1e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy/* 2e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * lib/netfilter/queue_msg.c Netfilter Queue Messages 3e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * 4e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * This library is free software; you can redistribute it and/or 5e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * modify it under the terms of the GNU Lesser General Public 6e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * License as published by the Free Software Foundation version 2.1 7e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * of the License. 8e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * 9e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * Copyright (c) 2007, 2008 Patrick McHardy <kaber@trash.net> 10cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto * Copyright (c) 2010 Karl Hiramoto <karl@hiramoto.org> 11e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy */ 12e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 13e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy/** 14e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * @ingroup nfnl 15e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * @defgroup queue Queue 16e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * @brief 17e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy * @{ 18e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy */ 19e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 20e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <sys/types.h> 21e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <linux/netfilter/nfnetlink_queue.h> 22e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 23e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <netlink-local.h> 24e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <netlink/attr.h> 25e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <netlink/netfilter/nfnl.h> 26e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#include <netlink/netfilter/queue_msg.h> 27e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 28e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic struct nl_cache_ops nfnl_queue_msg_ops; 29e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 30e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#if __BYTE_ORDER == __BIG_ENDIAN 31e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic uint64_t ntohll(uint64_t x) 32e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 33e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return x; 34e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 35e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#elif __BYTE_ORDER == __LITTLE_ENDIAN 36e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic uint64_t ntohll(uint64_t x) 37e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 38e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return __bswap_64(x); 39e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 40e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#endif 41e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 42e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic struct nla_policy queue_policy[NFQA_MAX+1] = { 43e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_PACKET_HDR] = { 44e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .minlen = sizeof(struct nfqnl_msg_packet_hdr), 45e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy }, 46e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_VERDICT_HDR] = { 47e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .minlen = sizeof(struct nfqnl_msg_verdict_hdr), 48e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy }, 49e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_MARK] = { .type = NLA_U32 }, 50e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_TIMESTAMP] = { 51e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .minlen = sizeof(struct nfqnl_msg_packet_timestamp), 52e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy }, 53e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_IFINDEX_INDEV] = { .type = NLA_U32 }, 54e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_IFINDEX_OUTDEV] = { .type = NLA_U32 }, 55e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_IFINDEX_PHYSINDEV] = { .type = NLA_U32 }, 56e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_IFINDEX_PHYSOUTDEV] = { .type = NLA_U32 }, 57e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy [NFQA_HWADDR] = { 580c2cb97924c4ab22f525d2419cf2e8ed9927541cThomas Graf .minlen = sizeof(struct nfqnl_msg_packet_hw), 59e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy }, 60e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy}; 61e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 628a3efffa5b3fde252675239914118664d36a2c24Thomas Grafint nfnlmsg_queue_msg_parse(struct nlmsghdr *nlh, 638a3efffa5b3fde252675239914118664d36a2c24Thomas Graf struct nfnl_queue_msg **result) 64e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 65e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfnl_queue_msg *msg; 66e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nlattr *tb[NFQA_MAX+1]; 67e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nlattr *attr; 68e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy int err; 69e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 70e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy msg = nfnl_queue_msg_alloc(); 71e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (!msg) 728a3efffa5b3fde252675239914118664d36a2c24Thomas Graf return -NLE_NOMEM; 73e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 74e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy msg->ce_msgtype = nlh->nlmsg_type; 75e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 76e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy err = nlmsg_parse(nlh, sizeof(struct nfgenmsg), tb, NFQA_MAX, 77e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy queue_policy); 78e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (err < 0) 79e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy goto errout; 80e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 81e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_group(msg, nfnlmsg_res_id(nlh)); 82e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_family(msg, nfnlmsg_family(nlh)); 83e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 84e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_PACKET_HDR]; 85e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) { 86e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfqnl_msg_packet_hdr *hdr = nla_data(attr); 87e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 88e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_packetid(msg, ntohl(hdr->packet_id)); 89e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (hdr->hw_protocol) 90e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_hwproto(msg, hdr->hw_protocol); 91e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_hook(msg, hdr->hook); 92e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy } 93e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 94e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_MARK]; 95e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) 