<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<title>libnl: lib/netfilter/ct_obj.c Source File</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<link href="doxygen.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<!-- Generated by Doxygen 1.7.3 -->
<div id="top">
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td style="padding-left: 0.5em;">
<div id="projectname">libnl <span id="projectnumber">1.1</span></div>
</td>
</tr>
</tbody>
</table>
</div>
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main Page</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li><a href="annotated.html"><span>Data Structures</span></a></li>
<li class="current"><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
<div id="navrow2" class="tabs2">
<ul class="tablist">
<li><a href="files.html"><span>File List</span></a></li>
</ul>
</div>
<div class="header">
<div class="headertitle">
<h1>lib/netfilter/ct_obj.c</h1> </div>
</div>
<div class="contents">
<div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span>
<a name="l00002"></a>00002 <span class="comment"> * lib/netfilter/ct_obj.c Conntrack Object</span>
<a name="l00003"></a>00003 <span class="comment"> *</span>
<a name="l00004"></a>00004 <span class="comment"> * This library is free software; you can redistribute it and/or</span>
<a name="l00005"></a>00005 <span class="comment"> * modify it under the terms of the GNU Lesser General Public</span>
<a name="l00006"></a>00006 <span class="comment"> * License as published by the Free Software Foundation version 2.1</span>
<a name="l00007"></a>00007 <span class="comment"> * of the License.</span>
<a name="l00008"></a>00008 <span class="comment"> *</span>
<a name="l00009"></a>00009 <span class="comment"> * Copyright (c) 2003-2006 Thomas Graf <tgraf@suug.ch></span>
<a name="l00010"></a>00010 <span class="comment"> * Copyright (c) 2007 Philip Craig <philipc@snapgear.com></span>
<a name="l00011"></a>00011 <span class="comment"> * Copyright (c) 2007 Secure Computing Corporation</span>
<a name="l00012"></a>00012 <span class="comment"> */</span>
<a name="l00013"></a>00013
<a name="l00014"></a>00014 <span class="preprocessor">#include <sys/types.h></span>
<a name="l00015"></a>00015 <span class="preprocessor">#include <linux/netfilter/nfnetlink_conntrack.h></span>
<a name="l00016"></a>00016 <span class="preprocessor">#include <linux/netfilter/nf_conntrack_common.h></span>
<a name="l00017"></a>00017 <span class="preprocessor">#include <linux/netfilter/nf_conntrack_tcp.h></span>
<a name="l00018"></a>00018
<a name="l00019"></a>00019 <span class="preprocessor">#include <netlink-local.h></span>
<a name="l00020"></a>00020 <span class="preprocessor">#include <netlink/netfilter/nfnl.h></span>
<a name="l00021"></a>00021 <span class="preprocessor">#include <netlink/netfilter/ct.h></span>
<a name="l00022"></a>00022 <span class="comment"></span>
<a name="l00023"></a>00023 <span class="comment">/** @cond SKIP */</span>
<a name="l00024"></a>00024 <span class="preprocessor">#define CT_ATTR_FAMILY (1UL << 0)</span>
<a name="l00025"></a>00025 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_PROTO (1UL << 1)</span>
<a name="l00026"></a>00026 <span class="preprocessor"></span>
<a name="l00027"></a>00027 <span class="preprocessor">#define CT_ATTR_TCP_STATE (1UL << 2)</span>
<a name="l00028"></a>00028 <span class="preprocessor"></span>
<a name="l00029"></a>00029 <span class="preprocessor">#define CT_ATTR_STATUS (1UL << 3)</span>
<a name="l00030"></a>00030 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_TIMEOUT (1UL << 4)</span>
<a name="l00031"></a>00031 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_MARK (1UL << 5)</span>
<a name="l00032"></a>00032 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_USE (1UL << 6)</span>
<a name="l00033"></a>00033 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ID (1UL << 7)</span>
<a name="l00034"></a>00034 <span class="preprocessor"></span>
<a name="l00035"></a>00035 <span class="preprocessor">#define CT_ATTR_ORIG_SRC (1UL << 8)</span>
<a name="l00036"></a>00036 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_DST (1UL << 9)</span>
<a name="l00037"></a>00037 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_SRC_PORT (1UL << 10)</span>
<a name="l00038"></a>00038 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_DST_PORT (1UL << 11)</span>
<a name="l00039"></a>00039 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_ICMP_ID (1UL << 12)</span>
<a name="l00040"></a>00040 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_ICMP_TYPE (1UL << 13)</span>
<a name="l00041"></a>00041 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_ICMP_CODE (1UL << 14)</span>
<a name="l00042"></a>00042 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_PACKETS (1UL << 15)</span>
<a name="l00043"></a>00043 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_ORIG_BYTES (1UL << 16)</span>
<a name="l00044"></a>00044 <span class="preprocessor"></span>
<a name="l00045"></a>00045 <span class="preprocessor">#define CT_ATTR_REPL_SRC (1UL << 17)</span>
<a name="l00046"></a>00046 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_DST (1UL << 18)</span>
<a name="l00047"></a>00047 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_SRC_PORT (1UL << 19)</span>
<a name="l00048"></a>00048 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_DST_PORT (1UL << 20)</span>
<a name="l00049"></a>00049 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_ICMP_ID (1UL << 21)</span>
<a name="l00050"></a>00050 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_ICMP_TYPE (1UL << 22)</span>
<a name="l00051"></a>00051 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_ICMP_CODE (1UL << 23)</span>
<a name="l00052"></a>00052 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_PACKETS (1UL << 24)</span>
<a name="l00053"></a>00053 <span class="preprocessor"></span><span class="preprocessor">#define CT_ATTR_REPL_BYTES (1UL << 25)</span>
<a name="l00054"></a>00054 <span class="preprocessor"></span><span class="comment">/** @endcond */</span>
<a name="l00055"></a>00055
