[PATCH libnetfilter_conntrack] conntrack: api: use libmnl API to build the netlink headers

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH libnetfilter_conntrack] conntrack: api: use libmnl API to build the netlink headers
@ 2019-05-03 16:45 Pablo Neira Ayuso
  0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2019-05-03 16:45 UTC (permalink / raw)
  To: netfilter-devel; +Cc: kristian.evensen

Replace libnfnetlink's nfnl_fill_hdr() by more modern libmnl code.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
@Kristian: Before you keep looking at this code, git pull to refresh your
           libnetfilter_conntrack clone. This is leaving you room to bump
	   the version number.

 src/conntrack/api.c | 33 ++++++++++++++++++++++++++++-----
 src/expect/api.c    | 25 +++++++++++++++++++++++--
 2 files changed, 51 insertions(+), 7 deletions(-)

diff --git a/src/conntrack/api.c b/src/conntrack/api.c
index 3a1746e4c050..ffa5216ce8de 100644
--- a/src/conntrack/api.c
+++ b/src/conntrack/api.c
@@ -782,6 +782,24 @@ int nfct_build_conntrack(struct nfnl_subsys_handle *ssh,
 	return __build_conntrack(ssh, req, size, type, flags, ct);
 }
 
+static void nfct_fill_hdr(struct nfnlhdr *req, uint16_t type, uint16_t flags,
+			  uint8_t l3num, uint8_t version)
+{
+	char *buf = (char *)&req->nlh;
+	struct nlmsghdr *nlh;
+	struct nfgenmsg *nfh;
+
+	nlh = mnl_nlmsg_put_header(buf);
+	nlh->nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8) | type;
+	nlh->nlmsg_flags = NLM_F_REQUEST | flags;
+	nlh->nlmsg_seq = 0;
+
+	nfh = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg));
+	nfh->nfgen_family = l3num;
+	nfh->version = version;
+	nfh->res_id = 0;
+}
+
 static int
 __build_query_ct(struct nfnl_subsys_handle *ssh,
 		 const enum nf_conntrack_query qt,
@@ -810,23 +828,28 @@ __build_query_ct(struct nfnl_subsys_handle *ssh,
 		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_DELETE, NLM_F_ACK, *family,
+			      NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET, NLM_F_DUMP, *family,
+			      NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP_RESET:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_DUMP,
+			      *family, NFNETLINK_V0);
 		break;
 	case NFCT_Q_CREATE_UPDATE:
 		__build_conntrack(ssh, req, size, IPCTNL_MSG_CT_NEW, NLM_F_REQUEST|NLM_F_CREATE|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_DUMP_FILTER:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, AF_UNSPEC, 0, IPCTNL_MSG_CT_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET, NLM_F_DUMP, AF_UNSPEC,
+			      NFNETLINK_V0);
 		__build_filter_dump(req, size, data);
 		break;
 	case NFCT_Q_DUMP_FILTER_RESET:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, AF_UNSPEC, 0, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_REQUEST|NLM_F_DUMP);
+		nfct_fill_hdr(req, IPCTNL_MSG_CT_GET_CTRZERO, NLM_F_DUMP,
+			      AF_UNSPEC, NFNETLINK_V0);
 		__build_filter_dump(req, size, data);
 		break;
 	default:
diff --git a/src/expect/api.c b/src/expect/api.c
index b50a47f171c1..33099d8ed0ce 100644
--- a/src/expect/api.c
+++ b/src/expect/api.c
@@ -11,6 +11,7 @@
 #include <string.h> /* for memset */
 #include <errno.h>
 #include <assert.h>
+#include <libmnl/libmnl.h>
 
 #include "internal/internal.h"
 
@@ -515,6 +516,24 @@ int nfexp_build_expect(struct nfnl_subsys_handle *ssh,
 	return __build_expect(ssh, req, size, type, flags, exp);
 }
 
+static void nfexp_fill_hdr(struct nfnlhdr *req, uint16_t type, uint16_t flags,
+			   uint8_t l3num, uint8_t version)
+{
+	char *buf = (char *)&req->nlh;
+	struct nlmsghdr *nlh;
+	struct nfgenmsg *nfh;
+
+	nlh = mnl_nlmsg_put_header(buf);
+	nlh->nlmsg_type = (NFNL_SUBSYS_CTNETLINK_EXP << 8) | type;
+	nlh->nlmsg_flags = NLM_F_REQUEST | flags;
+	nlh->nlmsg_seq = 0;
+
+	nfh = mnl_nlmsg_put_extra_header(nlh, sizeof(struct nfgenmsg));
+	nfh->nfgen_family = l3num;
+	nfh->version = version;
+	nfh->res_id = 0;
+}
+
 static int
 __build_query_exp(struct nfnl_subsys_handle *ssh,
 		  const enum nf_conntrack_query qt,
@@ -543,10 +562,12 @@ __build_query_exp(struct nfnl_subsys_handle *ssh,
 		__build_expect(ssh, req, size, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK, data);
 		break;
 	case NFCT_Q_FLUSH:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_DELETE, NLM_F_REQUEST|NLM_F_ACK);
+		nfexp_fill_hdr(req, IPCTNL_MSG_EXP_DELETE, NLM_F_ACK, *family,
+			       NFNETLINK_V0);
 		break;
 	case NFCT_Q_DUMP:
-		nfnl_fill_hdr(ssh, &req->nlh, 0, *family, 0, IPCTNL_MSG_EXP_GET, NLM_F_REQUEST|NLM_F_DUMP);
+		nfexp_fill_hdr(req, IPCTNL_MSG_EXP_GET, NLM_F_DUMP, *family,
+			       NFNETLINK_V0);
 		break;
 	default:
 		errno = ENOTSUP;
-- 
2.11.0


^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2019-05-03 16:45 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-05-03 16:45 [PATCH libnetfilter_conntrack] conntrack: api: use libmnl API to build the netlink headers Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).