[PATCH 1/2] conntrack: -L/-D both ipv4/6 if no family is given

Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxxxxxxxx> · Tue, 29 Sep 2020 13:20:16 +0200

Starting commit 2bcbae4c14b253176d7570e6f6acc56e521ceb5e
conntrack -L as well as conntrack -D list/delete
IPv4 entries only if no family is specified.

Restore original behavior to list/delete both IPv4 and IPv6
entries if no family is specified.

Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxxxxxxxx>
---
 src/conntrack.c | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index a11958b..3f5eb37 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1578,6 +1578,11 @@ nfct_filter_network_direction(const struct nf_conntrack *ct, enum ct_direction d
 	enum nf_conntrack_attr attr;
 	struct ct_network *net = &dir2network[dir];
 
+	if (family == AF_UNSPEC) {
+		exit_error(OTHER_PROBLEM,
+			   "Internal Error: unspecified Family!");
+	}
+
 	if (nfct_get_attr_u8(ct, ATTR_ORIG_L3PROTO) != family)
 		return 1;
 
@@ -2433,6 +2438,10 @@ nfct_filter_init(const int family)
 {
 	filter_family = family;
 	if (options & CT_OPT_MASK_SRC) {
+		if (family == AF_UNSPEC) {
+			exit_error(OTHER_PROBLEM,
+				   "Internal Error: unspecified Family!");
+		}
 		if (!(options & CT_OPT_ORIG_SRC))
 			exit_error(PARAMETER_PROBLEM,
 			           "Can't use --mask-src without --src");
@@ -2440,6 +2449,10 @@ nfct_filter_init(const int family)
 	}
 
 	if (options & CT_OPT_MASK_DST) {
+		if (family == AF_UNSPEC) {
+			exit_error(OTHER_PROBLEM,
+				   "Internal Error: unspecified Family!");
+		}
 		if (!(options & CT_OPT_ORIG_DST))
 			exit_error(PARAMETER_PROBLEM,
 			           "Can't use --mask-dst without --dst");
@@ -2894,7 +2907,9 @@ parse_opts:
 	}
 
 	/* default family */
-	if (family == AF_UNSPEC)
+	if (family == AF_UNSPEC
+			&& command != CT_LIST
+			&& command != CT_DELETE)
 		family = AF_INET;
 
 	/* we cannot check this combination with generic_opt_check. */
@@ -2993,9 +3008,12 @@ parse_opts:
 						  NFCT_FILTER_DUMP_MARK,
 						  &tmpl.filter_mark_kernel);
 		}
-		nfct_filter_dump_set_attr_u8(filter_dump,
-					     NFCT_FILTER_DUMP_L3NUM,
-					     family);
+
+		if (family != AF_UNSPEC) {
+			nfct_filter_dump_set_attr_u8(filter_dump,
+						     NFCT_FILTER_DUMP_L3NUM,
+						     family);
+		}
 
 		if (options & CT_OPT_ZERO)
 			res = nfct_query(cth, NFCT_Q_DUMP_FILTER_RESET,
@@ -3104,9 +3122,12 @@ parse_opts:
 						  NFCT_FILTER_DUMP_MARK,
 						  &tmpl.filter_mark_kernel);
 		}
-		nfct_filter_dump_set_attr_u8(filter_dump,
-					     NFCT_FILTER_DUMP_L3NUM,
-					     family);
+
+		if (family != AF_UNSPEC) {
+			nfct_filter_dump_set_attr_u8(filter_dump,
+							 NFCT_FILTER_DUMP_L3NUM,
+							 family);
+		}
 
 		res = nfct_query(cth, NFCT_Q_DUMP_FILTER, filter_dump);
 
-- 
2.25.1







