1 /*
2  * (C) 2005-2011 by Pablo Neira Ayuso <pablo@netfilter.org>
3  *
4  * This program is free software; you can redistribute it and/or modify it
5  * under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  */
9 
10 #include "internal/internal.h"
11 
filter_attr_l4proto(struct nfct_filter * filter,const void * value)12 static void filter_attr_l4proto(struct nfct_filter *filter, const void *value)
13 {
14 	if (filter->l4proto_len >= __FILTER_L4PROTO_MAX)
15 		return;
16 
17 	set_bit(*((int *) value), filter->l4proto_map);
18 	filter->l4proto_len++;
19 }
20 
21 static void
filter_attr_l4proto_state(struct nfct_filter * filter,const void * value)22 filter_attr_l4proto_state(struct nfct_filter *filter, const void *value)
23 {
24 	const struct nfct_filter_proto *this = value;
25 
26 	set_bit_u16(this->state, &filter->l4proto_state[this->proto].map);
27 	filter->l4proto_state[this->proto].len++;
28 }
29 
filter_attr_src_ipv4(struct nfct_filter * filter,const void * value)30 static void filter_attr_src_ipv4(struct nfct_filter *filter, const void *value)
31 {
32 	const struct nfct_filter_ipv4 *this = value;
33 
34 	if (filter->l3proto_elems[0] >= __FILTER_ADDR_MAX)
35 		return;
36 
37 	filter->l3proto[0][filter->l3proto_elems[0]].addr = this->addr;
38 	filter->l3proto[0][filter->l3proto_elems[0]].mask = this->mask;
39 	filter->l3proto_elems[0]++;
40 }
41 
filter_attr_dst_ipv4(struct nfct_filter * filter,const void * value)42 static void filter_attr_dst_ipv4(struct nfct_filter *filter, const void *value)
43 {
44 	const struct nfct_filter_ipv4 *this = value;
45 
46 	if (filter->l3proto_elems[1] >= __FILTER_ADDR_MAX)
47 		return;
48 
49 	filter->l3proto[1][filter->l3proto_elems[1]].addr = this->addr;
50 	filter->l3proto[1][filter->l3proto_elems[1]].mask = this->mask;
51 	filter->l3proto_elems[1]++;
52 }
53 
filter_attr_src_ipv6(struct nfct_filter * filter,const void * value)54 static void filter_attr_src_ipv6(struct nfct_filter *filter, const void *value)
55 {
56 	const struct nfct_filter_ipv6 *this = value;
57 
58 	if (filter->l3proto_elems_ipv6[0] >= __FILTER_IPV6_MAX)
59 		return;
60 
61 	memcpy(filter->l3proto_ipv6[0][filter->l3proto_elems_ipv6[0]].addr,
62 	       this->addr, sizeof(uint32_t)*4);
63 	memcpy(filter->l3proto_ipv6[0][filter->l3proto_elems_ipv6[0]].mask,
64 	       this->mask, sizeof(uint32_t)*4);
65 	filter->l3proto_elems_ipv6[0]++;
66 }
67 
filter_attr_dst_ipv6(struct nfct_filter * filter,const void * value)68 static void filter_attr_dst_ipv6(struct nfct_filter *filter, const void *value)
69 {
70 	const struct nfct_filter_ipv6 *this = value;
71 
72 	if (filter->l3proto_elems_ipv6[1] >= __FILTER_IPV6_MAX)
73 		return;
74 
75 	memcpy(filter->l3proto_ipv6[1][filter->l3proto_elems_ipv6[1]].addr,
76 	       this->addr, sizeof(uint32_t)*4);
77 	memcpy(filter->l3proto_ipv6[1][filter->l3proto_elems_ipv6[1]].mask,
78 	       this->mask, sizeof(uint32_t)*4);
79 	filter->l3proto_elems_ipv6[1]++;
80 }
81 
filter_attr_mark(struct nfct_filter * filter,const void * value)82 static void filter_attr_mark(struct nfct_filter *filter, const void *value)
83 {
84 	const struct nfct_filter_dump_mark *this = value;
85 
86 	if (filter->mark_elems >= __FILTER_MARK_MAX)
87 		return;
88 
89 	filter->mark[filter->mark_elems].val = this->val;
90 	filter->mark[filter->mark_elems].mask = this->mask;
91 	filter->mark_elems++;
92 }
93 
94 const filter_attr filter_attr_array[NFCT_FILTER_MAX] = {
95 	[NFCT_FILTER_L4PROTO]		= filter_attr_l4proto,
96 	[NFCT_FILTER_L4PROTO_STATE]	= filter_attr_l4proto_state,
97 	[NFCT_FILTER_SRC_IPV4]		= filter_attr_src_ipv4,
98 	[NFCT_FILTER_DST_IPV4]		= filter_attr_dst_ipv4,
99 	[NFCT_FILTER_SRC_IPV6]		= filter_attr_src_ipv6,
100 	[NFCT_FILTER_DST_IPV6]		= filter_attr_dst_ipv6,
101 	[NFCT_FILTER_MARK]		= filter_attr_mark,
102 };
103