<a name="l00056"></a>00056 <span class="keyword">static</span> <span class="keywordtype">void</span> ct_free_data(<span class="keyword">struct</span> nl_object *c)
<a name="l00057"></a>00057 {
<a name="l00058"></a>00058 <span class="keyword">struct </span>nfnl_ct *ct = (<span class="keyword">struct </span>nfnl_ct *) c;
<a name="l00059"></a>00059
<a name="l00060"></a>00060 <span class="keywordflow">if</span> (ct == NULL)
<a name="l00061"></a>00061 <span class="keywordflow">return</span>;
<a name="l00062"></a>00062
<a name="l00063"></a>00063 nl_addr_put(ct->ct_orig.src);
<a name="l00064"></a>00064 nl_addr_put(ct->ct_orig.dst);
<a name="l00065"></a>00065 nl_addr_put(ct->ct_repl.src);
<a name="l00066"></a>00066 nl_addr_put(ct->ct_repl.dst);
<a name="l00067"></a>00067 }
<a name="l00068"></a>00068
<a name="l00069"></a>00069 <span class="keyword">static</span> <span class="keywordtype">int</span> ct_clone(<span class="keyword">struct</span> nl_object *_dst, <span class="keyword">struct</span> nl_object *_src)
<a name="l00070"></a>00070 {
<a name="l00071"></a>00071 <span class="keyword">struct </span>nfnl_ct *dst = (<span class="keyword">struct </span>nfnl_ct *) _dst;
<a name="l00072"></a>00072 <span class="keyword">struct </span>nfnl_ct *src = (<span class="keyword">struct </span>nfnl_ct *) _src;
<a name="l00073"></a>00073 <span class="keyword">struct </span>nl_addr *addr;
<a name="l00074"></a>00074
<a name="l00075"></a>00075 <span class="keywordflow">if</span> (src->ct_orig.src) {
<a name="l00076"></a>00076 addr = <a class="code" href="group__addr.html#ga40b37a1ccec7acf84d868e588e516cba" title="Clone existing abstract address object.">nl_addr_clone</a>(src->ct_orig.src);
<a name="l00077"></a>00077 <span class="keywordflow">if</span> (!addr)
<a name="l00078"></a>00078 <span class="keywordflow">goto</span> errout;
<a name="l00079"></a>00079 dst->ct_orig.src = addr;
<a name="l00080"></a>00080 }
<a name="l00081"></a>00081
<a name="l00082"></a>00082 <span class="keywordflow">if</span> (src->ct_orig.dst) {
<a name="l00083"></a>00083 addr = <a class="code" href="group__addr.html#ga40b37a1ccec7acf84d868e588e516cba" title="Clone existing abstract address object.">nl_addr_clone</a>(src->ct_orig.dst);
<a name="l00084"></a>00084 <span class="keywordflow">if</span> (!addr)
<a name="l00085"></a>00085 <span class="keywordflow">goto</span> errout;
<a name="l00086"></a>00086 dst->ct_orig.dst = addr;
<a name="l00087"></a>00087 }
<a name="l00088"></a>00088
<a name="l00089"></a>00089 <span class="keywordflow">if</span> (src->ct_repl.src) {
<a name="l00090"></a>00090 addr = <a class="code" href="group__addr.html#ga40b37a1ccec7acf84d868e588e516cba" title="Clone existing abstract address object.">nl_addr_clone</a>(src->ct_repl.src);
<a name="l00091"></a>00091 <span class="keywordflow">if</span> (!addr)
<a name="l00092"></a>00092 <span class="keywordflow">goto</span> errout;
<a name="l00093"></a>00093 dst->ct_repl.src = addr;
<a name="l00094"></a>00094 }
<a name="l00095"></a>00095
<a name="l00096"></a>00096 <span class="keywordflow">if</span> (src->ct_repl.dst) {
<a name="l00097"></a>00097 addr = <a class="code" href="group__addr.html#ga40b37a1ccec7acf84d868e588e516cba" title="Clone existing abstract address object.">nl_addr_clone</a>(src->ct_repl.dst);
<a name="l00098"></a>00098 <span class="keywordflow">if</span> (!addr)
<a name="l00099"></a>00099 <span class="keywordflow">goto</span> errout;
<a name="l00100"></a>00100 dst->ct_repl.dst = addr;
<a name="l00101"></a>00101 }
<a name="l00102"></a>00102
<a name="l00103"></a>00103 <span class="keywordflow">return</span> 0;
<a name="l00104"></a>00104 errout:
<a name="l00105"></a>00105 <span class="keywordflow">return</span> nl_get_errno();
<a name="l00106"></a>00106 }
<a name="l00107"></a>00107
<a name="l00108"></a>00108 <span class="keyword">static</span> <span class="keywordtype">void</span> ct_dump_dir(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl,
<a name="l00109"></a>00109 <span class="keyword">struct</span> <a class="code" href="structnl__dump__params.html" title="Dumping parameters.">nl_dump_params</a> *p)
<a name="l00110"></a>00110 {
<a name="l00111"></a>00111 <span class="keyword">struct </span>nl_addr *addr;
<a name="l00112"></a>00112 <span class="keywordtype">char</span> addrbuf[64];
<a name="l00113"></a>00113
<a name="l00114"></a>00114 addr = nfnl_ct_get_src(ct, repl);
<a name="l00115"></a>00115 <span class="keywordflow">if</span> (addr)
<a name="l00116"></a>00116 dp_dump(p, <span class="stringliteral">"src=%s "</span>,
<a name="l00117"></a>00117 <a class="code" href="group__addr.html#ga6471f04b9fa8ef1d4af1bf2b87b49529" title="Convert abstract address object to character string.">nl_addr2str</a>(addr, addrbuf, <span class="keyword">sizeof</span>(addrbuf)));
<a name="l00118"></a>00118
<a name="l00119"></a>00119 addr = nfnl_ct_get_dst(ct, repl);
<a name="l00120"></a>00120 <span class="keywordflow">if</span> (addr)
<a name="l00121"></a>00121 dp_dump(p, <span class="stringliteral">"dst=%s "</span>,
<a name="l00122"></a>00122 <a class="code" href="group__addr.html#ga6471f04b9fa8ef1d4af1bf2b87b49529" title="Convert abstract address object to character string.">nl_addr2str</a>(addr, addrbuf, <span class="keyword">sizeof</span>(addrbuf)));
<a name="l00123"></a>00123
<a name="l00124"></a>00124 <span class="keywordflow">if</span> (nfnl_ct_test_src_port(ct, repl))
<a name="l00125"></a>00125 dp_dump(p, <span class="stringliteral">"sport=%u "</span>, ntohs(nfnl_ct_get_src_port(ct, repl)));
<a name="l00126"></a>00126 <span class="keywordflow">if</span> (nfnl_ct_test_dst_port(ct, repl))
<a name="l00127"></a>00127 dp_dump(p, <span class="stringliteral">"dport=%u "</span>, ntohs(nfnl_ct_get_dst_port(ct, repl)));
<a name="l00128"></a>00128
<a name="l00129"></a>00129 <span class="keywordflow">if</span> (nfnl_ct_test_icmp_type(ct, repl))
<a name="l00130"></a>00130 dp_dump(p, <span class="stringliteral">"type=%d "</span>, nfnl_ct_get_icmp_type(ct, repl));
<a name="l00131"></a>00131 <span class="keywordflow">if</span> (nfnl_ct_test_icmp_type(ct, repl))
<a name="l00132"></a>00132 dp_dump(p, <span class="stringliteral">"code=%d "</span>, nfnl_ct_get_icmp_code(ct, repl));
