Also remove nfq_errno (incomplete project, never documented).
Main change is to static function __build_send_cfg_msg(). After doing that,
I reinstated nfq_bind_pf() & nfq_unbind_pf() to do what the doc claims
rather than simply returning zero.
Signed-off-by: Duncan Roe <duncan_roe@xxxxxxxxxxxxxxx>
---
.../libnetfilter_queue/libnetfilter_queue.h | 4 +-
src/libnetfilter_queue.c | 37 ++++++++-----------
2 files changed, 17 insertions(+), 24 deletions(-)
diff --git a/include/libnetfilter_queue/libnetfilter_queue.h b/include/libnetfilter_queue/libnetfilter_queue.h
index f254984..9b54489 100644
--- a/include/libnetfilter_queue/libnetfilter_queue.h
+++ b/include/libnetfilter_queue/libnetfilter_queue.h
@@ -18,6 +18,8 @@
#include <libnetfilter_queue/linux_nfnetlink_queue.h>
+#define NFQ_BUFFSIZE 8192
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -26,8 +28,6 @@ struct nfq_handle;
struct nfq_q_handle;
struct nfq_data;
-extern int nfq_errno;
-
extern struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h);
extern int nfq_fd(struct nfq_handle *h);
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c
index ca44a6c..73969ce 100644
--- a/src/libnetfilter_queue.c
+++ b/src/libnetfilter_queue.c
@@ -166,8 +166,6 @@ struct nfq_data {
struct nfattr **data;
};
-EXPORT_SYMBOL int nfq_errno;
-
/***********************************************************************
* low level stuff
***********************************************************************/
@@ -210,22 +208,20 @@ static struct nfq_q_handle *find_qh(struct nfq_handle *h, uint16_t id)
__build_send_cfg_msg(struct nfq_handle *h, uint8_t command,
uint16_t queuenum, uint16_t pf)
{
- union {
- char buf[NFNL_HEADER_LEN
- +NFA_LENGTH(sizeof(struct nfqnl_msg_config_cmd))];
- struct nlmsghdr nmh;
- } u;
- struct nfqnl_msg_config_cmd cmd;
+ char buf[NFQ_BUFFSIZE];
+ struct nlmsghdr *nlh;
+ int ret;
- nfnl_fill_hdr(h->nfnlssh, &u.nmh, 0, AF_UNSPEC, queuenum,
- NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK);
+ nlh = nfq_nlmsg_put2(buf, NFQNL_MSG_CONFIG, queuenum, NLM_F_ACK);
- cmd._pad = 0;
- cmd.command = command;
- cmd.pf = htons(pf);
- nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_CMD, &cmd, sizeof(cmd));
+ nfq_nlmsg_cfg_put_cmd(nlh, AF_UNSPEC, command);
- return nfnl_query(h->nfnlh, &u.nmh);
+ ret = mnl_socket_sendto(h->nl, nlh, nlh->nlmsg_len);
+ if (ret != -1)
+ ret = mnl_socket_recvfrom(h->nl, buf, sizeof(buf));
+ if (ret != -1)
+ ret = mnl_cb_run(buf, ret, 0, h->portid, NULL, NULL);
+ return ret;
}
static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[],
@@ -453,15 +449,13 @@ struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh)
h->nfnlssh = nfnl_subsys_open(h->nfnlh, NFNL_SUBSYS_QUEUE,
NFQNL_MSG_MAX, 0);
- if (!h->nfnlssh) {
- /* FIXME: nfq_errno */
+ if (!h->nfnlssh)
goto out_free;
- }
+// THIS IS nfq_open_nfnl() - ENTIRE FUNCTION WILL BE REMOVED EVENTUALLY
pkt_cb.data = h;
err = nfnl_callback_register(h->nfnlssh, NFQNL_MSG_PACKET, &pkt_cb);
if (err < 0) {
- nfq_errno = err;
goto out_close;
}
@@ -523,7 +517,7 @@ int nfq_close(struct nfq_handle *h)
EXPORT_SYMBOL
int nfq_bind_pf(struct nfq_handle *h, uint16_t pf)
{
- return 0;
+ return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_BIND, 0, pf);
}
/**
@@ -539,7 +533,7 @@ int nfq_bind_pf(struct nfq_handle *h, uint16_t pf)
EXPORT_SYMBOL
int nfq_unbind_pf(struct nfq_handle *h, uint16_t pf)
{
- return 0;
+ return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_UNBIND, 0, pf);
}
@@ -606,7 +600,6 @@ struct nfq_q_handle *nfq_create_queue(struct nfq_handle *h, uint16_t num,
ret = __build_send_cfg_msg(h, NFQNL_CFG_CMD_BIND, num, 0);
if (ret < 0) {
- nfq_errno = ret;
free(qh);
return NULL;
}
--
2.35.8
