From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
To: netfilter-devel@vger.kernel.org
Cc: pablo@netfilter.org
Subject: [libnftnl PATCH v3] utils: fix arp family number
Date: Mon, 20 Oct 2014 13:52:18 +0200 [thread overview]
Message-ID: <20141020115049.27980.35459.stgit@nfdev.cica.es> (raw)
NFPROTO_ARP = 3 in kernel space.
We need the same value here in userspace in order to correctly communicate
with the kernel.
The failure solved by this patch made that {XML|JSON}-parsed tables of ARP
family unable to be directly injected into kernel.
To prevent future errors, this patch changes raw and AF_* values by the mathing
NFPROTO_* couterpart as seen in linux/netfilter.h in both functions:
* nft_family2str()
* nft_str2family()
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
v2: rework+fix using the array-matching approach suggested by Pablo.
v3: constify both the pointer and the data, suggested by Jan.
Keep setting errno to EAFNOSUPPORT in nft_str2family().
src/utils.c | 43 ++++++++++++++++++++-----------------------
1 file changed, 20 insertions(+), 23 deletions(-)
diff --git a/src/utils.c b/src/utils.c
index d70fbf1..9013b68 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -20,36 +20,33 @@
#include <linux/netfilter.h>
#include <linux/netfilter/nf_tables.h>
+static const char *const nft_family_str[NFPROTO_NUMPROTO] = {
+ [NFPROTO_INET] = "inet",
+ [NFPROTO_IPV4] = "ip",
+ [NFPROTO_ARP] = "arp",
+ [NFPROTO_BRIDGE] = "bridge",
+ [NFPROTO_IPV6] = "ip6",
+};
+
const char *nft_family2str(uint32_t family)
{
- switch (family) {
- case AF_INET:
- return "ip";
- case AF_INET6:
- return "ip6";
- case 1:
- return "inet";
- case AF_BRIDGE:
- return "bridge";
- case 3: /* NFPROTO_ARP */
- return "arp";
- default:
+ if (nft_family_str[family] == NULL)
return "unknown";
- }
+
+ return nft_family_str[family];
}
int nft_str2family(const char *family)
{
- if (strcmp(family, "ip") == 0)
- return AF_INET;
- else if (strcmp(family, "ip6") == 0)
- return AF_INET6;
- else if (strcmp(family, "inet") == 0)
- return 1;
- else if (strcmp(family, "bridge") == 0)
- return AF_BRIDGE;
- else if (strcmp(family, "arp") == 0)
- return 0;
+ int i;
+
+ for (i = 0; i < NFPROTO_NUMPROTO; i++) {
+ if (nft_family_str[i] == NULL)
+ continue;
+
+ if (strcmp(nft_family_str[i], family) == 0)
+ return i;
+ }
errno = EAFNOSUPPORT;
return -1;
next reply other threads:[~2014-10-20 11:52 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-20 11:52 Arturo Borrero Gonzalez [this message]
2014-10-21 7:59 ` [libnftnl PATCH v3] utils: fix arp family number Pablo Neira Ayuso
2014-10-21 8:53 ` Arturo Borrero Gonzalez
2014-10-21 9:56 ` Pablo Neira Ayuso
2014-10-21 9:57 ` Pablo Neira Ayuso
2014-10-22 14:24 ` Arturo Borrero Gonzalez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141020115049.27980.35459.stgit@nfdev.cica.es \
--to=arturo.borrero.glez@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.