<a name="l00133"></a>00133 <span class="keywordflow">if</span> (nfnl_ct_test_icmp_type(ct, repl))
<a name="l00134"></a>00134 dp_dump(p, <span class="stringliteral">"id=%d "</span>, ntohs(nfnl_ct_get_icmp_id(ct, repl)));
<a name="l00135"></a>00135
<a name="l00136"></a>00136 <span class="keywordflow">if</span> (nfnl_ct_test_packets(ct, repl))
<a name="l00137"></a>00137 dp_dump(p, <span class="stringliteral">"packets=%llu "</span>, nfnl_ct_get_packets(ct, repl));
<a name="l00138"></a>00138 <span class="keywordflow">if</span> (nfnl_ct_test_bytes(ct, repl))
<a name="l00139"></a>00139 dp_dump(p, <span class="stringliteral">"bytes=%llu "</span>, nfnl_ct_get_bytes(ct, repl));
<a name="l00140"></a>00140 }
<a name="l00141"></a>00141
<a name="l00142"></a>00142 <span class="comment">/* Compatible with /proc/net/nf_conntrack */</span>
<a name="l00143"></a>00143 <span class="keyword">static</span> <span class="keywordtype">int</span> ct_dump(<span class="keyword">struct</span> nl_object *a, <span class="keyword">struct</span> <a class="code" href="structnl__dump__params.html" title="Dumping parameters.">nl_dump_params</a> *p)
<a name="l00144"></a>00144 {
<a name="l00145"></a>00145 <span class="keyword">struct </span>nfnl_ct *ct = (<span class="keyword">struct </span>nfnl_ct *) a;
<a name="l00146"></a>00146 <span class="keywordtype">char</span> buf[64];
<a name="l00147"></a>00147 uint32_t status;
<a name="l00148"></a>00148 uint8_t family;
<a name="l00149"></a>00149 uint8_t proto;
<a name="l00150"></a>00150
<a name="l00151"></a>00151 family = nfnl_ct_get_family(ct);
<a name="l00152"></a>00152 dp_dump(p, <span class="stringliteral">"%-8s %u "</span>, nl_af2str(family, buf, <span class="keyword">sizeof</span>(buf)), family);
<a name="l00153"></a>00153
<a name="l00154"></a>00154 <span class="keywordflow">if</span> (nfnl_ct_test_proto(ct)) {
<a name="l00155"></a>00155 proto = nfnl_ct_get_proto(ct);
<a name="l00156"></a>00156 dp_dump(p, <span class="stringliteral">"%-8s %u "</span>,
<a name="l00157"></a>00157 nl_ip_proto2str(proto, buf, <span class="keyword">sizeof</span>(buf)), proto);
<a name="l00158"></a>00158 }
<a name="l00159"></a>00159
<a name="l00160"></a>00160 <span class="keywordflow">if</span> (nfnl_ct_test_timeout(ct))
<a name="l00161"></a>00161 dp_dump(p, <span class="stringliteral">"%ld "</span>, nfnl_ct_get_timeout(ct));
<a name="l00162"></a>00162
<a name="l00163"></a>00163 <span class="keywordflow">if</span> (nfnl_ct_test_tcp_state(ct))
<a name="l00164"></a>00164 dp_dump(p, <span class="stringliteral">"%s "</span>,
<a name="l00165"></a>00165 nfnl_ct_tcp_state2str(nfnl_ct_get_tcp_state(ct),
<a name="l00166"></a>00166 buf, <span class="keyword">sizeof</span>(buf)));
<a name="l00167"></a>00167
<a name="l00168"></a>00168 ct_dump_dir(ct, 0, p);
<a name="l00169"></a>00169
<a name="l00170"></a>00170 status = nfnl_ct_get_status(ct);
<a name="l00171"></a>00171 <span class="keywordflow">if</span> (!(status & IPS_SEEN_REPLY))
<a name="l00172"></a>00172 dp_dump(p, <span class="stringliteral">"[UNREPLIED] "</span>);
<a name="l00173"></a>00173
<a name="l00174"></a>00174 ct_dump_dir(ct, 1, p);
<a name="l00175"></a>00175
<a name="l00176"></a>00176 <span class="keywordflow">if</span> (status & IPS_ASSURED)
<a name="l00177"></a>00177 dp_dump(p, <span class="stringliteral">"[ASSURED] "</span>);
<a name="l00178"></a>00178
<a name="l00179"></a>00179 <span class="keywordflow">if</span> (nfnl_ct_test_mark(ct))
<a name="l00180"></a>00180 dp_dump(p, <span class="stringliteral">"mark=%u "</span>, nfnl_ct_get_mark(ct));
<a name="l00181"></a>00181
<a name="l00182"></a>00182 <span class="keywordflow">if</span> (nfnl_ct_test_use(ct))
<a name="l00183"></a>00183 dp_dump(p, <span class="stringliteral">"use=%u "</span>, nfnl_ct_get_use(ct));
<a name="l00184"></a>00184
<a name="l00185"></a>00185 dp_dump(p, <span class="stringliteral">"\n"</span>);
<a name="l00186"></a>00186
<a name="l00187"></a>00187 <span class="keywordflow">return</span> 1;
<a name="l00188"></a>00188 }
<a name="l00189"></a>00189
<a name="l00190"></a>00190 <span class="keyword">static</span> <span class="keywordtype">int</span> ct_compare(<span class="keyword">struct</span> nl_object *_a, <span class="keyword">struct</span> nl_object *_b,
<a name="l00191"></a>00191 uint32_t attrs, <span class="keywordtype">int</span> flags)
<a name="l00192"></a>00192 {
<a name="l00193"></a>00193 <span class="keyword">struct </span>nfnl_ct *a = (<span class="keyword">struct </span>nfnl_ct *) _a;
<a name="l00194"></a>00194 <span class="keyword">struct </span>nfnl_ct *b = (<span class="keyword">struct </span>nfnl_ct *) _b;
<a name="l00195"></a>00195 <span class="keywordtype">int</span> diff = 0;
<a name="l00196"></a>00196
<a name="l00197"></a>00197 <span class="preprocessor">#define CT_DIFF(ATTR, EXPR) ATTR_DIFF(attrs, CT_ATTR_##ATTR, a, b, EXPR)</span>
<a name="l00198"></a>00198 <span class="preprocessor"></span><span class="preprocessor">#define CT_DIFF_VAL(ATTR, FIELD) CT_DIFF(ATTR, a->FIELD != b->FIELD)</span>
<a name="l00199"></a>00199 <span class="preprocessor"></span><span class="preprocessor">#define CT_DIFF_ADDR(ATTR, FIELD) \</span>
<a name="l00200"></a>00200 <span class="preprocessor"> ((flags & LOOSE_FLAG_COMPARISON) \</span>
<a name="l00201"></a>00201 <span class="preprocessor"> ? CT_DIFF(ATTR, nl_addr_cmp_prefix(a->FIELD, b->FIELD)) \</span>
<a name="l00202"></a>00202 <span class="preprocessor"> : CT_DIFF(ATTR, nl_addr_cmp(a->FIELD, b->FIELD)))</span>
<a name="l00203"></a>00203 <span class="preprocessor"></span>
<a name="l00204"></a>00204 diff |= CT_DIFF_VAL(FAMILY, ct_family);
<a name="l00205"></a>00205 diff |= CT_DIFF_VAL(PROTO, ct_proto);
<a name="l00206"></a>00206 diff |= CT_DIFF_VAL(TCP_STATE, ct_protoinfo.tcp.state);
<a name="l00207"></a>00207 diff |= CT_DIFF_VAL(TIMEOUT, ct_timeout);
<a name="l00208"></a>00208 diff |= CT_DIFF_VAL(MARK, ct_mark);
<a name="l00209"></a>00209 diff |= CT_DIFF_VAL(USE, ct_use);
<a name="l00210"></a>00210 diff |= CT_DIFF_VAL(ID, ct_id);
<a name="l00211"></a>00211 diff |= CT_DIFF_ADDR(ORIG_SRC, ct_orig.src);
<a name="l00212"></a>00212 diff |= CT_DIFF_ADDR(ORIG_DST, ct_orig.dst);
<a name="l00213"></a>00213 diff |= CT_DIFF_VAL(ORIG_SRC_PORT, ct_orig.proto.port.src);
<a name="l00214"></a>00214 diff |= CT_DIFF_VAL(ORIG_DST_PORT, ct_orig.proto.port.dst);
<a name="l00215"></a>00215 diff |= CT_DIFF_VAL(ORIG_ICMP_ID, ct_orig.proto.icmp.id);
<a name="l00216"></a>00216 diff |= CT_DIFF_VAL(ORIG_ICMP_TYPE, ct_orig.proto.icmp.type);
<a name="l00217"></a>00217 diff |= CT_DIFF_VAL(ORIG_ICMP_CODE, ct_orig.proto.icmp.code);
<a name="l00218"></a>00218 diff |= CT_DIFF_VAL(ORIG_PACKETS, ct_orig.packets);
<a name="l00219"></a>00219 diff |= CT_DIFF_VAL(ORIG_BYTES, ct_orig.bytes);
<a name="l00220"></a>00220 diff |= CT_DIFF_ADDR(REPL_SRC, ct_repl.src);
<a name="l00221"></a>00221 diff |= CT_DIFF_ADDR(REPL_DST, ct_repl.dst);
<a name="l00222"></a>00222 diff |= CT_DIFF_VAL(REPL_SRC_PORT, ct_repl.proto.port.src);
<a name="l00223"></a>00223 diff |= CT_DIFF_VAL(REPL_DST_PORT, ct_repl.proto.port.dst);
<a name="l00224"></a>00224 diff |= CT_DIFF_VAL(REPL_ICMP_ID, ct_repl.proto.icmp.id);
<a name="l00225"></a>00225 diff |= CT_DIFF_VAL(REPL_ICMP_TYPE, ct_repl.proto.icmp.type);
<a name="l00226"></a>00226 diff |= CT_DIFF_VAL(REPL_ICMP_CODE, ct_repl.proto.icmp.code);
<a name="l00227"></a>00227 diff |= CT_DIFF_VAL(REPL_PACKETS, ct_repl.packets);
<a name="l00228"></a>00228 diff |= CT_DIFF_VAL(REPL_BYTES, ct_repl.bytes);
<a name="l00229"></a>00229
<a name="l00230"></a>00230 <span class="keywordflow">if</span> (flags & LOOSE_FLAG_COMPARISON)
<a name="l00231"></a>00231 diff |= CT_DIFF(STATUS, (a->ct_status ^ b->ct_status) &
<a name="l00232"></a>00232 b->ct_status_mask);
<a name="l00233"></a>00233 <span class="keywordflow">else</span>
<a name="l00234"></a>00234 diff |= CT_DIFF(STATUS, a->ct_status != b->ct_status);
<a name="l00235"></a>00235
<a name="l00236"></a>00236 <span class="preprocessor">#undef CT_DIFF</span>
<a name="l00237"></a>00237 <span class="preprocessor"></span><span class="preprocessor">#undef CT_DIFF_VAL</span>
<a name="l00238"></a>00238 <span class="preprocessor"></span><span class="preprocessor">#undef CT_DIFF_ADDR</span>
<a name="l00239"></a>00239 <span class="preprocessor"></span>
<a name="l00240"></a>00240 <span class="keywordflow">return</span> diff;
<a name="l00241"></a>00241 }
<a name="l00242"></a>00242
<a name="l00243"></a>00243 <span class="keyword">static</span> <span class="keyword">struct </span>trans_tbl ct_attrs[] = {
<a name="l00244"></a>00244 __ADD(CT_ATTR_FAMILY, family)
<a name="l00245"></a>00245 __ADD(CT_ATTR_PROTO, proto)
<a name="l00246"></a>00246 __ADD(CT_ATTR_TCP_STATE, tcpstate)
<a name="l00247"></a>00247 __ADD(CT_ATTR_STATUS, status)
<a name="l00248"></a>00248 __ADD(CT_ATTR_TIMEOUT, timeout)
<a name="l00249"></a>00249 __ADD(CT_ATTR_MARK, mark)
<a name="l00250"></a>00250 __ADD(CT_ATTR_USE, use)
<a name="l00251"></a>00251 __ADD(CT_ATTR_ID, <span class="keywordtype">id</span>)
<a name="l00252"></a>00252 __ADD(CT_ATTR_ORIG_SRC, origsrc)
<a name="l00253"></a>00253 __ADD(CT_ATTR_ORIG_DST, origdst)
<a name="l00254"></a>00254 __ADD(CT_ATTR_ORIG_SRC_PORT, origsrcport)
<a name="l00255"></a>00255 __ADD(CT_ATTR_ORIG_DST_PORT, origdstport)
<a name="l00256"></a>00256 __ADD(CT_ATTR_ORIG_ICMP_ID, origicmpid)
<a name="l00257"></a>00257 __ADD(CT_ATTR_ORIG_ICMP_TYPE, origicmptype)
<a name="l00258"></a>00258 __ADD(CT_ATTR_ORIG_ICMP_CODE, origicmpcode)
<a name="l00259"></a>00259 __ADD(CT_ATTR_ORIG_PACKETS, origpackets)
<a name="l00260"></a>00260 __ADD(CT_ATTR_ORIG_BYTES, origbytes)
<a name="l00261"></a>00261 __ADD(CT_ATTR_REPL_SRC, replysrc)
<a name="l00262"></a>00262 __ADD(CT_ATTR_REPL_DST, replydst)
<a name="l00263"></a>00263 __ADD(CT_ATTR_REPL_SRC_PORT, replysrcport)
<a name="l00264"></a>00264 __ADD(CT_ATTR_REPL_DST_PORT, replydstport)
<a name="l00265"></a>00265 __ADD(CT_ATTR_REPL_ICMP_ID, replyicmpid)
<a name="l00266"></a>00266 __ADD(CT_ATTR_REPL_ICMP_TYPE, replyicmptype)
<a name="l00267"></a>00267 __ADD(CT_ATTR_REPL_ICMP_CODE, replyicmpcode)
<a name="l00268"></a>00268 __ADD(CT_ATTR_REPL_PACKETS, replypackets)
<a name="l00269"></a>00269 __ADD(CT_ATTR_REPL_BYTES, replybytes)
<a name="l00270"></a>00270 };
<a name="l00271"></a>00271
<a name="l00272"></a>00272 static <span class="keywordtype">char</span> *ct_attrs2str(<span class="keywordtype">int</span> attrs, <span class="keywordtype">char</span> *buf, <span class="keywordtype">size_t</span> len)
<a name="l00273"></a>00273 {
<a name="l00274"></a>00274 <span class="keywordflow">return</span> __flags2str(attrs, buf, len, ct_attrs, ARRAY_SIZE(ct_attrs));
<a name="l00275"></a>00275 }
<a name="l00276"></a>00276 <span class="comment"></span>
<a name="l00277"></a>00277 <span class="comment">/**</span>
<a name="l00278"></a>00278 <span class="comment"> * @name Allocation/Freeing</span>
<a name="l00279"></a>00279 <span class="comment"> * @{</span>
<a name="l00280"></a>00280 <span class="comment"> */</span>
<a name="l00281"></a>00281
<a name="l00282"></a>00282 <span class="keyword">struct </span>nfnl_ct *nfnl_ct_alloc(<span class="keywordtype">void</span>)
<a name="l00283"></a>00283 {
<a name="l00284"></a>00284 <span class="keywordflow">return</span> (<span class="keyword">struct</span> nfnl_ct *) <a class="code" href="group__object.html#ga9c1f2fd887d8325839f452879cdf982a" title="Allocate a new object of kind specified by the operations handle.">nl_object_alloc</a>(&ct_obj_ops);
<a name="l00285"></a>00285 }
<a name="l00286"></a>00286
<a name="l00287"></a>00287 <span class="keywordtype">void</span> nfnl_ct_get(<span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00288"></a>00288 {
<a name="l00289"></a>00289 <a class="code" href="group__object.html#gabd5767ac47ec6f09d1ac643f44eb8bfd" title="Acquire a reference on a object.">nl_object_get</a>((<span class="keyword">struct</span> nl_object *) ct);
<a name="l00290"></a>00290 }
<a name="l00291"></a>00291
<a name="l00292"></a>00292 <span class="keywordtype">void</span> nfnl_ct_put(<span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00293"></a>00293 {
<a name="l00294"></a>00294 <a class="code" href="group__object.html#ga9905da094bf4c03cf4ac78aeaa86a12b" title="Release a reference from an object.">nl_object_put</a>((<span class="keyword">struct</span> nl_object *) ct);
