Add egress if index val and rename ifidx to ingress_ifidx.
This commit is contained in:
Tomofumi Hayashi
parent
ad1e380d10
commit
01ecb49d0e
|
|
@ -199,7 +199,7 @@ get_peer_rule_by_index(int index,
|
||||||
if (index == i) {
|
if (index == i) {
|
||||||
r = peer_cache[i];
|
r = peer_cache[i];
|
||||||
if (ifname != NULL) {
|
if (ifname != NULL) {
|
||||||
if_indextoname(r->ifidx, ifname);
|
if_indextoname(r->ingress_ifidx, ifname);
|
||||||
}
|
}
|
||||||
if (eport != NULL) {
|
if (eport != NULL) {
|
||||||
*eport = r->eport;
|
*eport = r->eport;
|
||||||
|
|
@ -281,7 +281,7 @@ get_redirect_rule_by_index(int index,
|
||||||
if (index == i) {
|
if (index == i) {
|
||||||
r = redirect_cache[i];
|
r = redirect_cache[i];
|
||||||
if (ifname != NULL) {
|
if (ifname != NULL) {
|
||||||
if_indextoname(r->ifidx, ifname);
|
if_indextoname(r->ingress_ifidx, ifname);
|
||||||
}
|
}
|
||||||
if (eport != NULL) {
|
if (eport != NULL) {
|
||||||
*eport = r->eport;
|
*eport = r->eport;
|
||||||
|
|
|
||||||
|
|
@ -115,7 +115,7 @@ print_rule(rule_t *r)
|
||||||
"%s:%d (%s)\n",
|
"%s:%d (%s)\n",
|
||||||
r->handle,
|
r->handle,
|
||||||
r->table, r->chain,
|
r->table, r->chain,
|
||||||
if_indextoname(r->ifidx, ifname_buf),
|
if_indextoname(r->ingress_ifidx, ifname_buf),
|
||||||
get_family_string(r->family),
|
get_family_string(r->family),
|
||||||
get_proto_string(r->proto), r->eport,
|
get_proto_string(r->proto), r->eport,
|
||||||
iaddr_str, r->iport,
|
iaddr_str, r->iport,
|
||||||
|
|
@ -127,7 +127,7 @@ print_rule(rule_t *r)
|
||||||
"proto:%d, iaddr: %s, "
|
"proto:%d, iaddr: %s, "
|
||||||
"iport:%d, rhost:%s rport:%d (%s)\n",
|
"iport:%d, rhost:%s rport:%d (%s)\n",
|
||||||
r->handle, r->table, r->chain,
|
r->handle, r->table, r->chain,
|
||||||
r->nat_type, r->family, r->ifidx,
|
r->nat_type, r->family, r->ingress_ifidx,
|
||||||
eaddr_str, r->eport,
|
eaddr_str, r->eport,
|
||||||
r->proto, iaddr_str, r->iport,
|
r->proto, iaddr_str, r->iport,
|
||||||
rhost_str, r->rport,
|
rhost_str, r->rport,
|
||||||
|
|
@ -138,7 +138,7 @@ print_rule(rule_t *r)
|
||||||
"eaddr: %s, eport:%d, "
|
"eaddr: %s, eport:%d, "
|
||||||
"proto:%d, iaddr: %s, iport:%d, rhost:%s (%s)\n",
|
"proto:%d, iaddr: %s, iport:%d, rhost:%s (%s)\n",
|
||||||
r->handle, r->table, r->chain,
|
r->handle, r->table, r->chain,
|
||||||
r->nat_type, r->family, r->ifidx,
|
r->nat_type, r->family, r->ingress_ifidx,
|
||||||
eaddr_str, r->eport,
|
eaddr_str, r->eport,
|
||||||
r->proto, iaddr_str, r->iport, rhost_str,
|
r->proto, iaddr_str, r->iport, rhost_str,
|
||||||
r->desc);
|
r->desc);
|
||||||
|
|
@ -268,6 +268,12 @@ parse_rule_meta(struct nft_rule_expr *e, rule_t *r)
|
||||||
reg_type = RULE_REG_IIF;
|
reg_type = RULE_REG_IIF;
|
||||||
set_reg(r, dreg, reg_type, 0);
|
set_reg(r, dreg, reg_type, 0);
|
||||||
return ;
|
return ;
|
||||||
|
|
||||||
|
case NFT_META_OIF:
|
||||||
|
reg_type = RULE_REG_IIF;
|
||||||
|
set_reg(r, dreg, reg_type, 0);
|
||||||
|
return ;
|
||||||
|
|
||||||
}
|
}
|
||||||
syslog(LOG_DEBUG, "parse_rule_meta :Not support key %d\n", key);
|
syslog(LOG_DEBUG, "parse_rule_meta :Not support key %d\n", key);
|
||||||
|
|
||||||
|
|
@ -377,7 +383,7 @@ parse_rule_cmp(struct nft_rule_expr *e, rule_t *r) {
|
||||||
switch (r->reg1_type) {
|
switch (r->reg1_type) {
|
||||||
case RULE_REG_IIF:
|
case RULE_REG_IIF:
|
||||||
if (data_len == sizeof(uint32_t) && op == NFT_CMP_EQ) {
|
if (data_len == sizeof(uint32_t) && op == NFT_CMP_EQ) {
|
||||||
r->ifidx = *(uint32_t *)data_val;
|
r->ingress_ifidx = *(uint32_t *)data_val;
|
||||||
r->reg1_type = RULE_REG_NONE;
|
r->reg1_type = RULE_REG_NONE;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@
|
||||||
enum rule_reg_type {
|
enum rule_reg_type {
|
||||||
RULE_REG_NONE,
|
RULE_REG_NONE,
|
||||||
RULE_REG_IIF,
|
RULE_REG_IIF,
|
||||||
|
RULE_REG_OIF,
|
||||||
RULE_REG_IP_SRC_ADDR,
|
RULE_REG_IP_SRC_ADDR,
|
||||||
RULE_REG_IP_DEST_ADDR,
|
RULE_REG_IP_DEST_ADDR,
|
||||||
RULE_REG_IP_SD_ADDR, /* source & dest */
|
RULE_REG_IP_SD_ADDR, /* source & dest */
|
||||||
|
|
@ -41,7 +42,8 @@ typedef struct rule_ {
|
||||||
uint32_t nat_type;
|
uint32_t nat_type;
|
||||||
uint32_t filter_action;
|
uint32_t filter_action;
|
||||||
uint32_t family;
|
uint32_t family;
|
||||||
uint32_t ifidx;
|
uint32_t ingress_ifidx;
|
||||||
|
uint32_t egress_ifidx;
|
||||||
in_addr_t eaddr;
|
in_addr_t eaddr;
|
||||||
in_addr_t iaddr;
|
in_addr_t iaddr;
|
||||||
in_addr_t rhost;
|
in_addr_t rhost;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue