diff options
-rw-r--r-- | include/libnetfilter_conntrack/libnetfilter_conntrack.h | 10 | ||||
-rw-r--r-- | src/conntrack/grp.c | 12 | ||||
-rw-r--r-- | src/conntrack/grp_getter.c | 34 | ||||
-rw-r--r-- | src/conntrack/grp_setter.c | 32 |
4 files changed, 87 insertions, 1 deletions
diff --git a/include/libnetfilter_conntrack/libnetfilter_conntrack.h b/include/libnetfilter_conntrack/libnetfilter_conntrack.h index a4a60cb..5518418 100644 --- a/include/libnetfilter_conntrack/libnetfilter_conntrack.h +++ b/include/libnetfilter_conntrack/libnetfilter_conntrack.h @@ -149,6 +149,10 @@ enum nf_conntrack_attr_grp { ATTR_GRP_MASTER_PORT, /* struct nfct_attr_grp_port */ ATTR_GRP_ORIG_COUNTERS, /* struct nfct_attr_grp_ctrs */ ATTR_GRP_REPL_COUNTERS, /* struct nfct_attr_grp_ctrs */ + ATTR_GRP_ORIG_ADDR_SRC = 12, /* union nfct_attr_grp_addr */ + ATTR_GRP_ORIG_ADDR_DST, /* union nfct_attr_grp_addr */ + ATTR_GRP_REPL_ADDR_SRC, /* union nfct_attr_grp_addr */ + ATTR_GRP_REPL_ADDR_DST, /* union nfct_attr_grp_addr */ ATTR_GRP_MAX }; @@ -174,6 +178,12 @@ struct nfct_attr_grp_ctrs { u_int64_t bytes; }; +union nfct_attr_grp_addr { + u_int32_t ip; + u_int32_t ip6[4]; + u_int32_t addr[4]; +}; + /* message type */ enum nf_conntrack_msg_type { NFCT_T_UNKNOWN = 0, diff --git a/src/conntrack/grp.c b/src/conntrack/grp.c index 295444d..92a523b 100644 --- a/src/conntrack/grp.c +++ b/src/conntrack/grp.c @@ -68,4 +68,16 @@ const uint32_t attr_grp_bitmask[ATTR_GRP_MAX][__NFCT_BITSET] = { [0] = (1 << (ATTR_REPL_COUNTER_PACKETS)) | (1 << (ATTR_REPL_COUNTER_BYTES)), }, + [ATTR_GRP_ORIG_ADDR_SRC] = { + [0] = (1 << ATTR_ORIG_IPV4_SRC) | (1 << ATTR_ORIG_IPV6_SRC), + }, + [ATTR_GRP_ORIG_ADDR_DST] = { + [0] = (1 << ATTR_ORIG_IPV4_DST) | (1 << ATTR_ORIG_IPV6_DST), + }, + [ATTR_GRP_REPL_ADDR_SRC] = { + [1] = (1 << ATTR_REPL_IPV4_SRC) | (1 << ATTR_REPL_IPV6_SRC), + }, + [ATTR_GRP_REPL_ADDR_DST] = { + [1] = (1 << ATTR_REPL_IPV4_DST) | (1 << ATTR_REPL_IPV6_DST), + }, }; diff --git a/src/conntrack/grp_getter.c b/src/conntrack/grp_getter.c index a8d43cf..9770340 100644 --- a/src/conntrack/grp_getter.c +++ b/src/conntrack/grp_getter.c @@ -94,6 +94,34 @@ static void get_attr_grp_repl_ctrs(const struct nf_conntrack *ct, void *data) this->bytes = ct->counters[__DIR_REPL].bytes; } +static void +get_attr_grp_orig_addr_src(const struct nf_conntrack *ct, void *data) +{ + union nfct_attr_grp_addr *this = data; + memcpy(&this->addr, &ct->head.orig.src, sizeof(ct->head.orig.src)); +} + +static void +get_attr_grp_orig_addr_dst(const struct nf_conntrack *ct, void *data) +{ + union nfct_attr_grp_addr *this = data; + memcpy(&this->addr, &ct->head.orig.dst, sizeof(ct->head.orig.dst)); +} + +static void +get_attr_grp_repl_addr_src(const struct