static int nflog_parse_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
/* skip unsupported attribute in user-space */
if (mnl_attr_type_valid(attr, NFULA_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case NFULA_HWTYPE: /* hardware type */
case NFULA_HWLEN: /* hardware header length */
if (mnl_attr_validate(attr, MNL_TYPE_U16) < 0)
return MNL_CB_ERROR;
break;
case NFULA_MARK: /* __u32 nfmark */
case NFULA_IFINDEX_INDEV: /* __u32 ifindex */
case NFULA_IFINDEX_OUTDEV: /* __u32 ifindex */
case NFULA_IFINDEX_PHYSINDEV: /* __u32 ifindex */
case NFULA_IFINDEX_PHYSOUTDEV: /* __u32 ifindex */
case NFULA_UID: /* user id of socket */
case NFULA_SEQ: /* instance-local sequence number */
case NFULA_SEQ_GLOBAL: /* global sequence number */
case NFULA_GID: /* group id of socket */
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
return MNL_CB_ERROR;
break;
case NFULA_PACKET_HDR:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfulnl_msg_packet_hdr)) < 0) {
return MNL_CB_ERROR;
}
break;
case NFULA_TIMESTAMP: /* nfulnl_msg_packet_timestamp */
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfulnl_msg_packet_timestamp)) < 0) {
return MNL_CB_ERROR;
}
break;
case NFULA_HWADDR: /* nfulnl_msg_packet_hw */
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfulnl_msg_packet_hw)) < 0) {
return MNL_CB_ERROR;
}
break;
case NFULA_PREFIX: /* string prefix */
if (mnl_attr_validate(attr, MNL_TYPE_NUL_STRING) < 0)
return MNL_CB_ERROR;
break;
case NFULA_HWHEADER: /* hardware header */
case NFULA_PAYLOAD: /* opaque data payload */
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int
nfct_parse_pinfo_tcp_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
if (mnl_attr_type_valid(attr, CTA_PROTOINFO_TCP_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case CTA_PROTOINFO_TCP_STATE:
case CTA_PROTOINFO_TCP_WSCALE_ORIGINAL:
case CTA_PROTOINFO_TCP_WSCALE_REPLY:
if (mnl_attr_validate(attr, MNL_TYPE_U8) < 0)
return MNL_CB_ERROR;
break;
case CTA_PROTOINFO_TCP_FLAGS_ORIGINAL:
case CTA_PROTOINFO_TCP_FLAGS_REPLY:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nf_ct_tcp_flags)) < 0) {
return MNL_CB_ERROR;
}
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int
nfct_parse_ip_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
/* skip unsupported attribute in user-space */
if (mnl_attr_type_valid(attr, CTA_IP_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case CTA_IP_V4_SRC:
case CTA_IP_V4_DST:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
return MNL_CB_ERROR;
break;
case CTA_IP_V6_SRC:
case CTA_IP_V6_DST:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct in6_addr)) < 0) {
return MNL_CB_ERROR;
}
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int parse_ip_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
if (mnl_attr_type_valid(attr, CTA_IP_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case CTA_IP_V4_SRC:
case CTA_IP_V4_DST:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case CTA_IP_V6_SRC:
case CTA_IP_V6_DST:
if (mnl_attr_validate2(attr, MNL_TYPE_BINARY,
sizeof(struct in6_addr)) < 0) {
perror("mnl_attr_validate2");
return MNL_CB_ERROR;
}
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int parse_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
/* skip unsupported attribute in user-space */
if (mnl_attr_type_valid(attr, NFULA_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case NFULA_MARK:
case NFULA_IFINDEX_INDEV:
case NFULA_IFINDEX_OUTDEV:
case NFULA_IFINDEX_PHYSINDEV:
case NFULA_IFINDEX_PHYSOUTDEV:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case NFULA_TIMESTAMP:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfulnl_msg_packet_timestamp)) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case NFULA_HWADDR:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfulnl_msg_packet_hw)) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case NFULA_PREFIX:
if (mnl_attr_validate(attr, MNL_TYPE_NUL_STRING) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case NFULA_PAYLOAD:
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
/* skip unsupported attribute in user-space */
if (mnl_attr_type_valid(attr, NFQA_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case NFQA_MARK:
case NFQA_IFINDEX_INDEV:
case NFQA_IFINDEX_OUTDEV:
case NFQA_IFINDEX_PHYSINDEV:
case NFQA_IFINDEX_PHYSOUTDEV:
case NFQA_CAP_LEN:
case NFQA_SKB_INFO:
case NFQA_UID:
case NFQA_GID:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
return MNL_CB_ERROR;
break;
case NFQA_TIMESTAMP:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfqnl_msg_packet_timestamp)) < 0) {
return MNL_CB_ERROR;
}
break;
case NFQA_HWADDR:
if (mnl_attr_validate2(attr, MNL_TYPE_UNSPEC,
sizeof(struct nfqnl_msg_packet_hw)) < 0) {
return MNL_CB_ERROR;
}
break;
case NFQA_PAYLOAD:
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
static int data_ipv6_attr_cb(const struct nlattr *attr, void *data)
{
const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
/* skip unsupported attribute in user-space */
if (mnl_attr_type_valid(attr, RTA_MAX) < 0)
return MNL_CB_OK;
switch(type) {
case RTA_TABLE:
case RTA_OIF:
case RTA_FLOW:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case RTA_DST:
case RTA_SRC:
case RTA_PREFSRC:
case RTA_GATEWAY:
if (mnl_attr_validate2(attr, MNL_TYPE_BINARY,
sizeof(struct in6_addr)) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
case RTA_METRICS:
if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0) {
perror("mnl_attr_validate");
return MNL_CB_ERROR;
}
break;
}
tb[type] = attr;
return MNL_CB_OK;
}
