Skip to content

Commit 17bb58f

Browse files
terassyiterassyi
committed
WIP: reflect reviews
- rename from CtAttr to ConntrackAttribute - rename from FlowNla and StatNla to FlowAttribute and StatCpuAttribute - use buffier!() for ProtocolInfoTcp - use bitflags!() for ConnectionStatusFlag - remove constant values and enum variants that is no longer used - move values from src/constatnts.rs to its users - stop exposing internal modules - introduce StatGlobalAttribute that represents ctattr_stats_global in the kernel Signed-off-by: terassyi <[email protected]>
1 parent 2cb429b commit 17bb58f

File tree

12 files changed

+383
-426
lines changed

12 files changed

+383
-426
lines changed

examples/ctnetlink.rs

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,8 @@ use netlink_packet_core::{
99
use netlink_packet_netfilter::{
1010
constants::{AF_INET, NFNETLINK_V0},
1111
ctnetlink::{
12-
message::CtNetlinkMessage,
13-
nlas::flow::{ip_tuple::TupleNla, nla::FlowNla},
12+
nlas::flow::{ip_tuple::TupleNla, nla::FlowAttribute},
13+
CtNetlinkMessage,
1414
},
1515
NetfilterHeader, NetfilterMessage, NetfilterMessageInner,
1616
};
@@ -61,7 +61,7 @@ fn main() {
6161
) = ct.inner
6262
{
6363
for nla in nlas.iter() {
64-
if let FlowNla::Orig(attrs) = nla {
64+
if let FlowAttribute::Orig(attrs) = nla {
6565
orig = Some(attrs.clone())
6666
}
6767
}
@@ -252,7 +252,7 @@ fn get_request(
252252
hdr,
253253
NetlinkPayload::from(NetfilterMessage::new(
254254
NetfilterHeader::new(family, NFNETLINK_V0, res_id),
255-
CtNetlinkMessage::Get(Some(vec![FlowNla::Orig(tuple)])),
255+
CtNetlinkMessage::Get(Some(vec![FlowAttribute::Orig(tuple)])),
256256
)),
257257
);
258258
message.finalize();
@@ -270,7 +270,7 @@ fn delete_request(
270270
hdr,
271271
NetlinkPayload::from(NetfilterMessage::new(
272272
NetfilterHeader::new(family, NFNETLINK_V0, res_id),
273-
CtNetlinkMessage::Delete(vec![FlowNla::Orig(tuple)]),
273+
CtNetlinkMessage::Delete(vec![FlowAttribute::Orig(tuple)]),
274274
)),
275275
);
276276
message.finalize();

src/buffer.rs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
// SPDX-License-Identifier: MIT
22

33
use crate::{
4-
ctnetlink::message::CtNetlinkMessage,
4+
ctnetlink::CtNetlinkMessage,
55
message::{
66
NetfilterHeader, NetfilterMessage, NetfilterMessageInner,
77
NETFILTER_HEADER_LEN,

src/constants.rs

Lines changed: 0 additions & 177 deletions
Original file line numberDiff line numberDiff line change
@@ -88,180 +88,3 @@ pub const NFULA_CT_INFO: u16 = libc::NFULA_CT_INFO as u16;
8888