nf_conntrack *ct, void *data) +{ + union nfct_attr_grp_addr *this = data; + memcpy(&this->addr, &ct->repl.src, sizeof(ct->repl.src)); +} + +static void +get_attr_grp_repl_addr_dst(const struct nf_conntrack *ct, void *data) +{ + union nfct_attr_grp_addr *this = data; + memcpy(&this->addr, &ct->repl.dst, sizeof(ct->repl.dst)); +} + const get_attr_grp get_attr_grp_array[ATTR_GRP_MAX] = { [ATTR_GRP_ORIG_IPV4] = get_attr_grp_orig_ipv4, [ATTR_GRP_REPL_IPV4] = get_attr_grp_repl_ipv4, @@ -106,5 +134,9 @@ const get_attr_grp get_attr_grp_array[ATTR_GRP_MAX] = { [ATTR_GRP_MASTER_IPV6] = get_attr_grp_master_ipv6, [ATTR_GRP_MASTER_PORT] = get_attr_grp_master_port, [ATTR_GRP_ORIG_COUNTERS] = get_attr_grp_orig_ctrs, - [ATTR_GRP_REPL_COUNTERS] = get_attr_grp_repl_ctrs + [ATTR_GRP_REPL_COUNTERS] = get_attr_grp_repl_ctrs, + [ATTR_GRP_ORIG_ADDR_SRC] = get_attr_grp_orig_addr_src, + [ATTR_GRP_ORIG_ADDR_DST] = get_attr_grp_orig_addr_dst, + [ATTR_GRP_REPL_ADDR_SRC] = get_attr_grp_repl_addr_src, + [ATTR_GRP_REPL_ADDR_DST] = get_attr_grp_repl_addr_dst, }; diff --git a/src/conntrack/grp_setter.c b/src/conntrack/grp_setter.c index 0492a84..b451eef 100644 --- a/src/conntrack/grp_setter.c +++ b/src/conntrack/grp_setter.c @@ -138,6 +138,34 @@ static void set_attr_grp_master_port(struct nf_conntrack *ct, const void *value) ct->master.l4dst.all = this->dport; } +static void +set_attr_grp_orig_addr_src(struct nf_conntrack *ct, const void *value) +{ + const union nfct_attr_grp_addr *this = value; + memcpy(&ct->head.orig.src, &this->addr, sizeof(&ct->head.orig.src)); +} + +static void +set_attr_grp_orig_addr_dst(struct nf_conntrack *ct, const void *value) +{ + const union nfct_attr_grp_addr *this = value; + memcpy(&ct->head.orig.dst, &this->addr, sizeof(&ct->head.orig.src)); +} + +static void +set_attr_grp_repl_addr_src(struct nf_conntrack *ct, const void *value) +{ + const union nfct_attr_grp_addr *this = value; + memcpy(&ct->repl.src, &this->addr, sizeof(&ct->repl.src)); +} + +static void +set_attr_grp_repl_addr_dst(struct nf_conntrack *ct, const void *value) +{ + const union nfct_attr_grp_addr *this = value; + memcpy(&ct->repl.dst, &this->addr, sizeof(&ct->repl.dst)); +} + static void set_attr_grp_do_nothing(struct nf_conntrack *ct, const void *value) { } @@ -155,4 +183,8 @@ const set_attr_grp set_attr_grp_array[ATTR_GRP_MAX] = { [ATTR_GRP_MASTER_PORT] = set_attr_grp_master_port, [ATTR_GRP_ORIG_COUNTERS] = set_attr_grp_do_nothing, [ATTR_GRP_REPL_COUNTERS] = set_attr_grp_do_nothing, + [ATTR_GRP_ORIG_ADDR_SRC] = set_attr_grp_orig_addr_src, + [ATTR_GRP_ORIG_ADDR_DST] = set_attr_grp_orig_addr_dst, + [ATTR_GRP_REPL_ADDR_SRC] = set_attr_grp_repl_addr_src, + [ATTR_GRP_REPL_ADDR_DST] = set_attr_grp_repl_addr_dst, }; |