directory restructuring

[platform/upstream/libnetfilter_queue.git] / src / libnfnetlink_queue.c

/* libnfqnetlink.c: generic library for access to nf_queue
 *
 * (C) 2005 by Harald Welte <laforge@gnumonks.org>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License version 2 
 *  as published by the Free Software Foundation
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <ctype.h>
#include <time.h>
#include <errno.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <linux/netlink.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_queue.h>
#include "libnfnetlink_queue.h"

/***********************************************************************
 * low level stuff 
 ***********************************************************************/

int nfqnl_open(struct nfqnl_handle *h)
{
        int err;

        memset(h, 0, sizeof(*h));

        err = nfnl_open(&h->nfnlh, NFNL_SUBSYS_QUEUE, 0);
        if (err < 0)
                return err;

        return 0;
}

int nfqnl_close(struct nfqnl_handle *h)
{
        return nfnl_close(&h->nfnlh);
}

/* build a NFQNL_MSG_CONFIG message */
static int
__build_send_cfg_msg(struct nfqnl_handle *h, u_int8_t command,
                     u_int16_t queuenum, u_int16_t pf)
{
        char buf[NLMSG_LENGTH(sizeof(struct nlmsghdr))
                +NLMSG_LENGTH(sizeof(struct nfgenmsg))
                +NFA_LENGTH(sizeof(struct nfqnl_msg_config_cmd))];
        struct nfqnl_msg_config_cmd cmd;
        struct nlmsghdr *nmh = (struct nlmsghdr *) buf;

        nfnl_fill_hdr(&h->nfnlh, nmh, 0, AF_UNSPEC, queuenum,
                      NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK);

        cmd.command = command;
        cmd.pf = htons(pf);
        nfnl_addattr_l(nmh, sizeof(buf), NFQA_CFG_CMD, &cmd, sizeof(cmd));

        return nfnl_send(&h->nfnlh, nmh);
}

/* bind nf_queue from a specific protocol family */
int nfqnl_bind_pf(struct nfqnl_handle *h, u_int16_t pf)
{
        return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_BIND, 0, pf);
}

/* unbind nf_queue from a specific protocol family */
int nfqnl_unbind_pf(struct nfqnl_handle *h, u_int16_t pf)
{
        return __build_send_cfg_msg(h, NFQNL_CFG_CMD_PF_UNBIND, 0, pf);
}

/* bind this socket to a specific queue number */
int nfqnl_create_queue(struct nfqnl_handle *h,
                       struct nfqnl_q_handle *qh, u_int16_t num)
{
        qh->h = h;
        qh->id = num;

        return __build_send_cfg_msg(h, NFQNL_CFG_CMD_BIND, num, 0);
}

/* unbind this socket from a specific queue number */
int nfqnl_destroy_queue(struct nfqnl_q_handle *qh)
{
        int ret = __build_send_cfg_msg(qh->h, NFQNL_CFG_CMD_UNBIND, qh->id, 0);
        if (ret == 0)
                qh->h = NULL;

        return ret;
}

int nfqnl_set_mode(struct nfqnl_q_handle *qh,
                   u_int8_t mode, u_int32_t range)
{
        char buf[NLMSG_LENGTH(sizeof(struct nlmsghdr))
                +NLMSG_LENGTH(sizeof(struct nfgenmsg))
                +NFA_LENGTH(sizeof(struct nfqnl_msg_config_params))];
        struct nfqnl_msg_config_params params;
        struct nlmsghdr *nmh = (struct nlmsghdr *) buf;

        nfnl_fill_hdr(&qh->h->nfnlh, nmh, 0, AF_UNSPEC, qh->id,
                      NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK);

        params.copy_range = htonl(range);
        params.copy_mode = mode;
        nfnl_addattr_l(nmh, sizeof(buf), NFQA_CFG_PARAMS, &params,
                       sizeof(params));

        return nfnl_send(&qh->h->nfnlh, nmh);
}

static int __set_verdict(struct nfqnl_q_handle *qh, u_int32_t id,
                         u_int32_t verdict, u_int32_t mark, int set_mark,
                         u_int32_t data_len, unsigned char *data)
{
        struct nfqnl_msg_verdict_hdr vh;
        char buf[NLMSG_LENGTH(sizeof(struct nlmsghdr))
                +NLMSG_LENGTH(sizeof(struct nfgenmsg))
                +NFA_LENGTH(sizeof(mark))
                +NFA_LENGTH(sizeof(vh))];
        struct nlmsghdr *nmh = (struct nlmsghdr *) buf;

        struct iovec iov[3];
        int nvecs;

        vh.verdict = htonl(verdict);
        vh.id = htonl(id);

        nfnl_fill_hdr(&qh->h->nfnlh, nmh, 0, AF_UNSPEC, qh->id,
                      NFQNL_MSG_VERDICT, NLM_F_REQUEST);
                        
        /* add verdict header */
        nfnl_addattr_l(nmh, sizeof(buf), NFQA_VERDICT_HDR, &vh, sizeof(vh));

        if (set_mark)
                nfnl_addattr32(nmh, sizeof(buf), NFQA_MARK, mark);

        iov[0].iov_base = nmh;
        iov[0].iov_len = NLMSG_TAIL(nmh) - (void *)nmh;
        nvecs = 1;

        if (data_len) {
                struct nfattr data_attr;

                nfnl_build_nfa_iovec(&iov[1], &data_attr, NFQA_PAYLOAD,
                                     data_len, data);
                nvecs += 2;
        }

        return nfnl_sendiov(&qh->h->nfnlh, iov, nvecs, 0);
}

int nfqnl_set_verdict(struct nfqnl_q_handle *qh, u_int32_t id,
                      u_int32_t verdict, u_int32_t data_len, 
                      unsigned char *buf)
{
        return __set_verdict(qh, id, verdict, 0, 0, data_len, buf);
}       

int nfqnl_set_verdict_mark(struct nfqnl_q_handle *qh, u_int32_t id,
                           u_int32_t verdict, u_int32_t mark,
                           u_int32_t datalen, unsigned char *buf)
{
        return __set_verdict(qh, id, verdict, mark, 1, datalen, buf);
}