<a name="l00295"></a>00295 }
<a name="l00296"></a>00296 <span class="comment"></span>
<a name="l00297"></a>00297 <span class="comment">/** @} */</span>
<a name="l00298"></a>00298 <span class="comment"></span>
<a name="l00299"></a>00299 <span class="comment">/**</span>
<a name="l00300"></a>00300 <span class="comment"> * @name Attributes</span>
<a name="l00301"></a>00301 <span class="comment"> * @{</span>
<a name="l00302"></a>00302 <span class="comment"> */</span>
<a name="l00303"></a>00303
<a name="l00304"></a>00304 <span class="keywordtype">void</span> nfnl_ct_set_family(<span class="keyword">struct</span> nfnl_ct *ct, uint8_t family)
<a name="l00305"></a>00305 {
<a name="l00306"></a>00306 ct->ct_family = family;
<a name="l00307"></a>00307 ct->ce_mask |= CT_ATTR_FAMILY;
<a name="l00308"></a>00308 }
<a name="l00309"></a>00309
<a name="l00310"></a>00310 uint8_t nfnl_ct_get_family(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00311"></a>00311 {
<a name="l00312"></a>00312 <span class="keywordflow">if</span> (ct->ce_mask & CT_ATTR_FAMILY)
<a name="l00313"></a>00313 <span class="keywordflow">return</span> ct->ct_family;
<a name="l00314"></a>00314 <span class="keywordflow">else</span>
<a name="l00315"></a>00315 <span class="keywordflow">return</span> AF_UNSPEC;
<a name="l00316"></a>00316 }
<a name="l00317"></a>00317
<a name="l00318"></a>00318 <span class="keywordtype">void</span> nfnl_ct_set_proto(<span class="keyword">struct</span> nfnl_ct *ct, uint8_t proto)
<a name="l00319"></a>00319 {
<a name="l00320"></a>00320 ct->ct_proto = proto;
<a name="l00321"></a>00321 ct->ce_mask |= CT_ATTR_PROTO;
<a name="l00322"></a>00322 }
<a name="l00323"></a>00323
<a name="l00324"></a>00324 <span class="keywordtype">int</span> nfnl_ct_test_proto(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00325"></a>00325 {
<a name="l00326"></a>00326 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_PROTO);
<a name="l00327"></a>00327 }
<a name="l00328"></a>00328
<a name="l00329"></a>00329 uint8_t nfnl_ct_get_proto(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00330"></a>00330 {
<a name="l00331"></a>00331 <span class="keywordflow">return</span> ct->ct_proto;
<a name="l00332"></a>00332 }
<a name="l00333"></a>00333
<a name="l00334"></a>00334 <span class="keywordtype">void</span> nfnl_ct_set_tcp_state(<span class="keyword">struct</span> nfnl_ct *ct, uint8_t state)
<a name="l00335"></a>00335 {
<a name="l00336"></a>00336 ct->ct_protoinfo.tcp.state = state;
<a name="l00337"></a>00337 ct->ce_mask |= CT_ATTR_TCP_STATE;
<a name="l00338"></a>00338 }
<a name="l00339"></a>00339
<a name="l00340"></a>00340 <span class="keywordtype">int</span> nfnl_ct_test_tcp_state(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00341"></a>00341 {
<a name="l00342"></a>00342 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_TCP_STATE);
<a name="l00343"></a>00343 }
<a name="l00344"></a>00344
<a name="l00345"></a>00345 uint8_t nfnl_ct_get_tcp_state(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00346"></a>00346 {
<a name="l00347"></a>00347 <span class="keywordflow">return</span> ct->ct_protoinfo.tcp.state;
<a name="l00348"></a>00348 }
<a name="l00349"></a>00349
<a name="l00350"></a>00350 <span class="keyword">static</span> <span class="keyword">struct </span>trans_tbl tcp_states[] = {
<a name="l00351"></a>00351 __ADD(TCP_CONNTRACK_NONE,NONE)
<a name="l00352"></a>00352 __ADD(TCP_CONNTRACK_SYN_SENT,SYN_SENT)
<a name="l00353"></a>00353 __ADD(TCP_CONNTRACK_SYN_RECV,SYN_RECV)
<a name="l00354"></a>00354 __ADD(TCP_CONNTRACK_ESTABLISHED,ESTABLISHED)
<a name="l00355"></a>00355 __ADD(TCP_CONNTRACK_FIN_WAIT,FIN_WAIT)
<a name="l00356"></a>00356 __ADD(TCP_CONNTRACK_CLOSE_WAIT,CLOSE_WAIT)
<a name="l00357"></a>00357 __ADD(TCP_CONNTRACK_LAST_ACK,LAST_ACK)
<a name="l00358"></a>00358 __ADD(TCP_CONNTRACK_TIME_WAIT,TIME_WAIT)
<a name="l00359"></a>00359 __ADD(TCP_CONNTRACK_CLOSE,CLOSE)
<a name="l00360"></a>00360 __ADD(TCP_CONNTRACK_LISTEN,LISTEN)
<a name="l00361"></a>00361 };
<a name="l00362"></a>00362
<a name="l00363"></a>00363 <span class="keywordtype">char</span> *nfnl_ct_tcp_state2str(uint8_t state, <span class="keywordtype">char</span> *buf, <span class="keywordtype">size_t</span> len)
<a name="l00364"></a>00364 {
<a name="l00365"></a>00365 <span class="keywordflow">return</span> __type2str(state, buf, len, tcp_states, ARRAY_SIZE(tcp_states));
<a name="l00366"></a>00366 }
<a name="l00367"></a>00367
<a name="l00368"></a>00368 <span class="keywordtype">int</span> nfnl_ct_str2tcp_state(<span class="keyword">const</span> <span class="keywordtype">char</span> *name)
<a name="l00369"></a>00369 {
<a name="l00370"></a>00370 <span class="keywordflow">return</span> __str2type(name, tcp_states, ARRAY_SIZE(tcp_states));
<a name="l00371"></a>00371 }
<a name="l00372"></a>00372
<a name="l00373"></a>00373 <span class="keywordtype">void</span> nfnl_ct_set_status(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t status)
<a name="l00374"></a>00374 {
<a name="l00375"></a>00375 ct->ct_status_mask |= status;
<a name="l00376"></a>00376 ct->ct_status |= status;
<a name="l00377"></a>00377 ct->ce_mask |= CT_ATTR_STATUS;
<a name="l00378"></a>00378 }
<a name="l00379"></a>00379
<a name="l00380"></a>00380 <span class="keywordtype">void</span> nfnl_ct_unset_status(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t status)
<a name="l00381"></a>00381 {
<a name="l00382"></a>00382 ct->ct_status_mask |= status;
<a name="l00383"></a>00383 ct->ct_status &= ~status;
<a name="l00384"></a>00384 ct->ce_mask |= CT_ATTR_STATUS;
<a name="l00385"></a>00385 }
<a name="l00386"></a>00386
<a name="l00387"></a>00387 uint32_t nfnl_ct_get_status(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00388"></a>00388 {
<a name="l00389"></a>00389 <span class="keywordflow">return</span> ct->ct_status;
<a name="l00390"></a>00390 }
<a name="l00391"></a>00391
<a name="l00392"></a>00392 <span class="keywordtype">void</span> nfnl_ct_set_timeout(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t timeout)
<a name="l00393"></a>00393 {
<a name="l00394"></a>00394 ct->ct_timeout = timeout;
