summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2009-04-24 12:23:03 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2009-04-24 12:23:03 +0200
commitb808645ec71b7cc22cf5106b3d79625d07e6077c (patch)
tree61c454be50eea566855ad40cbe641ba3c0b3e64b
parent7866b938a909439fa09ea7f16f8676cdac5ea532 (diff)
downloadconntrack-tools-b808645ec71b7cc22cf5106b3d79625d07e6077c.tar.gz
conntrack-tools-b808645ec71b7cc22cf5106b3d79625d07e6077c.zip
sync: add support for DCCP state replication
This patch adds initial support for DCCP state replication. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--doc/sync/alarm/conntrackd.conf1
-rw-r--r--doc/sync/ftfw/conntrackd.conf1
-rw-r--r--doc/sync/notrack/conntrackd.conf1
-rw-r--r--include/network.h5
-rw-r--r--src/build.c12
-rw-r--r--src/parse.c13
6 files changed, 33 insertions, 0 deletions
diff --git a/doc/sync/alarm/conntrackd.conf b/doc/sync/alarm/conntrackd.conf
index 4607ad1..a108569 100644
--- a/doc/sync/alarm/conntrackd.conf
+++ b/doc/sync/alarm/conntrackd.conf
@@ -324,6 +324,7 @@ General {
Protocol Accept {
TCP
SCTP
+ DCCP
}
#
diff --git a/doc/sync/ftfw/conntrackd.conf b/doc/sync/ftfw/conntrackd.conf
index 3135c6c..c1208f9 100644
--- a/doc/sync/ftfw/conntrackd.conf
+++ b/doc/sync/ftfw/conntrackd.conf
@@ -333,6 +333,7 @@ General {
Protocol Accept {
TCP
SCTP
+ DCCP
}
#
diff --git a/doc/sync/notrack/conntrackd.conf b/doc/sync/notrack/conntrackd.conf
index ff8a8a2..b528fab 100644
--- a/doc/sync/notrack/conntrackd.conf
+++ b/doc/sync/notrack/conntrackd.conf
@@ -314,6 +314,7 @@ General {
Protocol Accept {
TCP
SCTP
+ DCCP
}
#
diff --git a/include/network.h b/include/network.h
index 06c0463..2786585 100644
--- a/include/network.h
+++ b/include/network.h
@@ -213,6 +213,7 @@ enum nta_attr {
NTA_DPAT_PORT, /* uint16_t */
NTA_NAT_SEQ_ADJ = 16, /* struct nta_attr_natseqadj */
NTA_STATE_SCTP, /* struct nta_attr_sctp */
+ NTA_STATE_DCCP, /* struct nta_attr_dccp */
NTA_MAX
};
@@ -230,6 +231,10 @@ struct nta_attr_sctp {
uint32_t vtag_orig, vtag_repl;
};
+struct nta_attr_dccp {
+ uint8_t state, role;
+};
+
void build_payload(const struct nf_conntrack *ct, struct nethdr *n);
int parse_payload(struct nf_conntrack *ct, struct nethdr *n, size_t remain);
diff --git a/src/build.c b/src/build.c
index 6b0fad7..a02a912 100644
--- a/src/build.c
+++ b/src/build.c
@@ -103,6 +103,16 @@ __build_sctp(const struct nf_conntrack *ct, struct nethdr *n)
addattr(n, NTA_STATE_SCTP, &data, sizeof(struct nta_attr_sctp));
}
+static inline void
+__build_dccp(const struct nf_conntrack *ct, struct nethdr *n)
+{
+ struct nta_attr_dccp data = {
+ .state = nfct_get_attr_u8(ct, ATTR_DCCP_STATE),
+ .role = nfct_get_attr_u8(ct, ATTR_DCCP_ROLE),
+ };
+ addattr(n, NTA_STATE_DCCP, &data, sizeof(struct nta_attr_dccp));
+}
+
static enum nf_conntrack_attr nat_type[] =
{ ATTR_ORIG_NAT_SEQ_CORRECTION_POS, ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE,
ATTR_ORIG_NAT_SEQ_OFFSET_AFTER, ATTR_REPL_NAT_SEQ_CORRECTION_POS,
@@ -131,6 +141,8 @@ void build_payload(const struct nf_conntrack *ct, struct nethdr *n)
__build_u8(ct, ATTR_TCP_STATE, n, NTA_STATE_TCP);
else if (nfct_attr_is_set(ct, ATTR_SCTP_STATE))
__build_sctp(ct, n);
+ else if (nfct_attr_is_set(ct, ATTR_DCCP_STATE))
+ __build_dccp(ct, n);
if (!CONFIG(commit_timeout) && nfct_attr_is_set(ct, ATTR_TIMEOUT))
__build_u32(ct, ATTR_TIMEOUT, n, NTA_TIMEOUT);
diff --git a/src/parse.c b/src/parse.c
index d14910a..100177b 100644
--- a/src/parse.c
+++ b/src/parse.c
@@ -30,6 +30,7 @@ static void parse_u32(struct nf_conntrack *ct, int attr, void *data);
static void parse_group(struct nf_conntrack *ct, int attr, void *data);
static void parse_nat_seq_adj(struct nf_conntrack *ct, int attr, void *data);
static void parse_sctp(struct nf_conntrack *ct, int attr, void *data);
+static void parse_dccp(struct nf_conntrack *ct, int attr, void *data);
struct parser {
void (*parse)(struct nf_conntrack *ct, int attr, void *data);
@@ -126,6 +127,10 @@ static struct parser h[NTA_MAX] = {
.parse = parse_sctp,
.size = NTA_SIZE(sizeof(struct nta_attr_sctp)),
},
+ [NTA_STATE_DCCP] = {
+ .parse = parse_dccp,
+ .size = NTA_SIZE(sizeof(struct nta_attr_dccp)),
+ },
};
static void
@@ -182,6 +187,14 @@ parse_sctp(struct nf_conntrack *ct, int attr, void *data)
nfct_set_attr_u32(ct, ATTR_SCTP_VTAG_REPL, ntohl(this->vtag_repl));
}
+static void
+parse_dccp(struct nf_conntrack *ct, int attr, void *data)
+{
+ struct nta_attr_dccp *this = data;
+ nfct_set_attr_u8(ct, ATTR_DCCP_STATE, this->state);
+ nfct_set_attr_u8(ct, ATTR_DCCP_ROLE, this->role);
+}
+
int parse_payload(struct nf_conntrack *ct, struct nethdr *net, size_t remain)
{
int len;