[PATCH libnftnl] chain: add NFTNL_CHAIN_FLAGS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch adds support for chain flags.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/libnftnl/chain.h |  1 +
 src/chain.c              | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/include/libnftnl/chain.h b/include/libnftnl/chain.h
index 2eb22cc4bc94..291bf22a2fdd 100644
--- a/include/libnftnl/chain.h
+++ b/include/libnftnl/chain.h
@@ -32,6 +32,7 @@ enum nftnl_chain_attr {
 	NFTNL_CHAIN_TYPE,
 	NFTNL_CHAIN_DEV,
 	NFTNL_CHAIN_DEVICES,
+	NFTNL_CHAIN_FLAGS,
 	__NFTNL_CHAIN_MAX
 };
 #define NFTNL_CHAIN_MAX (__NFTNL_CHAIN_MAX - 1)
diff --git a/src/chain.c b/src/chain.c
index c43ba2236673..5f1213013e53 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -43,6 +43,7 @@ struct nftnl_chain {
 	uint32_t	policy;
 	uint32_t	hooknum;
 	int32_t		prio;
+	uint32_t	chain_flags;
 	uint32_t	use;
 	uint64_t	packets;
 	uint64_t	bytes;
@@ -165,6 +166,7 @@ void nftnl_chain_unset(struct nftnl_chain *c, uint16_t attr)
 	case NFTNL_CHAIN_PACKETS:
 	case NFTNL_CHAIN_HANDLE:
 	case NFTNL_CHAIN_FAMILY:
+	case NFTNL_CHAIN_FLAGS:
 		break;
 	case NFTNL_CHAIN_DEV:
 		xfree(c->dev);
@@ -189,6 +191,7 @@ static uint32_t nftnl_chain_validate[NFTNL_CHAIN_MAX + 1] = {
 	[NFTNL_CHAIN_PACKETS]	= sizeof(uint64_t),
 	[NFTNL_CHAIN_HANDLE]		= sizeof(uint64_t),
 	[NFTNL_CHAIN_FAMILY]		= sizeof(uint32_t),
+	[NFTNL_CHAIN_FLAGS]		= sizeof(uint32_t),
 };
 
 EXPORT_SYMBOL(nftnl_chain_set_data);
@@ -278,6 +281,9 @@ int nftnl_chain_set_data(struct nftnl_chain *c, uint16_t attr,
 
 		c->dev_array_len = len;
 		break;
+	case NFTNL_CHAIN_FLAGS:
+		memcpy(&c->chain_flags, data, sizeof(c->chain_flags));
+		break;
 	}
 	c->flags |= (1 << attr);
 	return 0;
@@ -373,6 +379,9 @@ const void *nftnl_chain_get_data(const struct nftnl_chain *c, uint16_t attr,
 	case NFTNL_CHAIN_DEVICES:
 		*data_len = 0;
 		return &c->dev_array[0];
+	case NFTNL_CHAIN_FLAGS:
+		*data_len = sizeof(uint32_t);
+		return &c->chain_flags;
 	}
 	return NULL;
 }
@@ -491,6 +500,8 @@ void nftnl_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nftnl_ch
 		mnl_attr_put_u64(nlh, NFTA_CHAIN_HANDLE, be64toh(c->handle));
 	if (c->flags & (1 << NFTNL_CHAIN_TYPE))
 		mnl_attr_put_strz(nlh, NFTA_CHAIN_TYPE, c->type);
+	if (c->flags & (1 << NFTNL_CHAIN_FLAGS))
+		mnl_attr_put_u32(nlh, NFTA_CHAIN_FLAGS, htonl(c->chain_flags));
 }
 
 EXPORT_SYMBOL(nftnl_chain_rule_add);
@@ -545,6 +556,7 @@ static int nftnl_chain_parse_attr_cb(const struct nlattr *attr, void *data)
 		break;
 	case NFTA_CHAIN_POLICY:
 	case NFTA_CHAIN_USE:
+	case NFTA_CHAIN_FLAGS:
 		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
 			abi_breakage();
 		break;
@@ -745,6 +757,10 @@ int nftnl_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_chain *c)
 			return -1;
 		c->flags |= (1 << NFTNL_CHAIN_TYPE);
 	}
+	if (tb[NFTA_CHAIN_FLAGS]) {
+		c->chain_flags = ntohl(mnl_attr_get_u32(tb[NFTA_CHAIN_FLAGS]));
+		c->flags |= (1 << NFTNL_CHAIN_FLAGS);
+	}
 
 	c->family = nfg->nfgen_family;
 	c->flags |= (1 << NFTNL_CHAIN_FAMILY);
@@ -806,6 +822,11 @@ static int nftnl_chain_snprintf_default(char *buf, size_t size,
 			ret = snprintf(buf + offset, remain, " } ");
 			SNPRINTF_BUFFER_SIZE(ret, remain, offset);
 		}
+		if (c->flags & (1 << NFTNL_CHAIN_FLAGS)) {
+			ret = snprintf(buf + offset, remain, " flags %x",
+				       c->chain_flags);
+			SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+		}
 	}
 
 	return offset;
-- 
2.11.0




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux