[BACK]Return to nftset.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / dnsmasq / src / nftset.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Sep 27 11:02:07 2023 UTC (9 months, 1 week ago) by misho
Branches: dnsmasq, MAIN
CVS tags: v8_2p1, HEAD
Version 8.2p1

    1: /* dnsmasq is Copyright (c) 2000-2022 Simon Kelley
    2: 
    3:    This program is free software; you can redistribute it and/or modify
    4:    it under the terms of the GNU General Public License as published by
    5:    the Free Software Foundation; version 2 dated June, 1991, or
    6:    (at your option) version 3 dated 29 June, 2007.
    7:  
    8:    This program is distributed in the hope that it will be useful,
    9:    but WITHOUT ANY WARRANTY; without even the implied warranty of
   10:    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11:    GNU General Public License for more details.
   12:      
   13:    You should have received a copy of the GNU General Public License
   14:    along with this program.  If not, see <http://www.gnu.org/licenses/>.
   15: */
   16: 
   17: 
   18: #include "dnsmasq.h"
   19: 
   20: #if defined (HAVE_NFTSET) && defined (HAVE_LINUX_NETWORK)
   21: 
   22: #include <nftables/libnftables.h>
   23: 
   24: #include <string.h>
   25: #include <arpa/inet.h>
   26: 
   27: static struct nft_ctx *ctx = NULL;
   28: static const char *cmd_add = "add element %s { %s }";
   29: static const char *cmd_del = "delete element %s { %s }";
   30: 
   31: void nftset_init()
   32: {
   33:   ctx = nft_ctx_new(NFT_CTX_DEFAULT);
   34:   if (ctx == NULL)
   35:     die(_("failed to create nftset context"), NULL, EC_MISC);
   36: 
   37:   /* disable libnftables output */
   38:   nft_ctx_buffer_error(ctx);
   39: }
   40: 
   41: int add_to_nftset(const char *setname, const union all_addr *ipaddr, int flags, int remove)
   42: {
   43:   const char *cmd = remove ? cmd_del : cmd_add;
   44:   int ret, af = (flags & F_IPV4) ? AF_INET : AF_INET6;
   45:   size_t new_sz;
   46:   char *new, *err, *nl;
   47:   static char *cmd_buf = NULL;
   48:   static size_t cmd_buf_sz = 0;
   49: 
   50:   inet_ntop(af, ipaddr, daemon->addrbuff, ADDRSTRLEN);
   51: 
   52:   if (setname[1] == ' ' && (setname[0] == '4' || setname[0] == '6'))
   53:     {
   54:       if (setname[0] == '4' && !(flags & F_IPV4))
   55: 	return -1;
   56: 
   57:       if (setname[0] == '6' && !(flags & F_IPV6))
   58: 	return -1;
   59: 
   60:       setname += 2;
   61:     }
   62:   
   63:   if (cmd_buf_sz == 0)
   64:     new_sz = 150; /* initial allocation */
   65:   else
   66:     new_sz = snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
   67:   
   68:   if (new_sz > cmd_buf_sz)
   69:     {
   70:       if (!(new = whine_malloc(new_sz + 10)))
   71: 	return 0;
   72: 
   73:       if (cmd_buf)
   74: 	free(cmd_buf);
   75:       cmd_buf = new;
   76:       cmd_buf_sz = new_sz + 10;
   77:       snprintf(cmd_buf, cmd_buf_sz, cmd, setname, daemon->addrbuff);
   78:     }
   79: 
   80:   ret = nft_run_cmd_from_buffer(ctx, cmd_buf);
   81:   err = (char *)nft_ctx_get_error_buffer(ctx);
   82: 
   83:   if (ret != 0)
   84:     {
   85:       /* Log only first line of error return. */
   86:       if ((nl = strchr(err, '\n')))
   87: 	*nl = 0;
   88:       my_syslog(LOG_ERR,  "nftset %s %s", setname, err);
   89:     }
   90:   
   91:   return ret;
   92: }
   93: 
   94: #endif
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>