status-im
/
miniupnp
mirror of https://github.com/status-im/miniupnp.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Minimize attributes set if chain_op is not NFT_MSG_NEWCHAIN

This commit is contained in:
Paul Chambers 2019-10-01 00:40:05 -07:00
parent 6a53e6e765
commit 2a496a1c1c
2 changed files with 23 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
miniupnpd/linux/miniupnpd.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=MiniUPnPD
After=network.target
[Service]
Type=forking
ExecStart=/usr/sbin/miniupnpd
ExecStop=kill `cat /var/run/miniupnpd.pid`
[Install]
WantedBy=multi-user.target

27
miniupnpd/netfilter_nft/nftnlrdr_misc.c
View File

@ -921,7 +921,6 @@ rule_set_snat(uint8_t family, uint8_t proto,
{ {
struct nftnl_rule *r = NULL; struct nftnl_rule *r = NULL;
uint16_t dport, sport; uint16_t dport, sport;
uint32_t descr_len;
#ifdef DEBUG #ifdef DEBUG
char buf[8192]; char buf[8192];
#endif #endif
@ -937,10 +936,9 @@ rule_set_snat(uint8_t family, uint8_t proto,
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table); nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_postrouting_chain); nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_postrouting_chain);
if (descr != NULL) { if (descr != NULL && *descr != '\0') {
descr_len = strlen(descr);
nftnl_rule_set_data(r, NFTNL_RULE_USERDATA, nftnl_rule_set_data(r, NFTNL_RULE_USERDATA,
descr, descr_len); descr, strlen(descr));
} }
/* Destination IP */ /* Destination IP */
@ -1006,7 +1004,6 @@ rule_set_dnat(uint8_t family, const char * ifname, uint8_t proto,
uint16_t dport; uint16_t dport;
uint64_t handle_num; uint64_t handle_num;
uint32_t if_idx; uint32_t if_idx;
uint32_t descr_len;
#ifdef DEBUG #ifdef DEBUG
char buf[8192]; char buf[8192];
#endif #endif
@ -1023,10 +1020,9 @@ rule_set_dnat(uint8_t family, const char * ifname, uint8_t proto,
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table); nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_prerouting_chain); nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_prerouting_chain);
if (descr != NULL) { if (descr != NULL && *descr != '\0') {
descr_len = strlen(descr);
nftnl_rule_set_data(r, NFTNL_RULE_USERDATA, nftnl_rule_set_data(r, NFTNL_RULE_USERDATA,
descr, descr_len); descr, strlen(descr));
} }
if (handle != NULL) { if (handle != NULL) {
@ -1178,17 +1174,15 @@ rule_set_filter_common(struct nftnl_rule *r, uint8_t family, const char * ifname
uint16_t dport, sport; uint16_t dport, sport;
uint64_t handle_num; uint64_t handle_num;
uint32_t if_idx; uint32_t if_idx;
uint32_t descr_len;
UNUSED(eport); UNUSED(eport);
nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family); nftnl_rule_set_u32(r, NFTNL_RULE_FAMILY, family);
nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table); nftnl_rule_set(r, NFTNL_RULE_TABLE, nft_table);
nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_forward_chain); nftnl_rule_set(r, NFTNL_RULE_CHAIN, nft_forward_chain);
if (descr != NULL) { if (descr != NULL && *descr != '\0') {
descr_len = strlen(descr);
nftnl_rule_set_data(r, NFTNL_RULE_USERDATA, nftnl_rule_set_data(r, NFTNL_RULE_USERDATA,
descr, descr_len); descr, strlen(descr));
} }
if (handle != NULL) { if (handle != NULL) {
@ -1362,9 +1356,12 @@ chain_op(enum nf_tables_msg_types op, uint16_t family, const char * table,
} else { } else {
nftnl_chain_set(chain, NFTNL_CHAIN_TABLE, table); nftnl_chain_set(chain, NFTNL_CHAIN_TABLE, table);
nftnl_chain_set(chain, NFTNL_CHAIN_NAME, name); nftnl_chain_set(chain, NFTNL_CHAIN_NAME, name);
nftnl_chain_set_str(chain, NFTNL_CHAIN_TYPE, type); if (op == NFT_MSG_NEWCHAIN)
nftnl_chain_set_u32(chain, NFTNL_CHAIN_HOOKNUM, hooknum); {
nftnl_chain_set_s32(chain, NFTNL_CHAIN_PRIO, priority); nftnl_chain_set_str(chain, NFTNL_CHAIN_TYPE, type);
nftnl_chain_set_u32(chain, NFTNL_CHAIN_HOOKNUM, hooknum);
nftnl_chain_set_s32(chain, NFTNL_CHAIN_PRIO, priority);
}
batch = start_batch( buf, sizeof(buf)); batch = start_batch( buf, sizeof(buf));
if (batch == NULL) { if (batch == NULL) {