anchao commented on code in PR #12156: URL: https://github.com/apache/nuttx/pull/12156#discussion_r1567320117
########## net/netlink/netlink_netfilter.c: ########## @@ -0,0 +1,707 @@ +/**************************************************************************** + * net/netlink/netlink_netfilter.c + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. The + * ASF licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the + * License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + ****************************************************************************/ + +/**************************************************************************** + * Included Files + ****************************************************************************/ + +#include <nuttx/config.h> + +#include <assert.h> +#include <debug.h> +#include <errno.h> +#include <stddef.h> +#include <stdint.h> + +#include <netpacket/netlink.h> + +#include <nuttx/kmalloc.h> +#include <nuttx/net/net.h> +#include <nuttx/net/icmp.h> +#include <nuttx/net/ip.h> +#include <nuttx/net/netlink.h> + +#include "inet/inet.h" +#include "nat/nat.h" +#include "netlink/netlink.h" +#include "utils/utils.h" + +#ifdef CONFIG_NETLINK_NETFILTER + +/**************************************************************************** + * Private Types + ****************************************************************************/ + +struct nfnl_sendto_request_s +{ + struct nlmsghdr hdr; + struct nfgenmsg msg; +}; + +struct nfnl_info_s +{ + NETLINK_HANDLE handle; + FAR const struct nfnl_sendto_request_s *req; +}; + +struct nfnl_ipv4addr_s +{ + struct nfattr attr; + in_addr_t addr; +}; + +struct nfnl_ipv6addr_s +{ + struct nfattr attr; + net_ipv6addr_t addr; +}; + +struct nfnl_attr_u8_s +{ + struct nfattr attr; + uint8_t value; + uint8_t pad[3]; +}; + +struct nfnl_attr_u16_s +{ + struct nfattr attr; + uint16_t value; + uint16_t pad[1]; +}; + +/* Struct of a conntrack tuple + * +------+--------------+-----------------+ + * | attr | CTA_TUPLE_IP | CTA_TUPLE_PROTO | + * +------+--------------+-----------------+ + */ + +/* CTA_TUPLE_IP definitions */ + +struct conntrack_tuple_ipv4_s +{ + struct nfattr attr; + struct nfnl_ipv4addr_s src; + struct nfnl_ipv4addr_s dst; +}; + +struct conntrack_tuple_ipv6_s +{ + struct nfattr attr; + struct nfnl_ipv6addr_s src; + struct nfnl_ipv6addr_s dst; +}; + +/* CTA_TUPLE_PROTO definitions */ + +struct conntrack_tuple_tcpudp_s +{ + struct nfattr attr; + struct nfnl_attr_u8_s proto; + struct nfnl_attr_u16_s sport; + struct nfnl_attr_u16_s dport; +}; + +struct conntrack_tuple_icmp_s +{ + struct nfattr attr; + struct nfnl_attr_u8_s proto; + struct nfnl_attr_u16_s id; + struct nfnl_attr_u8_s type; + struct nfnl_attr_u8_s code; +}; + +/* Struct of a conntrack response + * +-----+-----+-----------------+----------------+ + * | hdr | msg | tuple of origin | tuple of reply | + * +-----+-----+-----------------+----------------+ + */ + +struct conntrack_recvfrom_response_s +{ + struct nlmsghdr hdr; + struct nfgenmsg msg; + uint8_t data[1]; +}; + +#define SIZEOF_CTNL_RECVFROM_RESPONSE_S(n) \ + (sizeof(struct conntrack_recvfrom_response_s) + (n) - 1) + +struct conntrack_recvfrom_rsplist_s +{ + sq_entry_t flink; + struct conntrack_recvfrom_response_s payload; +}; + +#define SIZEOF_CTNL_RECVFROM_RSPLIST_S(n) \ + (sizeof(struct conntrack_recvfrom_rsplist_s) + (n) - 1) + +/**************************************************************************** + * Private Functions + ****************************************************************************/ + +/**************************************************************************** + * Name: netlink_conntrack_tuple_size + * + * Description: + * Get the size of a CTA_TUPLE. Struct of a conntrack tuple: + * +------+--------------+-----------------+ + * | attr | CTA_TUPLE_IP | CTA_TUPLE_PROTO | + * +------+--------------+-----------------+ + * + * Input Parameters: + * domain - The domain of the tuple + * proto - The protocol of the tuple + * + * Returned Value: + * The size of the tuple. + * + ****************************************************************************/ + +static ssize_t netlink_conntrack_tuple_size(uint8_t domain, uint8_t proto) +{ + size_t size = sizeof(struct nfattr); + + switch (domain) + { + case PF_INET: + size += sizeof(struct conntrack_tuple_ipv4_s); + break; + + case PF_INET6: + size += sizeof(struct conntrack_tuple_ipv6_s); + break; + + default: + return -EINVAL; + } + + switch (proto) + { + case IPPROTO_TCP: + case IPPROTO_UDP: + size += sizeof(struct conntrack_tuple_tcpudp_s); + break; + + case IPPROTO_ICMP: + case IPPROTO_ICMP6: + size += sizeof(struct conntrack_tuple_icmp_s); + break; + + default: + return -EINVAL; + } + + return size; +} Review Comment: Yep, I lost the PROTO part. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
