[LIBNL 03/09]: Generic netfilter stuff

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: tgraf@suug.ch
Cc: Patrick McHardy <kaber@trash.net>,
	netfilter-devel@vger.kernel.org, philipc@snapgear.com
Subject: [LIBNL 03/09]: Generic netfilter stuff
Date: Fri, 18 Jan 2008 17:55:51 +0100 (MET)	[thread overview]
Message-ID: <20080118165518.13385.89054.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20080118165514.13385.44695.sendpatchset@localhost.localdomain>

commit d0d52158ccf2b1d60f864e888f9bdb08c0bdae8b
Author: Patrick McHardy <kaber@trash.net>
Date:   Fri Jan 18 16:17:18 2008 +0100

    [LIBNL]: Generic netfilter stuff
    
    Add some generic helper functions for netfilter.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>

diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
new file mode 100644
index 0000000..0750ca6
--- /dev/null
+++ b/include/linux/netfilter.h
@@ -0,0 +1,39 @@
+#ifndef __LINUX_NETFILTER_H
+#define __LINUX_NETFILTER_H
+
+
+/* Responses from hook functions. */
+#define NF_DROP 0
+#define NF_ACCEPT 1
+#define NF_STOLEN 2
+#define NF_QUEUE 3
+#define NF_REPEAT 4
+#define NF_STOP 5
+#define NF_MAX_VERDICT NF_STOP
+
+/* we overload the higher bits for encoding auxiliary data such as the queue
+ * number. Not nice, but better than additional function arguments. */
+#define NF_VERDICT_MASK 0x0000ffff
+#define NF_VERDICT_BITS 16
+
+#define NF_VERDICT_QMASK 0xffff0000
+#define NF_VERDICT_QBITS 16
+
+#define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE)
+
+/* only for userspace compatibility */
+/* Generic cache responses from hook functions.
+   <= 0x2000 is used for protocol-flags. */
+#define NFC_UNKNOWN 0x4000
+#define NFC_ALTERED 0x8000
+
+enum nf_inet_hooks {
+	NF_INET_PRE_ROUTING,
+	NF_INET_LOCAL_IN,
+	NF_INET_FORWARD,
+	NF_INET_LOCAL_OUT,
+	NF_INET_POST_ROUTING,
+	NF_INET_NUMHOOKS,
+};
+
+#endif /*__LINUX_NETFILTER_H*/
diff --git a/include/netlink/netfilter/netfilter.h b/include/netlink/netfilter/netfilter.h
new file mode 100644
index 0000000..dd3589c
--- /dev/null
+++ b/include/netlink/netfilter/netfilter.h
@@ -0,0 +1,31 @@
+/*
+ * netlink/netfilter/netfilter.h	Netfilter generic functions
+ *
+ *	This library is free software; you can redistribute it and/or
+ *	modify it under the terms of the GNU Lesser General Public
+ *	License as published by the Free Software Foundation version 2.1
+ *	of the License.
+ *
+ * Copyright (c) 2008 Patrick McHardy <kaber@trash.net>
+ */
+
+#ifndef NETLINK_NETFILTER_H_
+#define NETLINK_NETFILTER_H_
+
+#include <netlink/netlink.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern char *			nfnl_verdict2str(unsigned int, char *, size_t);
+extern unsigned int		nfnl_str2verdict(const char *);
+
+extern char *			nfnl_inet_hook2str(unsigned int, char *, size_t);
+extern unsigned int		nfnl_str2inet_hook(const char *);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/lib/netfilter/netfilter.c b/lib/netfilter/netfilter.c
new file mode 100644
index 0000000..f88b355
--- /dev/null
+++ b/lib/netfilter/netfilter.c
@@ -0,0 +1,53 @@
+/*
+ * lib/netfilter/netfilter.c    Netfilter Generic Functions
+ *
+ *	This library is free software; you can redistribute it and/or
+ *	modify it under the terms of the GNU Lesser General Public
+ *	License as published by the Free Software Foundation version 2.1
+ *	of the License.
+ *
+ * Copyright (c) 2008 Patrick McHardy <kaber@trash.net>
+ */
+
+#include <netlink-local.h>
+#include <netlink/netfilter/netfilter.h>
+#include <linux/netfilter.h>
+
+static struct trans_tbl nfnl_verdicts[] = {
+	__ADD(NF_DROP,		NF_DROP)
+	__ADD(NF_ACCEPT,	NF_ACCEPT)
+	__ADD(NF_STOLEN,	NF_STOLEN)
+	__ADD(NF_QUEUE,		NF_QUEUE)
+	__ADD(NF_REPEAT,	NF_REPEAT)
+	__ADD(NF_STOP,		NF_STOP)
+};
+
+char *nfnl_verdict2str(unsigned int verdict, char *buf, size_t len)
+{
+	return __type2str(verdict, buf, len, nfnl_verdicts,
+			  ARRAY_SIZE(nfnl_verdicts));
+}
+
+unsigned int nfnl_str2verdict(const char *name)
+{
+	return __str2type(name, nfnl_verdicts, ARRAY_SIZE(nfnl_verdicts));
+}
+
+static struct trans_tbl nfnl_inet_hooks[] = {
+	__ADD(NF_INET_PRE_ROUTING,	NF_INET_PREROUTING)
+	__ADD(NF_INET_LOCAL_IN,		NF_INET_LOCAL_IN)
+	__ADD(NF_INET_FORWARD,		NF_INET_FORWARD)
+	__ADD(NF_INET_LOCAL_OUT,	NF_INET_LOCAL_OUT)
+	__ADD(NF_INET_POST_ROUTING,	NF_INET_POST_ROUTING)
+};
+
+char *nfnl_inet_hook2str(unsigned int hook, char *buf, size_t len)
+{
+	return __type2str(hook, buf, len, nfnl_inet_hooks,
+			  ARRAY_SIZE(nfnl_inet_hooks));
+}
+
+unsigned int nfnl_str2inet_hook(const char *name)
+{
+	return __str2type(name, nfnl_inet_hooks, ARRAY_SIZE(nfnl_inet_hooks));
+}

next prev parent reply	other threads:[~2008-01-18 16:55 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-01-18 16:55 [LIBNL 00/09]: Netfilter update + minor fixes Patrick McHardy
2008-01-18 16:55 ` [LIBNL 01/09]: Add if_vlan.h Patrick McHardy
2008-02-07 11:50   ` Thomas Graf
2008-01-18 16:55 ` [LIBNL 02/09]: Fix minor memleaks on exit Patrick McHardy
2008-02-07 11:52   ` Thomas Graf
2008-01-18 16:55 ` Patrick McHardy [this message]
2008-02-07 11:54   ` [LIBNL 03/09]: Generic netfilter stuff Thomas Graf
2008-01-18 16:55 ` [LIBNL 04/09]: Add nfnetlink_queue support Patrick McHardy
2008-02-07 12:00   ` Thomas Graf
2008-01-18 16:55 ` [LIBNL 05/09]: nfnetlink_log: only set hwproto if not zero Patrick McHardy
2008-02-07 12:01   ` Thomas Graf
2008-01-18 16:55 ` [LIBNL 06/09]: nfnetlink_log: support NUFLA_GID attribute Patrick McHardy
2008-02-07 12:03   ` Thomas Graf
2008-01-18 16:55 ` [LIBNL 07/09]: Split up nfnetlink_log into log and msg objects Patrick McHardy
2008-01-21  8:05   ` Philip Craig
2008-01-21  9:45     ` Patrick McHardy
2008-02-07 12:11   ` Thomas Graf
2008-01-18 16:55 ` [LIBNL 08/09]: Support conntrack add/delete/query requests Patrick McHardy
2008-01-21  8:39   ` Philip Craig
2008-01-21  9:46     ` Patrick McHardy
2008-01-21 10:53       ` Philip Craig
2008-01-21 10:55         ` Patrick McHardy
2008-02-07 12:14   ` Thomas Graf
2008-02-19 12:32     ` Patrick McHardy
2008-01-18 16:56 ` [LIBNL 09/09]: Install netfilter headers Patrick McHardy
2008-02-07 12:16   ` Thomas Graf

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0750ca6 dfblob:dd3589c dfblob:f88b355 )
 OR (
bs:"[LIBNL 03/09]: Generic netfilter stuff" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080118165518.13385.89054.sendpatchset@localhost.localdomain \
    --to=kaber@trash.net \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=philipc@snapgear.com \
    --cc=tgraf@suug.ch \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.