From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH 2/2] netfilter: conntrack: add support for DCCP handshake sequence to ctnetlink
Date: Wed, 27 May 2009 16:50:09 +0200 [thread overview]
Message-ID: <4A1D5321.1010006@netfilter.org> (raw)
In-Reply-To: <4A1D4A90.6030605@trash.net>
[-- Attachment #1: Type: text/plain, Size: 903 bytes --]
Patrick McHardy wrote:
> Pablo Neira Ayuso wrote:
>> --- a/net/netfilter/nf_conntrack_proto_dccp.c
>> +++ b/net/netfilter/nf_conntrack_proto_dccp.c
>> @@ -639,6 +639,8 @@ static int dccp_to_nlattr(struct sk_buff *skb,
>> struct nlattr *nla,
>> NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_STATE, ct->proto.dccp.state);
>> NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_ROLE,
>> ct->proto.dccp.role[IP_CT_DIR_ORIGINAL]);
>> + NLA_PUT_U64(skb, CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ,
>> + ct->proto.dccp.handshake_seq);
>
> This should use big endian byteorder.
dccp_hdr_seq() returns a value in host byte order, which is used to
assign the value to handshake_seq. So, we need to use cpu_to_be64() to
convert the value to network byte order as other attributes in ctnetlink
which are in network byte order, right? :)
Patch attached.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
[-- Attachment #2: ct-dccp-export-seq.patch --]
[-- Type: text/x-diff, Size: 2930 bytes --]
netfilter: conntrack: add support for DCCP handshake sequence to ctnetlink
This patch adds CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ that exposes
the u64 handshake sequence number to user-space.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/linux/netfilter/nfnetlink_conntrack.h | 1 +
include/net/netlink.h | 9 +++++++++
net/netfilter/nf_conntrack_proto_dccp.c | 7 +++++++
3 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink_conntrack.h b/include/linux/netfilter/nfnetlink_conntrack.h
index 1a865e4..ed4ef8d 100644
--- a/include/linux/netfilter/nfnetlink_conntrack.h
+++ b/include/linux/netfilter/nfnetlink_conntrack.h
@@ -101,6 +101,7 @@ enum ctattr_protoinfo_dccp {
CTA_PROTOINFO_DCCP_UNSPEC,
CTA_PROTOINFO_DCCP_STATE,
CTA_PROTOINFO_DCCP_ROLE,
+ CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ,
__CTA_PROTOINFO_DCCP_MAX,
};
#define CTA_PROTOINFO_DCCP_MAX (__CTA_PROTOINFO_DCCP_MAX - 1)
diff --git a/include/net/netlink.h b/include/net/netlink.h
index eddb502..007bdb0 100644
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -940,6 +940,15 @@ static inline u64 nla_get_u64(const struct nlattr *nla)
}
/**
+ * nla_get_be64 - return payload of __be64 attribute
+ * @nla: __be64 netlink attribute
+ */
+static inline __be64 nla_get_be64(const struct nlattr *nla)
+{
+ return *(__be64 *) nla_data(nla);
+}
+
+/**
* nla_get_flag - return payload of flag attribute
* @nla: flag netlink attribute
*/
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index aee0d6b..2952269 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -639,6 +639,8 @@ static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_STATE, ct->proto.dccp.state);
NLA_PUT_U8(skb, CTA_PROTOINFO_DCCP_ROLE,
ct->proto.dccp.role[IP_CT_DIR_ORIGINAL]);
+ NLA_PUT_BE64(skb, CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ,
+ cpu_to_be64(ct->proto.dccp.handshake_seq));
nla_nest_end(skb, nest_parms);
read_unlock_bh(&dccp_lock);
return 0;
@@ -651,6 +653,7 @@ nla_put_failure:
static const struct nla_policy dccp_nla_policy[CTA_PROTOINFO_DCCP_MAX + 1] = {
[CTA_PROTOINFO_DCCP_STATE] = { .type = NLA_U8 },
[CTA_PROTOINFO_DCCP_ROLE] = { .type = NLA_U8 },
+ [CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ] = { .type = NLA_U64 },
};
static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
@@ -683,6 +686,10 @@ static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
ct->proto.dccp.role[IP_CT_DIR_ORIGINAL] = CT_DCCP_ROLE_SERVER;
ct->proto.dccp.role[IP_CT_DIR_REPLY] = CT_DCCP_ROLE_CLIENT;
}
+ if (tb[CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ]) {
+ ct->proto.dccp.handshake_seq =
+ be64_to_cpu(nla_get_be64(tb[CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ]));
+ }
write_unlock_bh(&dccp_lock);
return 0;
}
next prev parent reply other threads:[~2009-05-27 15:28 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-27 12:53 [PATCH 0/2] A couple of netfilter fixes Pablo Neira Ayuso
2009-05-27 12:54 ` [PATCH 1/2] netfilter: nfnetlink_log: fix wrong skbuff size calculation Pablo Neira Ayuso
2009-05-27 13:50 ` Patrick McHardy
2009-05-27 12:54 ` [PATCH 2/2] netfilter: conntrack: add support for DCCP handshake sequence to ctnetlink Pablo Neira Ayuso
2009-05-27 14:13 ` Patrick McHardy
2009-05-27 14:50 ` Pablo Neira Ayuso [this message]
2009-05-27 15:51 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A1D5321.1010006@netfilter.org \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.