diff options
Diffstat (limited to 'lib/netfilter/ct.c')
-rw-r--r-- | lib/netfilter/ct.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/lib/netfilter/ct.c b/lib/netfilter/ct.c index 130f4b1..04f9d01 100644 --- a/lib/netfilter/ct.c +++ b/lib/netfilter/ct.c @@ -35,11 +35,19 @@ static uint64_t ntohll(uint64_t x) { return x; } +static uint64_t htonll(uint64_t x) +{ + return x; +} #elif __BYTE_ORDER == __LITTLE_ENDIAN static uint64_t ntohll(uint64_t x) { return bswap_64(x); } +static uint64_t htonll(uint64_t x) +{ + return bswap_64(x); +} #endif static struct nla_policy ct_policy[CTA_MAX+1] = { @@ -520,9 +528,31 @@ static int nfnl_ct_build_message(const struct nfnl_ct *ct, int cmd, int flags, if ((err = nfnl_ct_build_tuple(msg, ct, 0)) < 0) goto err_out; + /* REPLY tuple is optional, dont add unless at least src/dst specified */ + + if ( nfnl_ct_get_src(ct, 1) && nfnl_ct_get_dst(ct, 1) ) + if ((err = nfnl_ct_build_tuple(msg, ct, 1)) < 0) + goto err_out; + + if (nfnl_ct_test_status(ct)) + NLA_PUT_U32(msg, CTA_STATUS, htonl(nfnl_ct_get_status(ct))); + + if (nfnl_ct_test_timeout(ct)) + NLA_PUT_U32(msg, CTA_TIMEOUT, htonl(nfnl_ct_get_timeout(ct))); + + if (nfnl_ct_test_mark(ct)) + NLA_PUT_U32(msg, CTA_MARK, htonl(nfnl_ct_get_mark(ct))); + + if (nfnl_ct_test_id(ct)) + NLA_PUT_U32(msg, CTA_ID, htonl(nfnl_ct_get_id(ct))); + + if (nfnl_ct_test_zone(ct)) + NLA_PUT_U16(msg, CTA_ZONE, htons(nfnl_ct_get_zone(ct))); + *result = msg; return 0; +nla_put_failure: err_out: nlmsg_free(msg); return err; |