lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[NETFILTER]: Add ctnetlink subsystem

Browse Source 
Add ctnetlink subsystem for userspace-access to ip_conntrack table.
This allows reading and updating of existing entries, as well as
creating new ones (and new expect's) via nfnetlink.

Please note the 'strange' byte order: nfattr (tag+length) are in host
byte order, while the payload is always guaranteed to be in network
byte order.  This allows a simple userspace process to encapsulate netlink
messages into arch-independent udp packets by just processing/swapping the
headers and not knowing anything about the actual payload.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Harald Welte
2005-08-09 19:32:58 -07:00
committed by David S. Miller
parent 6f1cf16582
commit 080774a243
23 changed files with 2277 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
net/netfilter/nfnetlink.c
View File

@ -121,6 +121,7 @@ void __nfa_fill(struct sk_buff *skb, int attrtype, int attrlen,
nfa->nfa_type = attrtype;
nfa->nfa_len = size;
memcpy(NFA_DATA(nfa), data, attrlen);
memset(NFA_DATA(nfa) + attrlen, 0, NFA_ALIGN(size) - size);
}
int nfattr_parse(struct nfattr *tb[], int maxattr, struct nfattr *nfa, int len)