<a name="l00395"></a>00395 ct->ce_mask |= CT_ATTR_TIMEOUT;
<a name="l00396"></a>00396 }
<a name="l00397"></a>00397
<a name="l00398"></a>00398 <span class="keywordtype">int</span> nfnl_ct_test_timeout(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00399"></a>00399 {
<a name="l00400"></a>00400 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_TIMEOUT);
<a name="l00401"></a>00401 }
<a name="l00402"></a>00402
<a name="l00403"></a>00403 uint32_t nfnl_ct_get_timeout(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00404"></a>00404 {
<a name="l00405"></a>00405 <span class="keywordflow">return</span> ct->ct_timeout;
<a name="l00406"></a>00406 }
<a name="l00407"></a>00407
<a name="l00408"></a>00408 <span class="keywordtype">void</span> nfnl_ct_set_mark(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t mark)
<a name="l00409"></a>00409 {
<a name="l00410"></a>00410 ct->ct_mark = mark;
<a name="l00411"></a>00411 ct->ce_mask |= CT_ATTR_MARK;
<a name="l00412"></a>00412 }
<a name="l00413"></a>00413
<a name="l00414"></a>00414 <span class="keywordtype">int</span> nfnl_ct_test_mark(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00415"></a>00415 {
<a name="l00416"></a>00416 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_MARK);
<a name="l00417"></a>00417 }
<a name="l00418"></a>00418
<a name="l00419"></a>00419 uint32_t nfnl_ct_get_mark(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00420"></a>00420 {
<a name="l00421"></a>00421 <span class="keywordflow">return</span> ct->ct_mark;
<a name="l00422"></a>00422 }
<a name="l00423"></a>00423
<a name="l00424"></a>00424 <span class="keywordtype">void</span> nfnl_ct_set_use(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t use)
<a name="l00425"></a>00425 {
<a name="l00426"></a>00426 ct->ct_use = use;
<a name="l00427"></a>00427 ct->ce_mask |= CT_ATTR_USE;
<a name="l00428"></a>00428 }
<a name="l00429"></a>00429
<a name="l00430"></a>00430 <span class="keywordtype">int</span> nfnl_ct_test_use(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00431"></a>00431 {
<a name="l00432"></a>00432 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_USE);
<a name="l00433"></a>00433 }
<a name="l00434"></a>00434
<a name="l00435"></a>00435 uint32_t nfnl_ct_get_use(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00436"></a>00436 {
<a name="l00437"></a>00437 <span class="keywordflow">return</span> ct->ct_use;
<a name="l00438"></a>00438 }
<a name="l00439"></a>00439
<a name="l00440"></a>00440 <span class="keywordtype">void</span> nfnl_ct_set_id(<span class="keyword">struct</span> nfnl_ct *ct, uint32_t <span class="keywordtype">id</span>)
<a name="l00441"></a>00441 {
<a name="l00442"></a>00442 ct->ct_id = id;
<a name="l00443"></a>00443 ct->ce_mask |= CT_ATTR_ID;
<a name="l00444"></a>00444 }
<a name="l00445"></a>00445
<a name="l00446"></a>00446 <span class="keywordtype">int</span> nfnl_ct_test_id(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00447"></a>00447 {
<a name="l00448"></a>00448 <span class="keywordflow">return</span> !!(ct->ce_mask & CT_ATTR_ID);
<a name="l00449"></a>00449 }
<a name="l00450"></a>00450
<a name="l00451"></a>00451 uint32_t nfnl_ct_get_id(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct)
<a name="l00452"></a>00452 {
<a name="l00453"></a>00453 <span class="keywordflow">return</span> ct->ct_id;
<a name="l00454"></a>00454 }
<a name="l00455"></a>00455
<a name="l00456"></a>00456 <span class="keyword">static</span> <span class="keywordtype">int</span> ct_set_addr(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keyword">struct</span> nl_addr *addr,
<a name="l00457"></a>00457 <span class="keywordtype">int</span> attr, <span class="keyword">struct</span> nl_addr ** ct_addr)
<a name="l00458"></a>00458 {
<a name="l00459"></a>00459 <span class="keywordflow">if</span> (ct->ce_mask & CT_ATTR_FAMILY) {
<a name="l00460"></a>00460 <span class="keywordflow">if</span> (addr->a_family != ct->ct_family)
<a name="l00461"></a>00461 <span class="keywordflow">return</span> nl_error(EINVAL, <span class="stringliteral">"Address family mismatch"</span>);
<a name="l00462"></a>00462 } <span class="keywordflow">else</span>
<a name="l00463"></a>00463 nfnl_ct_set_family(ct, addr->a_family);
<a name="l00464"></a>00464
<a name="l00465"></a>00465 <span class="keywordflow">if</span> (*ct_addr)
<a name="l00466"></a>00466 nl_addr_put(*ct_addr);
<a name="l00467"></a>00467
<a name="l00468"></a>00468 nl_addr_get(addr);
<a name="l00469"></a>00469 *ct_addr = addr;
<a name="l00470"></a>00470 ct->ce_mask |= attr;
<a name="l00471"></a>00471
<a name="l00472"></a>00472 <span class="keywordflow">return</span> 0;
<a name="l00473"></a>00473 }
<a name="l00474"></a>00474
<a name="l00475"></a>00475 <span class="keywordtype">int</span> nfnl_ct_set_src(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, <span class="keyword">struct</span> nl_addr *addr)
<a name="l00476"></a>00476 {
<a name="l00477"></a>00477 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00478"></a>00478 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_SRC : CT_ATTR_ORIG_SRC;
<a name="l00479"></a>00479 <span class="keywordflow">return</span> ct_set_addr(ct, addr, attr, &dir->src);
<a name="l00480"></a>00480 }
<a name="l00481"></a>00481
<a name="l00482"></a>00482 <span class="keywordtype">int</span> nfnl_ct_set_dst(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, <span class="keyword">struct</span> nl_addr *addr)
<a name="l00483"></a>00483 {
<a name="l00484"></a>00484 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00485"></a>00485 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_DST : CT_ATTR_ORIG_DST;
<a name="l00486"></a>00486 <span class="keywordflow">return</span> ct_set_addr(ct, addr, attr, &dir->dst);
<a name="l00487"></a>00487 }
<a name="l00488"></a>00488
<a name="l00489"></a>00489 <span class="keyword">struct </span>nl_addr *nfnl_ct_get_src(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00490"></a>00490 {
<a name="l00491"></a>00491 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00492"></a>00492 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_SRC : CT_ATTR_ORIG_SRC;
<a name="l00493"></a>00493 <span class="keywordflow">if</span> (!(ct->ce_mask & attr))
<a name="l00494"></a>00494 <span class="keywordflow">return</span> NULL;
<a name="l00495"></a>00495 <span class="keywordflow">return</span> dir->src;
<a name="l00496"></a>00496 }
<a name="l00497"></a>00497
<a name="l00498"></a>00498 <span class="keyword">struct </span>nl_addr *nfnl_ct_get_dst(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00499"></a>00499 {
<a name="l00500"></a>00500 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00501"></a>00501 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_DST : CT_ATTR_ORIG_DST;
<a name="l00502"></a>00502 <span class="keywordflow">if</span> (!(ct->ce_mask & attr))
<a name="l00503"></a>00503 <span class="keywordflow">return</span> NULL;
<a name="l00504"></a>00504 <span class="keywordflow">return</span> dir->dst;
<a name="l00505"></a>00505 }
<a name="l00506"></a>00506
<a name="l00507"></a>00507 <span class="keywordtype">void</span> nfnl_ct_set_src_port(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint16_t port)
<a name="l00508"></a>00508 {
<a name="l00509"></a>00509 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00510"></a>00510 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_SRC_PORT : CT_ATTR_ORIG_SRC_PORT;
<a name="l00511"></a>00511
<a name="l00512"></a>00512 dir->proto.port.src = port;
<a name="l00513"></a>00513 ct->ce_mask |= attr;
<a name="l00514"></a>00514 }
<a name="l00515"></a>00515
<a name="l00516"></a>00516 <span class="keywordtype">int</span> nfnl_ct_test_src_port(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00517"></a>00517 {
<a name="l00518"></a>00518 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_SRC_PORT : CT_ATTR_ORIG_SRC_PORT;
<a name="l00519"></a>00519 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00520"></a>00520 }
<a name="l00521"></a>00521
<a name="l00522"></a>00522 uint16_t nfnl_ct_get_src_port(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00523"></a>00523 {
<a name="l00524"></a>00524 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00525"></a>00525
<a name="l00526"></a>00526 <span class="keywordflow">return</span> dir->proto.port.src;
<a name="l00527"></a>00527 }
<a name="l00528"></a>00528
<a name="l00529"></a>00529 <span class="keywordtype">void</span> nfnl_ct_set_dst_port(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint16_t port)
<a name="l00530"></a>00530 {
<a name="l00531"></a>00531 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00532"></a>00532 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_DST_PORT : CT_ATTR_ORIG_DST_PORT;
<a name="l00533"></a>00533
<a name="l00534"></a>00534 dir->proto.port.dst = port;
<a name="l00535"></a>00535 ct->ce_mask |= attr;
<a name="l00536"></a>00536 }
<a name="l00537"></a>00537
<a name="l00538"></a>00538 <span class="keywordtype">int</span> nfnl_ct_test_dst_port(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00539"></a>00539 {
<a name="l00540"></a>00540 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_DST_PORT : CT_ATTR_ORIG_DST_PORT;
<a name="l00541"></a>00541 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00542"></a>00542 }
<a name="l00543"></a>00543
<a name="l00544"></a>00544 uint16_t nfnl_ct_get_dst_port(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00545"></a>00545 {
<a name="l00546"></a>00546 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00547"></a>00547
<a name="l00548"></a>00548 <span class="keywordflow">return</span> dir->proto.port.dst;
<a name="l00549"></a>00549 }
<a name="l00550"></a>00550
<a name="l00551"></a>00551 <span class="keywordtype">void</span> nfnl_ct_set_icmp_id(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint16_t <span class="keywordtype">id</span>)
<a name="l00552"></a>00552 {
<a name="l00553"></a>00553 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00554"></a>00554 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_ID : CT_ATTR_ORIG_ICMP_ID;
<a name="l00555"></a>00555
<a name="l00556"></a>00556 dir->proto.icmp.id = id;
<a name="l00557"></a>00557 ct->ce_mask |= attr;
<a name="l00558"></a>00558 }
<a name="l00559"></a>00559
<a name="l00560"></a>00560 <span class="keywordtype">int</span> nfnl_ct_test_icmp_id(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00561"></a>00561 {
<a name="l00562"></a>00562 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_ID : CT_ATTR_ORIG_ICMP_ID;
<a name="l00563"></a>00563 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00564"></a>00564 }
<a name="l00565"></a>00565
<a name="l00566"></a>00566 uint16_t nfnl_ct_get_icmp_id(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00567"></a>00567 {
<a name="l00568"></a>00568 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00569"></a>00569
<a name="l00570"></a>00570 <span class="keywordflow">return</span> dir->proto.icmp.id;
<a name="l00571"></a>00571 }
<a name="l00572"></a>00572
<a name="l00573"></a>00573 <span class="keywordtype">void</span> nfnl_ct_set_icmp_type(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint8_t type)
<a name="l00574"></a>00574 {
<a name="l00575"></a>00575 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00576"></a>00576 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_TYPE : CT_ATTR_ORIG_ICMP_TYPE;
<a name="l00577"></a>00577
<a name="l00578"></a>00578 dir->proto.icmp.type = type;
<a name="l00579"></a>00579 ct->ce_mask |= attr;
<a name="l00580"></a>00580 }
<a name="l00581"></a>00581
<a name="l00582"></a>00582 <span class="keywordtype">int</span> nfnl_ct_test_icmp_type(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00583"></a>00583 {
<a name="l00584"></a>00584 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_TYPE : CT_ATTR_ORIG_ICMP_TYPE;
<a name="l00585"></a>00585 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00586"></a>00586 }
<a name="l00587"></a>00587
<a name="l00588"></a>00588 uint8_t nfnl_ct_get_icmp_type(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00589"></a>00589 {
<a name="l00590"></a>00590 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00591"></a>00591
<a name="l00592"></a>00592 <span class="keywordflow">return</span> dir->proto.icmp.type;
<a name="l00593"></a>00593 }
