[PATCH libnetfilter_queue v3 00/15] Convert libnetfilter_queue to not need libnfnetlink

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The general method is to make the opaque struct nfq_handle contain fully
populated libnfnetlink-style and libmnl-style handles.
Patch 1 (nfq_open()) and patch 2 (nfq_open_nfnl()) sets this up.
Patch 3 (nfq_close()) cleans it away.
Patches 3-10 convert the other nfq_* functions that used to use
  libnfnetlink, except for the nfq_get_*_name functions that need nlif.
Patches 11-13 provide all the nlif_* functions that libnfnetlink used to
  offer, converted to use libmnl.
Patch 14 removes all use of and reference to header files provided by
  libnfnetlink. It provides prototypes as required.
Patch 15 removes libnfnetlink as a private library.

There is a tester for this patchset at
https://github.com/duncan-roe/nfqnltester
Some of the tests require checking out different branches,
e.g. for testing the effect of loading libraries in a diffrernt order.
There is more info in the README. In particular I checked that nlif still
works with -lnfnetlink coming first
(app will use libnfnetlink's functions).

The nlif functions sit a little uneasily in libnetfilter_queue.
ulogd2 and conntrack-tools both use them so perhaps they would
be better placed in libmnl.
---
 Changes in v3:
 - Remove new kernel header includes as promised in
   https://www.spinics.net/lists/netfilter-devel/msg87916.html
   (The status of the v2 series changed to "Changes Requested":
    I'm guessing that was because of that promise).
 - Remove more libnfnetlink references
 - Rebase on master commit f05b188

 Changes in v2:
 - 11/32 (Fix checkpatch whitespace and block comment warnings) is
   subsumed into previous patches
 - 22/32 becomes 14
 - 21/32 becomes 15
 - 12/32 & 17/32 become 11, but rtnl.c is not copied
 - 14/32 & 16/32 become 12
 - 19/32 & (some of) 32/32 become 13
 - The only changes to linux_list.h are to fix or suppress checkpatch errors.
   There is no attempt to document the circular linked list functions
   and macros, so no changes to build_man.sh. That is how the rest of the
   patches disappear.
 - Other changes are documented in the individual patches

Duncan Roe (15):
  src: Convert nfq_open() to use libmnl
  src: Convert nfq_open_nfnl() to use libmnl
  src: Convert nfq_close() to use libmnl
  src: Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() to
    use libmnl
  src: Convert nfq_set_queue_flags(), nfq_set_queue_maxlen() &
    nfq_set_mode() to use libmnl
  src: Convert nfq_handle_packet(), nfq_get_secctx(), nfq_get_payload()
    and all the nfq_get_ functions to use libmnl
  src: Convert nfq_set_verdict() and nfq_set_verdict2() to use libmnl if
    there is no data
  src: Incorporate nfnl_rcvbufsiz() in libnetfilter_queue
  src: Convert nfq_fd() to use libmnl
  src: Convert remaining nfq_* functions to use libmnl
  src: Copy nlif-related files from libnfnetlink
  doc: Add iftable.c to the doxygen system
  src: Convert all nlif_* functions to use libmnl
  include: Use libmnl.h instead of libnfnetlink.h
  build: Remove libnfnetlink from the build

 Make_global.am                                |   2 +-
 configure.ac                                  |   1 -
 doxygen/Makefile.am                           |   1 +
 doxygen/doxygen.cfg.in                        |   6 +
 .../libnetfilter_queue/libnetfilter_queue.h   |  38 +-
 include/libnetfilter_queue/linux_list.h       | 730 ++++++++++++++++++
 .../linux_nfnetlink_queue.h                   |   3 +-
 libnetfilter_queue.pc.in                      |   2 -
 src/Makefile.am                               |   3 +-
 src/iftable.c                                 | 373 +++++++++
 src/libnetfilter_queue.c                      | 543 ++++++++-----
 11 files changed, 1512 insertions(+), 190 deletions(-)
 create mode 100644 include/libnetfilter_queue/linux_list.h
 create mode 100644 src/iftable.c

-- 
2.35.8





[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux