c14dcff2 (commit)
      from  752a1af93da1381a5ecb921e7519cd9997eb27bc (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f693586d1b69114049a47fa615872ad4c14dcff2
Author: Pablo Neira Ayuso <pablo at netfilter.org>
Date:   Thu Mar 5 13:26:29 2009 +0100

    src: add support for GRE transport protocol
    
    This patch adds support for GRE transport protocol.
    
    Tested-by: Byan Buff <bduff at ecessa.com>
    Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

-----------------------------------------------------------------------

 src/conntrack/build.c            |    1 +
 src/conntrack/snprintf_default.c |    9 +++++++--
 src/conntrack/snprintf_xml.c     |   14 +++++++++++++-
 3 files changed, 21 insertions(+), 3 deletions(-)
This patch adds support for GRE transport protocol.

Tested-by: Byan Buff <bduff at ecessa.com>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

diff --git a/src/conntrack/build.c b/src/conntrack/build.c
index 9611508..a1569ab 100644
--- a/src/conntrack/build.c
+++ b/src/conntrack/build.c
@@ -50,6 +50,7 @@ void __build_tuple_proto(struct nfnlhdr *req,
 	case IPPROTO_UDP:
 	case IPPROTO_TCP:
 	case IPPROTO_SCTP:
+	case IPPROTO_GRE:
 		nfnl_addattr_l(&req->nlh, size, CTA_PROTO_SRC_PORT,
 			       &t->l4src.tcp.port, sizeof(u_int16_t));
 		nfnl_addattr_l(&req->nlh, size, CTA_PROTO_DST_PORT,
diff --git a/src/conntrack/snprintf_default.c b/src/conntrack/snprintf_default.c
index 7cf28f8..a846af9 100644
--- a/src/conntrack/snprintf_default.c
+++ b/src/conntrack/snprintf_default.c
@@ -13,7 +13,8 @@ static char *proto2str[IPPROTO_MAX] = {
         [IPPROTO_UDPLITE] = "udplite",
         [IPPROTO_ICMP] = "icmp",
         [IPPROTO_ICMPV6] = "icmpv6",
-        [IPPROTO_SCTP] = "sctp"
+        [IPPROTO_SCTP] = "sctp",
+        [IPPROTO_GRE] = "gre"
 };
 
 static char *l3proto2str[AF_MAX] = {
@@ -162,7 +163,11 @@ int __snprintf_proto(char *buf,
 			        ntohs(tuple->l4src.tcp.port),
 			        ntohs(tuple->l4dst.tcp.port));
 		break;
-
+	case IPPROTO_GRE:
+		return snprintf(buf, len, "srckey=0x%x dstkey=0x%x ",
+			        ntohs(tuple->l4src.all),
+			        ntohs(tuple->l4dst.all));
+		break;
 	case IPPROTO_ICMP:
 	case IPPROTO_ICMPV6:
 		/* The ID only makes sense some ICMP messages but we want to
diff --git a/src/conntrack/snprintf_xml.c b/src/conntrack/snprintf_xml.c
index b14ff43..cb6fc03 100644
--- a/src/conntrack/snprintf_xml.c
+++ b/src/conntrack/snprintf_xml.c
@@ -59,7 +59,8 @@ static char *proto2str[IPPROTO_MAX] = {
         [IPPROTO_UDPLITE] = "udplite",
         [IPPROTO_ICMP] = "icmp",
         [IPPROTO_ICMPV6] = "icmp6",
-        [IPPROTO_SCTP] = "sctp"
+        [IPPROTO_SCTP] = "sctp",
+        [IPPROTO_GRE] = "gre"
 };
 static char *l3proto2str[AF_MAX] = {
 	[AF_INET] = "ipv4",
@@ -177,6 +178,17 @@ static int __snprintf_proto_xml(char *buf,
 			BUFFER_SIZE(ret, size, len, offset);
 		}
 		break;
+	case IPPROTO_GRE:
+		if (type == __ADDR_SRC) {
+			ret = snprintf(buf, len, "<srckey>0x%x</srckey>", 
+				       ntohs(tuple->l4src.all));
+			BUFFER_SIZE(ret, size, len, offset);
+		} else {
+			ret = snprintf(buf, len, "<dstkey>%u</dstkey>",
+				       ntohs(tuple->l4dst.all));
+			BUFFER_SIZE(ret, size, len, offset);
+		}
+		break;
 	}
 
 	return ret;



More information about the netfilter-cvslog mailing list