8989
pub const NFULNL_MSG_CONFIG: u8 = libc::NFULNL_MSG_CONFIG as u8;
9090
pub const NFULNL_MSG_PACKET: u8 = libc::NFULNL_MSG_PACKET as u8;
91-
92-
// netflter/nfnetlink_conntrack.h
93-
// There is no definitions in rust-lang/libc
94-
pub const IPCTNL_MSG_CT_NEW: u8 = 0;
95-
pub const IPCTNL_MSG_CT_GET: u8 = 1;
96-
pub const IPCTNL_MSG_CT_DELETE: u8 = 2;
97-
pub const IPCTNL_MSG_CT_GET_CTRZERO: u8 = 3;
98-
pub const IPCTNL_MSG_CT_GET_STATS_CPU: u8 = 4;
99-
pub const IPCTNL_MSG_CT_GET_STATS: u8 = 5;
100-
pub const IPCTNL_MSG_CT_GET_DYING: u8 = 6;
101-
pub const IPCTNL_MSG_CT_GET_UNCONFIRMED: u8 = 7;
102-
103-
pub const CTA_UNSPEC: u16 = 0;
104-
pub const CTA_TUPLE_ORIG: u16 = 1;
105-
pub const CTA_TUPLE_REPLY: u16 = 2;
106-
pub const CTA_STATUS: u16 = 3;
107-
pub const CTA_PROTOINFO: u16 = 4;
108-
pub const CTA_HELP: u16 = 5;
109-
pub const CTA_NAT_SRC: u16 = 6;
110-
pub const CTA_NAT: u16 = CTA_NAT_SRC; /* backwards compatibility */
111-
pub const CTA_TIMEOUT: u16 = 7;
112-
pub const CTA_MARK: u16 = 8;
113-
pub const CTA_COUNTERS_ORIG: u16 = 9;
114-
pub const CTA_COUNTERS_REPLY: u16 = 10;
115-
pub const CTA_USE: u16 = 11;
116-
pub const CTA_ID: u16 = 12;
117-
pub const CTA_NAT_DST: u16 = 13;
118-
pub const CTA_TUPLE_MASTER: u16 = 14;
119-
pub const CTA_SEQ_ADJ_ORIG: u16 = 15;
120-
pub const CTA_NAT_SEQ_ADJ_ORIG: u16 = CTA_SEQ_ADJ_ORIG;
121-
pub const CTA_SEQ_ADJ_REPLY: u16 = 16;
122-
pub const CTA_NAT_SEQ_ADJ_REPLY: u16 = CTA_SEQ_ADJ_REPLY;
123-
pub const CTA_SECMARK: u16 = 17; /* obsolete */
124-
pub const CTA_ZONE: u16 = 18;
125-
pub const CTA_SECCTX: u16 = 19;
126-
pub const CTA_TIMESTAMP: u16 = 20;
127-
pub const CTA_MARK_MASK: u16 = 21;
128-
pub const CTA_LABELS: u16 = 22;
129-
pub const CTA_LABELS_MASK: u16 = 23;
130-
pub const CTA_SYNPROXY: u16 = 24;
131-
pub const CTA_FILTER: u16 = 25;
132-
pub const CTA_STATUS_MASK: u16 = 26;
133-
134-
pub const CTA_TUPLE_UNSPEC: u16 = 0;
135-
pub const CTA_TUPLE_IP: u16 = 1;
136-
pub const CTA_TUPLE_PROTO: u16 = 2;
137-
pub const CTA_TUPLE_ZONE: u16 = 3;
138-
139-
pub const CTA_IP_UNSPEC: u16 = 0;
140-
pub const CTA_IP_V4_SRC: u16 = 1;
141-
pub const CTA_IP_V4_DST: u16 = 2;
142-
pub const CTA_IP_V6_SRC: u16 = 3;
143-
pub const CTA_IP_V6_DST: u16 = 4;
144-
145-
pub const CTA_PROTO_UNSPEC: u16 = 0;
146-
pub const CTA_PROTO_NUM: u16 = 1;
147-
pub const CTA_PROTO_SRC_PORT: u16 = 2;
148-
pub const CTA_PROTO_DST_PORT: u16 = 3;
149-
pub const CTA_PROTO_ICMP_ID: u16 = 4;
150-
pub const CTA_PROTO_ICMP_TYPE: u16 = 5;
151-
pub const CTA_PROTO_ICMP_CODE: u16 = 6;
152-
pub const CTA_PROTO_ICMPV6_ID: u16 = 7;
153-
pub const CTA_PROTO_ICMPV6_TYPE: u16 = 8;
154-
pub const CTA_PROTO_ICMPV6_CODE: u16 = 9;
155-
156-
pub const CTA_PROTOINFO_UNSPEC: u16 = 0;
157-
pub const CTA_PROTOINFO_TCP: u16 = 1;
158-
pub const CTA_PROTOINFO_DCCP: u16 = 2;
159-
pub const CTA_PROTOINFO_SCTP: u16 = 3;
160-
161-
pub const CTA_PROTOINFO_TCP_UNSPEC: u16 = 0;
162-
pub const CTA_PROTOINFO_TCP_STATE: u16 = 1;
163-
pub const CTA_PROTOINFO_TCP_WSCALE_ORIGINAL: u16 = 2;
164-
pub const CTA_PROTOINFO_TCP_WSCALE_REPLY: u16 = 3;
165-
pub const CTA_PROTOINFO_TCP_FLAGS_ORIGINAL: u16 = 4;
166-
pub const CTA_PROTOINFO_TCP_FLAGS_REPLY: u16 = 5;
167-
168-
pub const CTA_PROTOINFO_DCCP_UNSPEC: u16 = 0;
