[PATCH libnftnl 5/7] set_elem: add NFTNL_SET_ELEM_OBJREF attribute

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This new attribute allows us to attach stateful objects to elements for
map lookups. This new attribute identifies the object through its name.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/libnftnl/set.h |  1 +
 include/set_elem.h     |  1 +
 src/set_elem.c         | 27 +++++++++++++++++++++++++++
 3 files changed, 29 insertions(+)

diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
index 0c978d916e4e..4c59ab27946f 100644
--- a/include/libnftnl/set.h
+++ b/include/libnftnl/set.h
@@ -96,6 +96,7 @@ enum {
 	NFTNL_SET_ELEM_EXPIRATION,
 	NFTNL_SET_ELEM_USERDATA,
 	NFTNL_SET_ELEM_EXPR,
+	NFTNL_SET_ELEM_OBJREF,
 };
 
 struct nftnl_set_elem;
diff --git a/include/set_elem.h b/include/set_elem.h
index 60cecc939016..d6244e60873a 100644
--- a/include/set_elem.h
+++ b/include/set_elem.h
@@ -12,6 +12,7 @@ struct nftnl_set_elem {
 	uint32_t		flags;
 	uint64_t		timeout;
 	uint64_t		expiration;
+	const char		*objref;
 	struct {
 		void		*data;
 		uint32_t	len;
diff --git a/src/set_elem.c b/src/set_elem.c
index 083c597e2f8e..fa8747641ee0 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -50,6 +50,9 @@ void nftnl_set_elem_free(struct nftnl_set_elem *s)
 	if (s->flags & (1 << NFTNL_SET_ELEM_USERDATA))
 		xfree(s->user.data);
 
+	if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+		xfree(s->objref);
+
 	xfree(s);
 }
 EXPORT_SYMBOL_ALIAS(nftnl_set_elem_free, nft_set_elem_free);
@@ -82,6 +85,9 @@ void nftnl_set_elem_unset(struct nftnl_set_elem *s, uint16_t attr)
 	case NFTNL_SET_ELEM_EXPR:
 		nftnl_expr_free(s->expr);
 		break;
+	case NFTNL_SET_ELEM_OBJREF:
+		xfree(s->objref);
+		break;
 	default:
 		return;
 	}
@@ -129,6 +135,14 @@ int nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr,
 		memcpy(s->user.data, data, data_len);
 		s->user.len = data_len;
 		break;
+	case NFTNL_SET_ELEM_OBJREF:
+		if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+			xfree(s->objref);
+
+		s->objref = strdup(data);
+		if (!s->objref)
+			return -1;
+		break;
 	}
 	s->flags |= (1 << attr);
 	return -1;
@@ -185,6 +199,9 @@ const void *nftnl_set_elem_get(struct nftnl_set_elem *s, uint16_t attr, uint32_t
 		return s->user.data;
 	case NFTNL_SET_ELEM_EXPR:
 		return s->expr;
+	case NFTNL_SET_ELEM_OBJREF:
+		*data_len = strlen(s->objref) + 1;
+		return s->objref;
 	}
 	return NULL;
 }
@@ -271,6 +288,8 @@ void nftnl_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh,
 	}
 	if (e->flags & (1 << NFTNL_SET_ELEM_USERDATA))
 		mnl_attr_put(nlh, NFTA_SET_ELEM_USERDATA, e->user.len, e->user.data);
+	if (e->flags & (1 << NFTNL_SET_ELEM_OBJREF))
+		mnl_attr_put_strz(nlh, NFTA_SET_ELEM_OBJREF, e->objref);
 }
 
 static void nftnl_set_elem_nlmsg_build_def(struct nlmsghdr *nlh,
@@ -423,6 +442,14 @@ static int nftnl_set_elems_parse2(struct nftnl_set *s, const struct nlattr *nest
 		memcpy(e->user.data, udata, e->user.len);
 		e->flags |= (1 << NFTNL_RULE_USERDATA);
 	}
+	if (tb[NFTA_SET_ELEM_OBJREF]) {
+		e->objref = strdup(mnl_attr_get_str(tb[NFTA_SET_ELEM_OBJREF]));
+		if (e->objref == NULL) {
+			ret = -1;
+			goto out_set_elem;
+		}
+		e->flags |= (1 << NFTNL_SET_ELEM_OBJREF);
+	}
 
 	/* Add this new element to this set */
 	list_add_tail(&e->head, &s->element_list);
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux