libnftnl  1.2.8
utils.c
1 /*
2  * (C) 2012-2013 by Pablo Neira Ayuso <pablo@netfilter.org>
3  * (C) 2013 by Arturo Borrero Gonzalez <arturo@debian.org>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published
7  * by the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  */
10 
11 #include <internal.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 #include <stdint.h>
16 #include <arpa/inet.h>
17 #include <errno.h>
18 #include <inttypes.h>
19 
20 #include <libnftnl/common.h>
21 
22 #include <linux/netfilter.h>
23 #include <linux/netfilter/nf_tables.h>
24 
25 static const char *const nftnl_family_str[NFPROTO_NUMPROTO] = {
26  [NFPROTO_INET] = "inet",
27  [NFPROTO_IPV4] = "ip",
28  [NFPROTO_ARP] = "arp",
29  [NFPROTO_NETDEV] = "netdev",
30  [NFPROTO_BRIDGE] = "bridge",
31  [NFPROTO_IPV6] = "ip6",
32 };
33 
34 const char *nftnl_family2str(uint32_t family)
35 {
36  if (family >= NFPROTO_NUMPROTO || !nftnl_family_str[family])
37  return "unknown";
38 
39  return nftnl_family_str[family];
40 }
41 
42 const char *nftnl_verdict2str(uint32_t verdict)
43 {
44  switch (verdict) {
45  case NF_ACCEPT:
46  return "accept";
47  case NF_DROP:
48  return "drop";
49  case NF_STOLEN:
50  return "stolen";
51  case NF_QUEUE:
52  return "queue";
53  case NF_REPEAT:
54  return "repeat";
55  case NF_STOP:
56  return "stop";
57  case NFT_RETURN:
58  return "return";
59  case NFT_JUMP:
60  return "jump";
61  case NFT_GOTO:
62  return "goto";
63  case NFT_CONTINUE:
64  return "continue";
65  case NFT_BREAK:
66  return "break";
67  default:
68  return "unknown";
69  }
70 }
71 
72 enum nftnl_cmd_type nftnl_flag2cmd(uint32_t flags)
73 {
74  if (flags & NFTNL_OF_EVENT_NEW)
75  return NFTNL_CMD_ADD;
76  else if (flags & NFTNL_OF_EVENT_DEL)
77  return NFTNL_CMD_DELETE;
78 
79  return NFTNL_CMD_UNSPEC;
80 }
81 
82 int nftnl_fprintf(FILE *fp, const void *obj, uint32_t cmd, uint32_t type,
83  uint32_t flags,
84  int (*snprintf_cb)(char *buf, size_t bufsiz, const void *obj,
85  uint32_t cmd, uint32_t type,
86  uint32_t flags))
87 {
88  char _buf[NFTNL_SNPRINTF_BUFSIZ];
89  char *buf = _buf;
90  size_t bufsiz = sizeof(_buf);
91  int ret;
92 
93  ret = snprintf_cb(buf, bufsiz, obj, cmd, type, flags);
94  if (ret <= 0)
95  goto out;
96 
97  if (ret >= NFTNL_SNPRINTF_BUFSIZ) {
98  bufsiz = ret + 1;
99 
100  buf = malloc(bufsiz);
101  if (buf == NULL)
102  return -1;
103 
104  ret = snprintf_cb(buf, bufsiz, obj, cmd, type, flags);
105  if (ret <= 0)
106  goto out;
107  }
108 
109  ret = fprintf(fp, "%s", buf);
110 
111 out:
112  if (buf != _buf)
113  xfree(buf);
114 
115  return ret;
116 }
117 
118 void __nftnl_assert_attr_exists(uint16_t attr, uint16_t attr_max,
119  const char *filename, int line)
120 {
121  fprintf(stderr, "libnftnl: attribute %d > %d (maximum) assertion failed in %s:%d\n",
122  attr, attr_max, filename, line);
123  exit(EXIT_FAILURE);
124 }
125 
126 void __nftnl_assert_fail(uint16_t attr, const char *filename, int line)
127 {
128  fprintf(stderr, "libnftnl: attribute %d assertion failed in %s:%d\n",
129  attr, filename, line);
130  exit(EXIT_FAILURE);
131 }
132 
133 void __noreturn __abi_breakage(const char *file, int line, const char *reason)
134 {
135  fprintf(stderr, "nf_tables kernel ABI is broken, contact your vendor.\n"
136  "%s:%d reason: %s\n", file, line, reason);
137  exit(EXIT_FAILURE);
138 }
139 
140 int nftnl_set_str_attr(const char **dptr, uint32_t *flags,
141  uint16_t attr, const void *data, uint32_t data_len)
142 {
143  if (*flags & (1 << attr))
144  xfree(*dptr);
145 
146  *dptr = strndup(data, data_len);
147  if (!*dptr)
148  return -1;
149 
150  *flags |= (1 << attr);
151  return 0;
152 }