96e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_mark(msg, ntohl(nla_get_u32(attr))); 97e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 98e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_TIMESTAMP]; 99e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) { 100e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfqnl_msg_packet_timestamp *timestamp = nla_data(attr); 101e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct timeval tv; 102e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 103e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy tv.tv_sec = ntohll(timestamp->sec); 104e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy tv.tv_usec = ntohll(timestamp->usec); 105e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_timestamp(msg, &tv); 106e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy } 107e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 108e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_IFINDEX_INDEV]; 109e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) 110e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_indev(msg, ntohl(nla_get_u32(attr))); 111e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 112e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_IFINDEX_OUTDEV]; 113e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) 114e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_outdev(msg, ntohl(nla_get_u32(attr))); 115e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 116e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_IFINDEX_PHYSINDEV]; 117e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) 118e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_physindev(msg, ntohl(nla_get_u32(attr))); 119e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 120e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_IFINDEX_PHYSOUTDEV]; 121e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) 122e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_physoutdev(msg, ntohl(nla_get_u32(attr))); 123e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 124e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_HWADDR]; 125e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) { 126e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfqnl_msg_packet_hw *hw = nla_data(attr); 127e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 128e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_set_hwaddr(msg, hw->hw_addr, 129e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy ntohs(hw->hw_addrlen)); 130e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy } 131e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 132e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy attr = tb[NFQA_PAYLOAD]; 133e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (attr) { 134e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy err = nfnl_queue_msg_set_payload(msg, nla_data(attr), 135e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nla_len(attr)); 136e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (err < 0) 137e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy goto errout; 138e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy } 139e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 1408a3efffa5b3fde252675239914118664d36a2c24Thomas Graf *result = msg; 1418a3efffa5b3fde252675239914118664d36a2c24Thomas Graf return 0; 142e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 143e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardyerrout: 144e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_put(msg); 1458a3efffa5b3fde252675239914118664d36a2c24Thomas Graf return err; 146e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 147e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 148e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic int queue_msg_parser(struct nl_cache_ops *ops, struct sockaddr_nl *who, 149e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nlmsghdr *nlh, struct nl_parser_param *pp) 150e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 151e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfnl_queue_msg *msg; 152e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy int err; 153e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 1548a3efffa5b3fde252675239914118664d36a2c24Thomas Graf if ((err = nfnlmsg_queue_msg_parse(nlh, &msg)) < 0) 1558a3efffa5b3fde252675239914118664d36a2c24Thomas Graf goto errout; 156e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 157e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy err = pp->pp_cb((struct nl_object *) msg, pp); 158e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardyerrout: 159e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_put(msg); 160e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return err; 161e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 162e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 163e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy/** @} */ 164e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 165e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystruct nl_msg *nfnl_queue_msg_build_verdict(const struct nfnl_queue_msg *msg) 166e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 167e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nl_msg *nlmsg; 168e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nfqnl_msg_verdict_hdr verdict; 169e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 170e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nlmsg = nfnlmsg_alloc_simple(NFNL_SUBSYS_QUEUE, NFQNL_MSG_VERDICT, 0, 171e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_get_family(msg), 172e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nfnl_queue_msg_get_group(msg)); 173e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (nlmsg == NULL) 174e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return NULL; 175e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 176e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy verdict.id = htonl(nfnl_queue_msg_get_packetid(msg)); 177e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy verdict.verdict = htonl(nfnl_queue_msg_get_verdict(msg)); 178e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (nla_put(nlmsg, NFQA_VERDICT_HDR, sizeof(verdict), &verdict) < 0) 179e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy goto nla_put_failure; 180e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 181e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (nfnl_queue_msg_test_mark(msg) && 182e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nla_put_u32(nlmsg, NFQA_MARK, 183e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy ntohl(nfnl_queue_msg_get_mark(msg))) < 0) 184e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy goto nla_put_failure; 185e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 186e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return nlmsg; 187e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 188e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardynla_put_failure: 189e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nlmsg_free(nlmsg); 190e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return NULL; 191e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 192e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 193cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto/** 194cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* Send a message verdict/mark 195cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg nlh netlink messsage header 196cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg msg queue msg 197cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @return 0 on OK or error code 198cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto*/ 1991155370f520cb64657e25153255cf7dc1424317fThomas Grafint nfnl_queue_msg_send_verdict(struct nl_sock *nlh, 200e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy const struct nfnl_queue_msg *msg) 201e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 202e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy struct nl_msg *nlmsg; 203e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy int err; 204e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 205e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nlmsg = nfnl_queue_msg_build_verdict(msg); 206e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (nlmsg == NULL) 2078a3efffa5b3fde252675239914118664d36a2c24Thomas Graf return -NLE_NOMEM; 208e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 209e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy err = nl_send_auto_complete(nlh, nlmsg); 210e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nlmsg_free(nlmsg); 211e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy if (err < 0) 212e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy return err; 213cfcfca070355b246028df60da79813f09ed65755Thomas Graf return wait_for_ack(nlh); 214e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 215e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 216cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto/** 217cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* Send a message verdict including the payload 218cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg nlh netlink messsage header 219cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg msg queue msg 220cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg payload_data packet payload data 221cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @arg payload_len payload length 222cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto* @return 0 on OK or error code 223cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto*/ 224cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramotoint nfnl_queue_msg_send_verdict_payload(struct nl_sock *nlh, 225cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto const struct nfnl_queue_msg *msg, 226cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto const void *payload_data, unsigned payload_len) 227cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto{ 228cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto struct nl_msg *nlmsg; 229cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto int err; 230cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto struct iovec iov[3]; 231cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto struct nlattr nla; 232cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 233cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nlmsg = nfnl_queue_msg_build_verdict(msg); 234cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto if (nlmsg == NULL) 235cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto return -NLE_NOMEM; 236cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 237cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto memset(iov, 0, sizeof(iov)); 238cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 239cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[0].iov_base = (void *) nlmsg_hdr(nlmsg); 240cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[0].iov_len = nlmsg_hdr(nlmsg)->nlmsg_len; 241cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 242cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nla.nla_type = NFQA_PAYLOAD; 243cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nla.nla_len = payload_len + sizeof(nla); 244cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nlmsg_hdr(nlmsg)->nlmsg_len += nla.nla_len; 245cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 246cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[1].iov_base = (void *) &nla; 247cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[1].iov_len = sizeof(nla); 248cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 249cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[2].iov_base = (void *) payload_data; 250cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto iov[2].iov_len = NLA_ALIGN(payload_len); 251cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 252cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nl_auto_complete(nlh, nlmsg); 253cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto err = nl_send_iovec(nlh, nlmsg, iov, 3); 254cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 255cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto nlmsg_free(nlmsg); 256cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto if (err < 0) 257cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto return err; 258cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto return wait_for_ack(nlh); 259cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto} 260cafdaa4e065a2ee658d7e361158100f4c7abe445Karl Hiramoto 261e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy#define NFNLMSG_QUEUE_TYPE(type) NFNLMSG_TYPE(NFNL_SUBSYS_QUEUE, (type)) 262e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic struct nl_cache_ops nfnl_queue_msg_ops = { 263e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_name = "netfilter/queue_msg", 264e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_hdrsize = NFNL_HDRLEN, 265e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_msgtypes = { 266e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy { NFNLMSG_QUEUE_TYPE(NFQNL_MSG_PACKET), NL_ACT_NEW, "new" }, 267e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy END_OF_MSGTYPES_LIST, 268e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy }, 269e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_protocol = NETLINK_NETFILTER, 270e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_msg_parser = queue_msg_parser, 271e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy .co_obj_ops = &queue_msg_obj_ops, 272e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy}; 273e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 274e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic void __init nfnl_msg_queue_init(void) 275e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 276e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nl_cache_mngt_register(&nfnl_queue_msg_ops); 277e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 278e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 279e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardystatic void __exit nfnl_queue_msg_exit(void) 280e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy{ 281e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy nl_cache_mngt_unregister(&nfnl_queue_msg_ops); 282e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy} 283e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy 284e72cb033f2f7323b63f3e640a37e7a75558ab128Patrick McHardy/** @} */ 285