From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH libnftnl 5/7] set_elem: add NFTNL_SET_ELEM_OBJREF attribute
Date: Fri, 9 Dec 2016 14:31:57 +0100 [thread overview]
Message-ID: <1481290319-10156-5-git-send-email-pablo@netfilter.org> (raw)
In-Reply-To: <1481290319-10156-1-git-send-email-pablo@netfilter.org>
This new attribute allows us to attach stateful objects to elements for
map lookups. This new attribute identifies the object through its name.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/libnftnl/set.h | 1 +
include/set_elem.h | 1 +
src/set_elem.c | 27 +++++++++++++++++++++++++++
3 files changed, 29 insertions(+)
diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
index 0c978d916e4e..4c59ab27946f 100644
--- a/include/libnftnl/set.h
+++ b/include/libnftnl/set.h
@@ -96,6 +96,7 @@ enum {
NFTNL_SET_ELEM_EXPIRATION,
NFTNL_SET_ELEM_USERDATA,
NFTNL_SET_ELEM_EXPR,
+ NFTNL_SET_ELEM_OBJREF,
};
struct nftnl_set_elem;
diff --git a/include/set_elem.h b/include/set_elem.h
index 60cecc939016..d6244e60873a 100644
--- a/include/set_elem.h
+++ b/include/set_elem.h
@@ -12,6 +12,7 @@ struct nftnl_set_elem {
uint32_t flags;
uint64_t timeout;
uint64_t expiration;
+ const char *objref;
struct {
void *data;
uint32_t len;
diff --git a/src/set_elem.c b/src/set_elem.c
index 083c597e2f8e..fa8747641ee0 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -50,6 +50,9 @@ void nftnl_set_elem_free(struct nftnl_set_elem *s)
if (s->flags & (1 << NFTNL_SET_ELEM_USERDATA))
xfree(s->user.data);
+ if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+ xfree(s->objref);
+
xfree(s);
}
EXPORT_SYMBOL_ALIAS(nftnl_set_elem_free, nft_set_elem_free);
@@ -82,6 +85,9 @@ void nftnl_set_elem_unset(struct nftnl_set_elem *s, uint16_t attr)
case NFTNL_SET_ELEM_EXPR:
nftnl_expr_free(s->expr);
break;
+ case NFTNL_SET_ELEM_OBJREF:
+ xfree(s->objref);
+ break;
default:
return;
}
@@ -129,6 +135,14 @@ int nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr,
memcpy(s->user.data, data, data_len);
s->user.len = data_len;
break;
+ case NFTNL_SET_ELEM_OBJREF:
+ if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+ xfree(s->objref);
+
+ s->objref = strdup(data);
+ if (!s->objref)
+ return -1;
+ break;
}
s->flags |= (1 << attr);
return -1;
@@ -185,6 +199,9 @@ const void *nftnl_set_elem_get(struct nftnl_set_elem *s, uint16_t attr, uint32_t
return s->user.data;
case NFTNL_SET_ELEM_EXPR:
return s->expr;
+ case NFTNL_SET_ELEM_OBJREF:
+ *data_len = strlen(s->objref) + 1;
+ return s->objref;
}
return NULL;
}
@@ -271,6 +288,8 @@ void nftnl_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh,
}
if (e->flags & (1 << NFTNL_SET_ELEM_USERDATA))
mnl_attr_put(nlh, NFTA_SET_ELEM_USERDATA, e->user.len, e->user.data);
+ if (e->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+ mnl_attr_put_strz(nlh, NFTA_SET_ELEM_OBJREF, e->objref);
}
static void nftnl_set_elem_nlmsg_build_def(struct nlmsghdr *nlh,
@@ -423,6 +442,14 @@ static int nftnl_set_elems_parse2(struct nftnl_set *s, const struct nlattr *nest
memcpy(e->user.data, udata, e->user.len);
e->flags |= (1 << NFTNL_RULE_USERDATA);
}
+ if (tb[NFTA_SET_ELEM_OBJREF]) {
+ e->objref = strdup(mnl_attr_get_str(tb[NFTA_SET_ELEM_OBJREF]));
+ if (e->objref == NULL) {
+ ret = -1;
+ goto out_set_elem;
+ }
+ e->flags |= (1 << NFTNL_SET_ELEM_OBJREF);
+ }
/* Add this new element to this set */
list_add_tail(&e->head, &s->element_list);
--
2.1.4
next prev parent reply other threads:[~2016-12-09 13:32 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-09 13:31 [PATCH libnftnl 1/7] include: fetch stateful object updates for nf_tables.h cache copy Pablo Neira Ayuso
2016-12-09 13:31 ` [PATCH libnftnl 2/7] src: support for stateful objects Pablo Neira Ayuso
2016-12-09 13:31 ` [PATCH libnftnl 3/7] expr: add stateful object reference expression Pablo Neira Ayuso
2016-12-09 13:31 ` [PATCH libnftnl 4/7] set: add NFTNL_SET_OBJ_TYPE attribute Pablo Neira Ayuso
2016-12-09 13:31 ` Pablo Neira Ayuso [this message]
2016-12-09 13:31 ` [PATCH libnftnl 6/7] expr: objref: add support for stateful object maps Pablo Neira Ayuso
2016-12-09 13:31 ` [PATCH libnftnl 7/7] quota: support for consumed bytes Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1481290319-10156-5-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).