diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/conntrack.c | 59 | 
1 files changed, 37 insertions, 22 deletions
| diff --git a/src/conntrack.c b/src/conntrack.c index dd129c9..51ea472 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -193,12 +193,16 @@ enum ct_options {  	CT_OPT_ANY_NAT_BIT	= 22,  	CT_OPT_ANY_NAT		= (1 << CT_OPT_ANY_NAT_BIT), + +	CT_OPT_ZONE_BIT		= 23, +	CT_OPT_ZONE		= (1 << CT_OPT_ZONE_BIT),  };  /* If you add a new option, you have to update NUMBER_OF_OPT in conntrack.h */  /* Update this mask to allow to filter based on new options. */ -#define CT_COMPARISON (CT_OPT_PROTO | CT_OPT_ORIG | CT_OPT_REPL | CT_OPT_MARK |\ -		       CT_OPT_SECMARK |  CT_OPT_STATUS | CT_OPT_ID) +#define CT_COMPARISON (CT_OPT_PROTO | CT_OPT_ORIG | CT_OPT_REPL | \ +		       CT_OPT_MARK | CT_OPT_SECMARK |  CT_OPT_STATUS | \ +		       CT_OPT_ID | CT_OPT_ZONE)  static const char *optflags[NUMBER_OF_OPT] = {  	[CT_OPT_ORIG_SRC_BIT] 	= "src", @@ -224,6 +228,7 @@ static const char *optflags[NUMBER_OF_OPT] = {  	[CT_OPT_SECMARK_BIT]	= "secmark",  	[CT_OPT_BUFFERSIZE_BIT]	= "buffer-size",  	[CT_OPT_ANY_NAT_BIT]	= "any-nat", +	[CT_OPT_ZONE_BIT]	= "zone",  };  static struct option original_opts[] = { @@ -263,12 +268,13 @@ static struct option original_opts[] = {  	{"output", 1, 0, 'o'},  	{"buffer-size", 1, 0, 'b'},  	{"any-nat", 2, 0, 'j'}, +	{"zone", 1, 0, 'w'},  	{0, 0, 0, 0}  };  static const char *getopt_str = "L::I::U::D::G::E::F::hVs:d:r:q:"  				"p:t:u:e:a:z[:]:{:}:m:i:f:o:n::" -				"g::c:b:C::Sj::"; +				"g::c:b:C::Sj::w:";  /* Table of legal combinations of commands and options.  If any of the   * given commands make an option legal, that option is legal (applies to @@ -283,25 +289,25 @@ static const char *getopt_str = "L::I::U::D::G::E::F::hVs:d:r:q:"  static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =  /* Well, it's better than "Re: Linux vs FreeBSD" */  { -          /*   s d r q p t u z e [ ] { } a m i f n g o c b j*/ -/*CT_LIST*/   {2,2,2,2,2,0,2,2,0,0,0,0,0,0,2,0,2,2,2,2,2,0,2}, -/*CT_CREATE*/ {3,3,3,3,1,1,2,0,0,0,0,0,0,2,2,0,0,2,2,0,0,0,0}, -/*CT_UPDATE*/ {2,2,2,2,2,2,2,0,0,0,0,0,0,0,2,2,2,2,2,2,0,0,0}, -/*CT_DELETE*/ {2,2,2,2,2,2,2,0,0,0,0,0,0,0,2,2,2,2,2,2,0,0,0}, -/*CT_GET*/    {3,3,3,3,1,0,0,0,0,0,0,0,0,0,0,2,0,0,0,2,0,0,0}, -/*CT_FLUSH*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*CT_EVENT*/  {2,2,2,2,2,0,0,0,2,0,0,0,0,0,2,0,0,2,2,2,2,2,2}, -/*VERSION*/   {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*HELP*/      {0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*EXP_LIST*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0}, -/*EXP_CREATE*/{1,1,2,2,1,1,2,0,0,1,1,1,1,0,0,0,0,0,0,0,0,0,0}, -/*EXP_DELETE*/{1,1,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*EXP_GET*/   {1,1,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*EXP_FLUSH*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*EXP_EVENT*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*CT_COUNT*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*EXP_COUNT*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, -/*X_STATS*/   {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +          /*   s d r q p t u z e [ ] { } a m i f n g o c b j w*/ +/*CT_LIST*/   {2,2,2,2,2,0,2,2,0,0,0,0,0,0,2,0,2,2,2,2,2,0,2,2}, +/*CT_CREATE*/ {3,3,3,3,1,1,2,0,0,0,0,0,0,2,2,0,0,2,2,0,0,0,0,2}, +/*CT_UPDATE*/ {2,2,2,2,2,2,2,0,0,0,0,0,0,0,2,2,2,2,2,2,0,0,0,0}, +/*CT_DELETE*/ {2,2,2,2,2,2,2,0,0,0,0,0,0,0,2,2,2,2,2,2,0,0,0,2}, +/*CT_GET*/    {3,3,3,3,1,0,0,0,0,0,0,0,0,0,0,2,0,0,0,2,0,0,0,0}, +/*CT_FLUSH*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*CT_EVENT*/  {2,2,2,2,2,0,0,0,2,0,0,0,0,0,2,0,0,2,2,2,2,2,2,2}, +/*VERSION*/   {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*HELP*/      {0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_LIST*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0}, +/*EXP_CREATE*/{1,1,2,2,1,1,2,0,0,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_DELETE*/{1,1,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_GET*/   {1,1,2,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_FLUSH*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_EVENT*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*CT_COUNT*/  {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*EXP_COUNT*/ {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}, +/*X_STATS*/   {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0},  };  static const int cmd2type[][2] = { @@ -331,6 +337,7 @@ static const int opt2type[] = {  	['c']	= CT_OPT_SECMARK,  	['i']	= CT_OPT_ID,  	['j']	= CT_OPT_ANY_NAT, +	['w']	= CT_OPT_ZONE,  };  static const int opt2family_attr[][2] = { @@ -352,6 +359,7 @@ static const int opt2attr[] = {  	['m']	= ATTR_MARK,  	['c']	= ATTR_SECMARK,  	['i']	= ATTR_ID, +	['w']	= ATTR_ZONE,  };  static char exit_msg[NUMBER_OF_CMD][64] = { @@ -408,6 +416,7 @@ static const char usage_parameters[] =  	"  -f, --family proto\t\tLayer 3 Protocol, eg. 'ipv6'\n"  	"  -t, --timeout timeout\t\tSet timeout\n"  	"  -u, --status status\t\tSet status, eg. ASSURED\n" +	"  -w, --zone value\t\tSet conntrack zone\n"  	"  -b, --buffer-size\t\tNetlink socket buffer size\n"  	; @@ -1429,6 +1438,12 @@ int main(int argc, char *argv[])  			nat_parse(tmp, obj, opt2type[c]);  			break;  		} +		case 'w': +			options |= opt2type[c]; +			nfct_set_attr_u16(obj, +					  opt2attr[c], +					  strtoul(optarg, NULL, 0)); +			break;  		case 'i':  		case 'm':  		case 'c': | 
