[BACK]Return to conntrack.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src / conntrack.c
Revision 1.1.1.3 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Nov 2 09:57:01 2016 UTC (7 years, 8 months ago) by misho
Branches: elwix, dnsmasq, MAIN
CVS tags: v2_76p1, HEAD
dnsmasq 2.76

    1: /* dnsmasq is Copyright (c) 2000-2016 Simon Kelley
    2: 
    3:    This program is free software; you can redistribute it and/or modify
    4:    it under the terms of the GNU General Public License as published by
    5:    the Free Software Foundation; version 2 dated June, 1991, or
    6:    (at your option) version 3 dated 29 June, 2007.
    7:  
    8:    This program is distributed in the hope that it will be useful,
    9:    but WITHOUT ANY WARRANTY; without even the implied warranty of
   10:    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11:    GNU General Public License for more details.
   12:      
   13:    You should have received a copy of the GNU General Public License
   14:    along with this program.  If not, see <http://www.gnu.org/licenses/>.
   15: */
   16: 
   17: #include "dnsmasq.h"
   18: 
   19: #ifdef HAVE_CONNTRACK
   20: 
   21: #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
   22: 
   23: static int gotit = 0; /* yuck */
   24: 
   25: static int callback(enum nf_conntrack_msg_type type, struct nf_conntrack *ct, void *data);
   26: 
   27: int get_incoming_mark(union mysockaddr *peer_addr, struct all_addr *local_addr, int istcp, unsigned int *markp)
   28: {
   29:   struct nf_conntrack *ct;
   30:   struct nfct_handle *h;
   31:   
   32:   gotit = 0;
   33:   
   34:   if ((ct = nfct_new())) 
   35:     {
   36:       nfct_set_attr_u8(ct, ATTR_L4PROTO, istcp ? IPPROTO_TCP : IPPROTO_UDP);
   37:       nfct_set_attr_u16(ct, ATTR_PORT_DST, htons(daemon->port));
   38:       
   39: #ifdef HAVE_IPV6
   40:       if (peer_addr->sa.sa_family == AF_INET6)
   41: 	{
   42: 	  nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET6);
   43: 	  nfct_set_attr(ct, ATTR_IPV6_SRC, peer_addr->in6.sin6_addr.s6_addr);
   44: 	  nfct_set_attr_u16(ct, ATTR_PORT_SRC, peer_addr->in6.sin6_port);
   45: 	  nfct_set_attr(ct, ATTR_IPV6_DST, local_addr->addr.addr6.s6_addr);
   46: 	}
   47:       else
   48: #endif
   49: 	{
   50: 	  nfct_set_attr_u8(ct, ATTR_L3PROTO, AF_INET);
   51: 	  nfct_set_attr_u32(ct, ATTR_IPV4_SRC, peer_addr->in.sin_addr.s_addr);
   52: 	  nfct_set_attr_u16(ct, ATTR_PORT_SRC, peer_addr->in.sin_port);
   53: 	  nfct_set_attr_u32(ct, ATTR_IPV4_DST, local_addr->addr.addr4.s_addr);
   54: 	}
   55:       
   56:       
   57:       if ((h = nfct_open(CONNTRACK, 0))) 
   58: 	{
   59: 	  nfct_callback_register(h, NFCT_T_ALL, callback, (void *)markp);  
   60: 	  if (nfct_query(h, NFCT_Q_GET, ct) == -1)
   61: 	    {
   62: 	      static int warned = 0;
   63: 	      if (!warned)
   64: 		{
   65: 		  my_syslog(LOG_ERR, _("Conntrack connection mark retrieval failed: %s"), strerror(errno));
   66: 		  warned = 1;
   67: 		}
   68: 	    }
   69: 	  nfct_close(h);  
   70: 	}
   71:       nfct_destroy(ct);
   72:     }
   73: 
   74:   return gotit;
   75: }
   76: 
   77: static int callback(enum nf_conntrack_msg_type type, struct nf_conntrack *ct, void *data)
   78: {
   79:   unsigned int *ret = (unsigned int *)data;
   80:   *ret = nfct_get_attr_u32(ct, ATTR_MARK);
   81:   (void)type; /* eliminate warning */
   82:   gotit = 1;
   83: 
   84:   return NFCT_CB_CONTINUE;
   85: }
   86: 
   87: #endif
   88:   
   89: 
   90:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>