Beispiel #1
0
int nfct_close(struct nfct_handle *cth)
{
	int err;

	if (cth->nfnlssh_exp) {
		nfnl_subsys_close(cth->nfnlssh_exp);
		cth->nfnlssh_exp = NULL;
	}
	if (cth->nfnlssh_ct) {
		nfnl_subsys_close(cth->nfnlssh_ct);
		cth->nfnlssh_ct = NULL;
	}

	/* required by the new API */
	cth->cb = NULL;
	cth->cb2 = NULL;
	cth->expect_cb = NULL;
	cth->expect_cb2 = NULL;
	free(cth->nfnl_cb.data);

	cth->nfnl_cb.call = NULL; 
	cth->nfnl_cb.data = NULL;
	cth->nfnl_cb.attr_count = 0;

	err = nfnl_close(cth->nfnlh);
	free(cth);

	return err;
}
int main(int argc, char *argv[])
{
	int ch, del = 0, err;
	char *fingerprints = NULL;

	while ((ch = getopt(argc, argv, "f:dh")) != -1) {
		switch (ch) {
			case 'f':
				fingerprints = optarg;
				break;
			case 'd':
				del = 1;
				break;
			default:
				fprintf(stderr,
					"Usage: %s -f fingerprints -d <del rules> -h\n",
					argv[0]);
				return -1;
		}
	}

	if (!fingerprints) {
		err = -ENOENT;
		goto err_out_exit;
	}

	nfnlh = nfnl_open();
	if (!nfnlh) {
		err = -EINVAL;
		ulog_err("Failed to create nfnl handler");
		goto err_out_exit;
	}

#ifndef NFNL_SUBSYS_OSF
#define NFNL_SUBSYS_OSF	5
#endif

	nfnlssh = nfnl_subsys_open(nfnlh, NFNL_SUBSYS_OSF, OSF_MSG_MAX, 0);
	if (!nfnlssh) {
		err = -EINVAL;
		ulog_err("Faied to create nfnl subsystem");
		goto err_out_close;
	}

	err = osf_load_entries(fingerprints, del);
	if (err)
		goto err_out_close_subsys;

	nfnl_subsys_close(nfnlssh);
	nfnl_close(nfnlh);

	return 0;

err_out_close_subsys:
	nfnl_subsys_close(nfnlssh);
err_out_close:
	nfnl_close(nfnlh);
err_out_exit:
	return err;
}
Beispiel #3
0
struct nfct_handle *nfct_open_nfnl(struct nfnl_handle *nfnlh,
				   u_int8_t subsys_id,
				   unsigned int subscriptions)
{
	struct nfct_handle *cth;

	cth = (struct nfct_handle *) malloc(sizeof(struct nfct_handle));
	if (!cth)
		return NULL;
	
	memset(cth, 0, sizeof(*cth));
	cth->nfnlh = nfnlh;

	if (subsys_id == 0 || subsys_id == NFNL_SUBSYS_CTNETLINK) {
		cth->nfnlssh_ct = nfnl_subsys_open(cth->nfnlh, 
						   NFNL_SUBSYS_CTNETLINK, 
						   IPCTNL_MSG_MAX,
						   subscriptions);
		if (!cth->nfnlssh_ct)
			goto out_free;
	}

	if (subsys_id == 0 || subsys_id == NFNL_SUBSYS_CTNETLINK_EXP) {
		cth->nfnlssh_exp = nfnl_subsys_open(cth->nfnlh,
						    NFNL_SUBSYS_CTNETLINK_EXP,
						    IPCTNL_MSG_EXP_MAX,
						    subscriptions);
		if (!cth->nfnlssh_exp)
			goto out_free;
	}
	return cth;

out_free:
	if (cth->nfnlssh_exp) {
		nfnl_subsys_close(cth->nfnlssh_exp);
		cth->nfnlssh_exp = NULL;
	}
	if (cth->nfnlssh_ct) {
		nfnl_subsys_close(cth->nfnlssh_ct);
		cth->nfnlssh_ct = NULL;
	}
	free(cth);
	return NULL;
}
Beispiel #4
0
/**
 * nfnl_close - close a nfnetlink handler
 * @nfnlh: nfnetlink handler
 *
 * This function closes the nfnetlink handler. On success, 0 is returned.
 * On error, -1 is returned and errno is set appropiately.
 */
int nfnl_close(struct nfnl_handle *nfnlh)
{
	int i, ret;

	assert(nfnlh);

	for (i = 0; i < NFNL_MAX_SUBSYS; i++)
		nfnl_subsys_close(&nfnlh->subsys[i]);

	ret = close(nfnlh->fd);
	if (ret < 0)
		return ret;

	free(nfnlh);

	return 0;
}