Signed-off-by: Jose M. Guisado Gomez <guigom@xxxxxxxxxx>
---
include/libnftnl/table.h | 1 +
include/libnftnl/udata.h | 6 ++++++
include/linux/netfilter/nf_tables.h | 1 +
src/table.c | 33 +++++++++++++++++++++++++++++
4 files changed, 41 insertions(+)
diff --git a/include/libnftnl/table.h b/include/libnftnl/table.h
index 5faec81..a37fba2 100644
--- a/include/libnftnl/table.h
+++ b/include/libnftnl/table.h
@@ -23,6 +23,7 @@ enum nftnl_table_attr {
NFTNL_TABLE_FLAGS,
NFTNL_TABLE_USE,
NFTNL_TABLE_HANDLE,
+ NFTNL_TABLE_USERDATA,
__NFTNL_TABLE_MAX
};
#define NFTNL_TABLE_MAX (__NFTNL_TABLE_MAX - 1)
diff --git a/include/libnftnl/udata.h b/include/libnftnl/udata.h
index efa3f76..ba6b3ab 100644
--- a/include/libnftnl/udata.h
+++ b/include/libnftnl/udata.h
@@ -9,6 +9,12 @@
extern "C" {
#endif
+enum nftnl_udata_table_types {
+ NFTNL_UDATA_TABLE_COMMENT,
+ __NFTNL_UDATA_TABLE_MAX
+};
+#define NFTNL_UDATA_TABLE_MAX (__NFTNL_UDATA_TABLE_MAX - 1)
+
enum nftnl_udata_rule_types {
NFTNL_UDATA_RULE_COMMENT,
NFTNL_UDATA_RULE_EBTABLES_POLICY,
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index d9b0daa..d508154 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -180,6 +180,7 @@ enum nft_table_attributes {
NFTA_TABLE_USE,
NFTA_TABLE_HANDLE,
NFTA_TABLE_PAD,
+ NFTA_TABLE_USERDATA,
__NFTA_TABLE_MAX
};
#define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1)
diff --git a/src/table.c b/src/table.c
index 94d522b..731c818 100644
--- a/src/table.c
+++ b/src/table.c
@@ -34,6 +34,10 @@ struct nftnl_table {
uint64_t handle;
uint32_t use;
uint32_t flags;
+ struct {
+ void *data;
+ uint32_t len;
+ } user;
};
EXPORT_SYMBOL(nftnl_table_alloc);
@@ -47,6 +51,8 @@ void nftnl_table_free(const struct nftnl_table *t)
{
if (t->flags & (1 << NFTNL_TABLE_NAME))
xfree(t->name);
+ if (t->flags & (1 << NFTNL_TABLE_USERDATA))
+ xfree(t->user.data);
xfree(t);
}
@@ -111,6 +117,16 @@ int nftnl_table_set_data(struct nftnl_table *t, uint16_t attr,
case NFTNL_TABLE_USE:
memcpy(&t->use, data, sizeof(t->use));
break;
+ case NFTNL_TABLE_USERDATA:
+ if (t->flags & (1 << NFTNL_TABLE_USERDATA))
+ xfree(t->user.data);
+
+ t->user.data = malloc(data_len);
+ if (!t->user.data)
+ return -1;
+ memcpy(t->user.data, data, data_len);
+ t->user.len = data_len;
+ break;
}
t->flags |= (1 << attr);
return 0;
@@ -169,6 +185,9 @@ const void *nftnl_table_get_data(const struct nftnl_table *t, uint16_t attr,
case NFTNL_TABLE_USE:
*data_len = sizeof(uint32_t);
return &t->use;
+ case NFTNL_TABLE_USERDATA:
+ *data_len = t->user.len;
+ return t->user.data;
}
return NULL;
}
@@ -216,6 +235,8 @@ void nftnl_table_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nftnl_ta
mnl_attr_put_u64(nlh, NFTA_TABLE_HANDLE, htobe64(t->handle));
if (t->flags & (1 << NFTNL_TABLE_FLAGS))
mnl_attr_put_u32(nlh, NFTA_TABLE_FLAGS, htonl(t->table_flags));
+ if (t->flags & (1 << NFTNL_TABLE_USERDATA))
+ mnl_attr_put(nlh, NFTA_TABLE_USERDATA, t->user.len, t->user.data);
}
static int nftnl_table_parse_attr_cb(const struct nlattr *attr, void *data)
@@ -240,6 +261,10 @@ static int nftnl_table_parse_attr_cb(const struct nlattr *attr, void *data)
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
abi_breakage();
break;
+ case NFTA_TABLE_USERDATA:
+ if (mnl_attr_validate(attr, MNL_TYPE_BINARY) < 0)
+ abi_breakage();
+ break;
}
tb[type] = attr;
@@ -251,6 +276,7 @@ int nftnl_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_table *t)
{
struct nlattr *tb[NFTA_TABLE_MAX+1] = {};
struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh);
+ int ret;
if (mnl_attr_parse(nlh, sizeof(*nfg), nftnl_table_parse_attr_cb, tb) < 0)
return -1;
@@ -275,6 +301,13 @@ int nftnl_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_table *t)
t->handle = be64toh(mnl_attr_get_u64(tb[NFTA_TABLE_HANDLE]));
t->flags |= (1 << NFTNL_TABLE_HANDLE);
}
+ if (tb[NFTA_TABLE_USERDATA]) {
+ ret = nftnl_table_set_data(t, NFTNL_TABLE_USERDATA,
+ mnl_attr_get_payload(tb[NFTA_TABLE_USERDATA]),
+ mnl_attr_get_payload_len(tb[NFTA_TABLE_USERDATA]));
+ if (ret < 0)
+ return ret;
+ }
t->family = nfg->nfgen_family;
t->flags |= (1 << NFTNL_TABLE_FAMILY);
--
2.27.0
