Annotation of embedaddon/dnsmasq/src/nftset.c, revision 1.1
1.1 ! misho 1: /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley
! 2:
! 3: This program is free software; you can redistribute it and/or modify
! 4: it under the terms of the GNU General Public License as published by
! 5: the Free Software Foundation; version 2 dated June, 1991, or
! 6: (at your option) version 3 dated 29 June, 2007.
! 7:
! 8: This program is distributed in the hope that it will be useful,
! 9: but WITHOUT ANY WARRANTY; without even the implied warranty of
! 10: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
! 11: GNU General Public License for more details.
! 12:
! 13: You should have received a copy of the GNU General Public License
! 14: along with this program. If not, see <http://www.gnu.org/licenses/>.
! 15: */
! 16:
! 17:
! 18: #include "dnsmasq.h"
! 19:
! 20: #if defined (HAVE_NFTSET) && defined (HAVE_LINUX_NETWORK)
! 21:
! 22: #include <nftables/libnftables.h>
! 23:
! 24: #include <string.h>
! 25: #include <arpa/inet.h>
! 26:
! 27: static struct nft_ctx *ctx = NULL;
! 28: static const char *cmd_add = "add element %s { %s }";
! 29: static const char *cmd_del = "delete element %s { %s }";
! 30:
! 31: void nftset_init()
! 32: {
! 33: ctx = nft_ctx_new(NFT_CTX_DEFAULT);
! 34: if (ctx == NULL)
! 35: die(_("failed to create nftset context"), NULL, EC_MISC);
! 36:
! 37: /* disable libnftables output */
! 38: nft_ctx_buffer_error(ctx);
! 39: }
! 40:
! 41: int add_to_nftset(const char *setname, const union all_addr *ipaddr, int flags, int remove)
! 42: {
! 43: const char *cmd = remove ? cmd_del : cmd_add;
! 44: int ret, af = (flags & F_IPV4) ? AF_INET : AF_INET6;
! 45: size_t new_sz;
! 46: char *new, *err, *nl;
! 47: static char *cmd_buf = NULL;
! 48: static size_t cmd_buf_sz = 0;
! 49:
! 50: inet_ntop(af, ipaddr, daemon->addrbuff, ADDRSTRLEN);
! 51:
! 52: if (setname[1] == ' ' && (setname[0] == '4' || setname[0] == '6'))
! 53: {
! 54: if (setname[0] == '4' && !(flags & F_IPV4))
! 55: return -1;
! 56:
! 57: if (setname[0] == '6' && !(flags & F_IPV6))
! 58: return -1;
! 59:
! 60: setname += 2;
! 61: }
! 62:
! 63: if (cmd_buf_sz == 0)
! 64: new_sz = 150; /* initial allocation */
! 65: else
! 66: new_sz = snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
! 67:
! 68: if (new_sz > cmd_buf_sz)
! 69: {
! 70: if (!(new = whine_malloc(new_sz + 10)))
! 71: return 0;
! 72:
! 73: if (cmd_buf)
! 74: free(cmd_buf);
! 75: cmd_buf = new;
! 76: cmd_buf_sz = new_sz + 10;
! 77: snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
! 78: }
! 79:
! 80: ret = nft_run_cmd_from_buffer(ctx, cmd_buf);
! 81: err = (char *)nft_ctx_get_error_buffer(ctx);
! 82:
! 83: if (ret != 0)
! 84: {
! 85: /* Log only first line of error return. */
! 86: if ((nl = strchr(err, '\n')))
! 87: *nl = 0;
! 88: my_syslog(LOG_ERR, "nftset %s %s", setname, err);
! 89: }
! 90:
! 91: return ret;
! 92: }
! 93:
! 94: #endif
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to nftset.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src