diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-06-12 18:35:11 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2009-06-12 18:35:11 +0200 |
| commit | d9c0564db6b3f3ecb196508458a91b03d45fadb2 (patch) | |
| tree | 327dec2eab601abe26522c267bdff23b1605dfc5 /src/build.c | |
| parent | 8fc9066ee62d17cdb76bc064c945da3bb0d2e2a3 (diff) | |
| download | conntrack-tools-d9c0564db6b3f3ecb196508458a91b03d45fadb2.tar.gz conntrack-tools-d9c0564db6b3f3ecb196508458a91b03d45fadb2.zip | |
build: use TLV format for SCTP/DCCP protocol information
In 400ae54438c4b85126f9fab0ae1dc067823b70f7, we added the SCTP
support by means of a structure that was encapsulated in an
TLV attribute. However, this structure didn't handle alignment
and endianess issues appropriately. Similar problem was
introduced in b808645ec71b7cc22cf5106b3d79625d07e6077c along
with the DCCP support.
This patch moves every field of this structure to independent
attributes. I decided not to use nesting to make building and
parsing more simple.
Using TLV is a good idea, specially for DCCP and SCTP that are
under development and that may include new fields and obsolete
them in the future.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/build.c')
| -rw-r--r-- | src/build.c | 35 |
1 files changed, 9 insertions, 26 deletions
diff --git a/src/build.c b/src/build.c index b2eeeee..92760f2 100644 --- a/src/build.c +++ b/src/build.c @@ -92,27 +92,6 @@ __build_natseqadj(const struct nf_conntrack *ct, struct nethdr *n) addattr(n, NTA_NAT_SEQ_ADJ, &data, sizeof(struct nta_attr_natseqadj)); } -static inline void -__build_sctp(const struct nf_conntrack *ct, struct nethdr *n) -{ - struct nta_attr_sctp data = { - .state = nfct_get_attr_u8(ct, ATTR_SCTP_STATE), - .vtag_orig = htonl(nfct_get_attr_u32(ct, ATTR_SCTP_VTAG_ORIG)), - .vtag_repl = htonl(nfct_get_attr_u32(ct, ATTR_SCTP_VTAG_REPL)), - }; - addattr(n, NTA_STATE_SCTP, &data, sizeof(struct nta_attr_sctp)); -} - -static inline void -__build_dccp(const struct nf_conntrack *ct, struct nethdr *n) -{ - struct nta_attr_dccp data = { - .state = nfct_get_attr_u8(ct, ATTR_DCCP_STATE), - .role = nfct_get_attr_u8(ct, ATTR_DCCP_ROLE), - }; - addattr(n, NTA_STATE_DCCP, &data, sizeof(struct nta_attr_dccp)); -} - static enum nf_conntrack_attr nat_type[] = { ATTR_ORIG_NAT_SEQ_CORRECTION_POS, ATTR_ORIG_NAT_SEQ_OFFSET_BEFORE, ATTR_ORIG_NAT_SEQ_OFFSET_AFTER, ATTR_REPL_NAT_SEQ_CORRECTION_POS, @@ -138,11 +117,15 @@ void build_payload(const struct nf_conntrack *ct, struct nethdr *n) __build_u32(ct, ATTR_STATUS, n, NTA_STATUS); if (nfct_attr_is_set(ct, ATTR_TCP_STATE)) - __build_u8(ct, ATTR_TCP_STATE, n, NTA_STATE_TCP); - else if (nfct_attr_is_set(ct, ATTR_SCTP_STATE)) - __build_sctp(ct, n); - else if (nfct_attr_is_set(ct, ATTR_DCCP_STATE)) - __build_dccp(ct, n); + __build_u8(ct, ATTR_TCP_STATE, n, NTA_TCP_STATE); + else if (nfct_attr_is_set(ct, ATTR_SCTP_STATE)) { + __build_u8(ct, ATTR_SCTP_STATE, n, NTA_SCTP_STATE); + __build_u32(ct, ATTR_SCTP_VTAG_ORIG, n, NTA_SCTP_VTAG_ORIG); + __build_u32(ct, ATTR_SCTP_VTAG_REPL, n, NTA_SCTP_VTAG_REPL); + } else if (nfct_attr_is_set(ct, ATTR_DCCP_STATE)) { + __build_u8(ct, ATTR_DCCP_STATE, n, NTA_DCCP_STATE); + __build_u8(ct, ATTR_DCCP_ROLE, n, NTA_DCCP_ROLE); + } if (!CONFIG(commit_timeout) && nfct_attr_is_set(ct, ATTR_TIMEOUT)) __build_u32(ct, ATTR_TIMEOUT, n, NTA_TIMEOUT); |