<a name="l00594"></a>00594
<a name="l00595"></a>00595 <span class="keywordtype">void</span> nfnl_ct_set_icmp_code(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint8_t code)
<a name="l00596"></a>00596 {
<a name="l00597"></a>00597 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00598"></a>00598 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_CODE : CT_ATTR_ORIG_ICMP_CODE;
<a name="l00599"></a>00599
<a name="l00600"></a>00600 dir->proto.icmp.code = code;
<a name="l00601"></a>00601 ct->ce_mask |= attr;
<a name="l00602"></a>00602 }
<a name="l00603"></a>00603
<a name="l00604"></a>00604 <span class="keywordtype">int</span> nfnl_ct_test_icmp_code(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00605"></a>00605 {
<a name="l00606"></a>00606 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_ICMP_CODE : CT_ATTR_ORIG_ICMP_CODE;
<a name="l00607"></a>00607 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00608"></a>00608 }
<a name="l00609"></a>00609
<a name="l00610"></a>00610 uint8_t nfnl_ct_get_icmp_code(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00611"></a>00611 {
<a name="l00612"></a>00612 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00613"></a>00613
<a name="l00614"></a>00614 <span class="keywordflow">return</span> dir->proto.icmp.code;
<a name="l00615"></a>00615 }
<a name="l00616"></a>00616
<a name="l00617"></a>00617 <span class="keywordtype">void</span> nfnl_ct_set_packets(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint64_t packets)
<a name="l00618"></a>00618 {
<a name="l00619"></a>00619 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00620"></a>00620 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_PACKETS : CT_ATTR_ORIG_PACKETS;
<a name="l00621"></a>00621
<a name="l00622"></a>00622 dir->packets = packets;
<a name="l00623"></a>00623 ct->ce_mask |= attr;
<a name="l00624"></a>00624 }
<a name="l00625"></a>00625
<a name="l00626"></a>00626 <span class="keywordtype">int</span> nfnl_ct_test_packets(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00627"></a>00627 {
<a name="l00628"></a>00628 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_PACKETS : CT_ATTR_ORIG_PACKETS;
<a name="l00629"></a>00629 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00630"></a>00630 }
<a name="l00631"></a>00631
<a name="l00632"></a>00632 uint64_t nfnl_ct_get_packets(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00633"></a>00633 {
<a name="l00634"></a>00634 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00635"></a>00635
<a name="l00636"></a>00636 <span class="keywordflow">return</span> dir->packets;
<a name="l00637"></a>00637 }
<a name="l00638"></a>00638
<a name="l00639"></a>00639 <span class="keywordtype">void</span> nfnl_ct_set_bytes(<span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl, uint64_t bytes)
<a name="l00640"></a>00640 {
<a name="l00641"></a>00641 <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00642"></a>00642 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_BYTES : CT_ATTR_ORIG_BYTES;
<a name="l00643"></a>00643
<a name="l00644"></a>00644 dir->bytes = bytes;
<a name="l00645"></a>00645 ct->ce_mask |= attr;
<a name="l00646"></a>00646 }
<a name="l00647"></a>00647
<a name="l00648"></a>00648 <span class="keywordtype">int</span> nfnl_ct_test_bytes(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00649"></a>00649 {
<a name="l00650"></a>00650 <span class="keywordtype">int</span> attr = repl ? CT_ATTR_REPL_BYTES : CT_ATTR_ORIG_BYTES;
<a name="l00651"></a>00651 <span class="keywordflow">return</span> !!(ct->ce_mask & attr);
<a name="l00652"></a>00652 }
<a name="l00653"></a>00653
<a name="l00654"></a>00654 uint64_t nfnl_ct_get_bytes(<span class="keyword">const</span> <span class="keyword">struct</span> nfnl_ct *ct, <span class="keywordtype">int</span> repl)
<a name="l00655"></a>00655 {
<a name="l00656"></a>00656 <span class="keyword">const</span> <span class="keyword">struct </span>nfnl_ct_dir *dir = repl ? &ct->ct_repl : &ct->ct_orig;
<a name="l00657"></a>00657
<a name="l00658"></a>00658 <span class="keywordflow">return</span> dir->bytes;
<a name="l00659"></a>00659 }
<a name="l00660"></a>00660 <span class="comment"></span>
<a name="l00661"></a>00661 <span class="comment">/** @} */</span>
<a name="l00662"></a>00662
<a name="l00663"></a>00663 <span class="keyword">struct </span><a class="code" href="structnl__object__ops.html" title="Object Operations.">nl_object_ops</a> ct_obj_ops = {
<a name="l00664"></a>00664 .<a class="code" href="structnl__object__ops.html#a5225584343fe711642303e000b036ee9" title="Unique name of object type.">oo_name</a> = <span class="stringliteral">"netfilter/ct"</span>,
<a name="l00665"></a>00665 .oo_size = <span class="keyword">sizeof</span>(<span class="keyword">struct </span>nfnl_ct),
<a name="l00666"></a>00666 .oo_free_data = ct_free_data,
<a name="l00667"></a>00667 .oo_clone = ct_clone,
<a name="l00668"></a>00668 .oo_dump[<a class="code" href="group__utils.html#ggacfb5566c73f0965c5241d7d49bc717e9a5597887c080d5ecae358b6065a4048fd" title="Dump object in a brief one-liner.">NL_DUMP_BRIEF</a>] = ct_dump,
<a name="l00669"></a>00669 .oo_dump[<a class="code" href="group__utils.html#ggacfb5566c73f0965c5241d7d49bc717e9a1445106c7af529b2c99ee289fbcd3179" title="Dump all attributes but no statistics.">NL_DUMP_FULL</a>] = ct_dump,
<a name="l00670"></a>00670 .oo_dump[<a class="code" href="group__utils.html#ggacfb5566c73f0965c5241d7d49bc717e9a8ebedc55094df6175b84fb1230047a65" title="Dump all attributes including statistics.">NL_DUMP_STATS</a>] = ct_dump,
<a name="l00671"></a>00671 .oo_compare = ct_compare,
<a name="l00672"></a>00672 .oo_attrs2str = ct_attrs2str,
<a name="l00673"></a>00673 };
<a name="l00674"></a>00674 <span class="comment"></span>
<a name="l00675"></a>00675 <span class="comment">/** @} */</span>
</pre></div></div>
</div>
<hr class="footer"/><address class="footer"><small>Generated on Mon Mar 21 2011 for libnl by 
<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/></a> 1.7.3 </small></address>
</body>
</html>
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
87b89b73c41f4440bb86afd421c7548f
>
files
>
90
