This new attribute allows us to attach stateful objects to elements for map lookups. This new attribute identifies the object through its name.
Signed-off-by: Pablo Neira Ayuso <[email protected]> --- include/libnftnl/set.h | 1 + include/set_elem.h | 1 + src/set_elem.c | 27 +++++++++++++++++++++++++++ 3 files changed, 29 insertions(+) diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h index 0c978d916e4e..4c59ab27946f 100644 --- a/include/libnftnl/set.h +++ b/include/libnftnl/set.h @@ -96,6 +96,7 @@ enum { NFTNL_SET_ELEM_EXPIRATION, NFTNL_SET_ELEM_USERDATA, NFTNL_SET_ELEM_EXPR, + NFTNL_SET_ELEM_OBJREF, }; struct nftnl_set_elem; diff --git a/include/set_elem.h b/include/set_elem.h index 60cecc939016..d6244e60873a 100644 --- a/include/set_elem.h +++ b/include/set_elem.h @@ -12,6 +12,7 @@ struct nftnl_set_elem { uint32_t flags; uint64_t timeout; uint64_t expiration; + const char *objref; struct { void *data; uint32_t len; diff --git a/src/set_elem.c b/src/set_elem.c index 083c597e2f8e..fa8747641ee0 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -50,6 +50,9 @@ void nftnl_set_elem_free(struct nftnl_set_elem *s) if (s->flags & (1 << NFTNL_SET_ELEM_USERDATA)) xfree(s->user.data); + if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF)) + xfree(s->objref); + xfree(s); } EXPORT_SYMBOL_ALIAS(nftnl_set_elem_free, nft_set_elem_free); @@ -82,6 +85,9 @@ void nftnl_set_elem_unset(struct nftnl_set_elem *s, uint16_t attr) case NFTNL_SET_ELEM_EXPR: nftnl_expr_free(s->expr); break; + case NFTNL_SET_ELEM_OBJREF: + xfree(s->objref); + break; default: return; } @@ -129,6 +135,14 @@ int nftnl_set_elem_set(struct nftnl_set_elem *s, uint16_t attr, memcpy(s->user.data, data, data_len); s->user.len = data_len; break; + case NFTNL_SET_ELEM_OBJREF: + if (s->flags & (1 << NFTNL_SET_ELEM_OBJREF)) + xfree(s->objref); + + s->objref = strdup(data); + if (!s->objref) + return -1; + break; } s->flags |= (1 << attr); return -1; @@ -185,6 +199,9 @@ const void *nftnl_set_elem_get(struct nftnl_set_elem *s, uint16_t attr, uint32_t return s->user.data; case NFTNL_SET_ELEM_EXPR: return s->expr; + case NFTNL_SET_ELEM_OBJREF: + *data_len = strlen(s->objref) + 1; + return s->objref; } return NULL; } @@ -271,6 +288,8 @@ void nftnl_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh, } if (e->flags & (1 << NFTNL_SET_ELEM_USERDATA)) mnl_attr_put(nlh, NFTA_SET_ELEM_USERDATA, e->user.len, e->user.data); + if (e->flags & (1 << NFTNL_SET_ELEM_OBJREF)) + mnl_attr_put_strz(nlh, NFTA_SET_ELEM_OBJREF, e->objref); } static void nftnl_set_elem_nlmsg_build_def(struct nlmsghdr *nlh, @@ -423,6 +442,14 @@ static int nftnl_set_elems_parse2(struct nftnl_set *s, const struct nlattr *nest memcpy(e->user.data, udata, e->user.len); e->flags |= (1 << NFTNL_RULE_USERDATA); } + if (tb[NFTA_SET_ELEM_OBJREF]) { + e->objref = strdup(mnl_attr_get_str(tb[NFTA_SET_ELEM_OBJREF])); + if (e->objref == NULL) { + ret = -1; + goto out_set_elem; + } + e->flags |= (1 << NFTNL_SET_ELEM_OBJREF); + } /* Add this new element to this set */ list_add_tail(&e->head, &s->element_list); -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
