Annotation of embedaddon/dnsmasq/src/nftset.c, revision 1.1.1.1
1.1 misho 1: /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley
2:
3: This program is free software; you can redistribute it and/or modify
4: it under the terms of the GNU General Public License as published by
5: the Free Software Foundation; version 2 dated June, 1991, or
6: (at your option) version 3 dated 29 June, 2007.
7:
8: This program is distributed in the hope that it will be useful,
9: but WITHOUT ANY WARRANTY; without even the implied warranty of
10: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11: GNU General Public License for more details.
12:
13: You should have received a copy of the GNU General Public License
14: along with this program. If not, see <http://www.gnu.org/licenses/>.
15: */
16:
17:
18: #include "dnsmasq.h"
19:
20: #if defined (HAVE_NFTSET) && defined (HAVE_LINUX_NETWORK)
21:
22: #include <nftables/libnftables.h>
23:
24: #include <string.h>
25: #include <arpa/inet.h>
26:
27: static struct nft_ctx *ctx = NULL;
28: static const char *cmd_add = "add element %s { %s }";
29: static const char *cmd_del = "delete element %s { %s }";
30:
31: void nftset_init()
32: {
33: ctx = nft_ctx_new(NFT_CTX_DEFAULT);
34: if (ctx == NULL)
35: die(_("failed to create nftset context"), NULL, EC_MISC);
36:
37: /* disable libnftables output */
38: nft_ctx_buffer_error(ctx);
39: }
40:
41: int add_to_nftset(const char *setname, const union all_addr *ipaddr, int flags, int remove)
42: {
43: const char *cmd = remove ? cmd_del : cmd_add;
44: int ret, af = (flags & F_IPV4) ? AF_INET : AF_INET6;
45: size_t new_sz;
46: char *new, *err, *nl;
47: static char *cmd_buf = NULL;
48: static size_t cmd_buf_sz = 0;
49:
50: inet_ntop(af, ipaddr, daemon->addrbuff, ADDRSTRLEN);
51:
52: if (setname[1] == ' ' && (setname[0] == '4' || setname[0] == '6'))
53: {
54: if (setname[0] == '4' && !(flags & F_IPV4))
55: return -1;
56:
57: if (setname[0] == '6' && !(flags & F_IPV6))
58: return -1;
59:
60: setname += 2;
61: }
62:
63: if (cmd_buf_sz == 0)
64: new_sz = 150; /* initial allocation */
65: else
66: new_sz = snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
67:
68: if (new_sz > cmd_buf_sz)
69: {
70: if (!(new = whine_malloc(new_sz + 10)))
71: return 0;
72:
73: if (cmd_buf)
74: free(cmd_buf);
75: cmd_buf = new;
76: cmd_buf_sz = new_sz + 10;
77: snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
78: }
79:
80: ret = nft_run_cmd_from_buffer(ctx, cmd_buf);
81: err = (char *)nft_ctx_get_error_buffer(ctx);
82:
83: if (ret != 0)
84: {
85: /* Log only first line of error return. */
86: if ((nl = strchr(err, '\n')))
87: *nl = 0;
88: my_syslog(LOG_ERR, "nftset %s %s", setname, err);
89: }
90:
91: return ret;
92: }
93:
94: #endif
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to nftset.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src