| Age | Commit message (Collapse) | Author |
|---|
|
|
|
I have decided to release the examples in this library in the public
domain. Jan Engelhardt, who has been the sole contributor so far, has
agreed with this re-licensing by communication via e-mail.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
The usage text already specified [family] as optional, now implement it :-)
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
Running `genl-family-get VFS_DQUOT` forgets to print a newline.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
This patch replaces event group numbers NFNLGRP_CONNTRACK_* by the
event group mask NF_NETLINK_CONNTRACK_*
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds the new message batching infrastructure that allows to
store several messages into one single datagram.
This patch includes an example for ctnetlink.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
This patch reworks mnl_nlmsg_fprintf. It breaks backward compatibility
of this function, there was no way to improve it without doing so
(and we are still in time to break thing, BTW).
Signed-off-bu: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
A small little pedantism: NULL (as in, the pointer) isn't NUL (as in,
the character with value zero, '\0'). I propose to rename it to strz,
for the zero-terminated string (sometimes referred to as ASCIZ string,
but of course C isn't tied to ASCII).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
Davem spotted during the Netfilter Workshop that user-space applications
should use 8KB buffers for recv(). I accidentally found that NFLOG is
not following this approach (in this case we're using 131072 bytes
messages), we have to document this.
Anyway, according to linux/netlink.h (and to complete this log message):
"skb should fit one page. This choice is good for headerless malloc.
But we should limit to 8K so that userspace does not have to
use enormous buffer sizes on recvmsg() calls just to avoid
MSG_TRUNC when PAGE_SIZE is very large."
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
Besides that -ldl should be in _LDADD (not _LDFLAGS), I do not see any
dlopen calls at all that would make the library a requirement.
I also see no reason to use -Wc,-nostartfiles.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
|
put examples files into specific directories according to the
Netlink bus they work with. And minor update in the readme file
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch fixes the example that allows to set up/down the
network interface.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
commit a5f25889216411ad7492047fafe6de03b8408440 introduced a minor
problem in this example.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch relaxes strict attribute checkings in the example files.
I have also changed the errno value, now it's EOPNOTSUPP instead of
EINVAL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Heavily based on an example from Alejandro Castaño. Untested.
Signed-off-by: Alejandro Castaño <alecastanyo@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
They have been spotted by -Wall -Wextra
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This function is still quite preliminary, comments welcome!
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Remove mnl_nlmsg_get_len() since it returns a field of a structure
that is public (struct nlmsghdr). We can directly access the header
fields and they are not likely to change in the future (at least
for this version of Netlink I think).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This includes renaming get_tail() to get_payload_tail()
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
better to rename this function since its return value is not similar
to other _ok() functions, for consistency.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
And include the prototype in libmnl.h, since it was missing
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch changes the callback handlers to include netlink portID
checking. Thus, we avoid that any malicious process can spoof
messages.
If portid, sequence number of the message is != 0, we check if the
message is what we expect. This allows to use the same netlink channel
for dumps (portid, seq != 0) and event-based notifications (portid, seq == 0).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch includes the new validation infrastructure which is
decoupled from the attribute parsing. It is composed of:
- mnl_attr_type_invalid: that allows to check if the attribute type
is valid (ie. the type is not higher than WXYZ_MAX).
- mnl_attr_validate: that allows to validate that there's enough room
for the attribute data.
The patch includes the rework of the attribute parsers. Now, you don't
have to use an array of pointer to store the result of the parsing,
you can use whatever data structure instead.
The prototype as it follows:
typedef int (*mnl_attr_cb_t)(const struct nlattr *attr, void *data);
extern int mnl_attr_parse(const struct nlmsghdr *nlh, int offset, mnl_attr_cb_t cb, void *data)
There are three versions of rtnl-link-dump.c that show how attribute
parsing can be done now. Probably that many examples are not good idea,
I may remove some of them from the tree in the future.
This patch also merges mnl_attr_parse_at_offset into mnl_attr_parse.
This patch modifies MNL_ALIGN so that we can use it in static
arrays (the use of mnl_align() is not allowed in compilation time
to initialize an array field).
I have added the mnl_attr_for_each() macro and I have changed
mnl_attr_for_each_nested() to declare the length variable internally.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
it's deeply broken 8-)
|
|
netlink is not connection-oriented, we have to check the origin
of the message.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