169-
pub const CTA_PROTOINFO_DCCP_STATE: u16 = 1;
170-
pub const CTA_PROTOINFO_DCCP_ROLE: u16 = 2;
171-
pub const CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ: u16 = 3;
172-
pub const CTA_PROTOINFO_DCCP_PAD: u16 = 4;
173-
174-
pub const CTA_PROTOINFO_SCTP_UNSPEC: u16 = 0;
175-
pub const CTA_PROTOINFO_SCTP_STATE: u16 = 1;
176-
pub const CTA_PROTOINFO_SCTP_VTAG_ORIGINAL: u16 = 2;
177-
pub const CTA_PROTOINFO_SCTP_VTAG_REPLY: u16 = 3;
178-
179-
pub const CTA_COUNTERS_UNSPEC: u8 = 0;
180-
pub const CTA_COUNTERS_PACKETS: u8 = 1; /* 64bit counters */
181-
pub const CTA_COUNTERS_BYTES: u8 = 2; /* 64bit counters */
182-
pub const CTA_COUNTERS32_PACKETS: u8 = 3; /* old 32bit counters, unused */
183-
pub const CTA_COUNTERS32_BYTES: u8 = 4; /* old 32bit counters, unused */
184-
pub const CTA_COUNTERS_PAD: u8 = 5;
185-
186-
pub const CTA_TIMESTAMP_UNSPEC: u8 = 0;
187-
pub const CTA_TIMESTAMP_START: u8 = 1;
188-
pub const CTA_TIMESTAMP_STOP: u8 = 2;
189-
pub const CTA_TIMESTAMP_PAD: u8 = 3;
190-
191-
pub const CTA_NAT_UNSPEC: u8 = 0;
192-
pub const CTA_NAT_V4_MINIP: u8 = 1;
193-
pub const CTA_NAT_MINIP: u8 = CTA_NAT_V4_MINIP;
194-
pub const CTA_NAT_V4_MAXIP: u8 = 2;
195-
pub const CTA_NAT_MAXIP: u8 = CTA_NAT_V4_MAXIP;
196-
pub const CTA_NAT_PROTO: u8 = 3;
197-
pub const CTA_NAT_V6_MINIP: u8 = 4;
198-
pub const CTA_NAT_V6_MAXIP: u8 = 5;
199-
200-
pub const CTA_PROTONAT_UNSPEC: u8 = 0;
201-
pub const CTA_PROTONAT_PORT_MIN: u8 = 1;
202-
pub const CTA_PROTONAT_PORT_MAX: u8 = 2;
203-
204-
pub const CTA_SEQADJ_UNSPEC: u8 = 0;
205-
pub const CTA_SEQADJ_CORRECTION_POS: u8 = 1;
206-
pub const CTA_SEQADJ_OFFSET_BEFORE: u8 = 2;
207-
pub const CTA_SEQADJ_OFFSET_AFTER: u8 = 3;
208-
209-
pub const CTA_NAT_SEQ_UNSPEC: u8 = 0;
210-
pub const CTA_NAT_SEQ_CORRECTION_POS: u8 = 1;
211-
pub const CTA_NAT_SEQ_OFFSET_BEFORE: u8 = 2;
212-
pub const CTA_NAT_SEQ_OFFSET_AFTER: u8 = 3;
213-
214-
pub const CTA_SYNPROXY_UNSPEC: u8 = 0;
215-
pub const CTA_SYNPROXY_ISN: u8 = 1;
216-
pub const CTA_SYNPROXY_ITS: u8 = 2;
217-
pub const CTA_SYNPROXY_TSOFF: u8 = 3;
218-
219-
pub const CTA_EXPECT_UNSPEC: u8 = 0;
220-
pub const CTA_EXPECT_MASTER: u8 = 1;
221-
pub const CTA_EXPECT_TUPLE: u8 = 2;
222-
pub const CTA_EXPECT_MASK: u8 = 3;
223-
pub const CTA_EXPECT_TIMEOUT: u8 = 4;
224-
pub const CTA_EXPECT_ID: u8 = 5;
225-
pub const CTA_EXPECT_HELP_NAME: u8 = 6;
226-
pub const CTA_EXPECT_ZONE: u8 = 7;
227-
pub const CTA_EXPECT_FLAGS: u8 = 8;
228-
pub const CTA_EXPECT_CLASS: u8 = 9;
229-
pub const CTA_EXPECT_NAT: u8 = 10;
230-
pub const CTA_EXPECT_FN: u8 = 11;
231-
232-
pub const CTA_EXPECT_NAT_UNSPEC: u8 = 0;
233-
pub const CTA_EXPECT_NAT_DIR: u8 = 1;
234-
pub const CTA_EXPECT_NAT_TUPLE: u8 = 2;
235-
236-
pub const CTA_SECCTX_UNSPEC: u8 = 0;
237-
pub const CTA_SECCTX_NAME: u8 = 1;
238-
239-
pub const CTA_STATS_UNSPEC: u16 = 0;
240-
pub const CTA_STATS_SEARCHED: u16 = 1; /* no longer used */
241-
pub const CTA_STATS_FOUND: u16 = 2;
242-
pub const CTA_STATS_NEW: u16 = 3; /* no longer used */
243-
pub const CTA_STATS_INVALID: u16 = 4;
244-
pub const CTA_STATS_IGNORE: u16 = 5; /* no longer used */
245-
pub const CTA_STATS_DELETE: u16 = 6; /* no longer used */
246-
pub const CTA_STATS_DELETE_LIST: u16 = 7; /* no longer used */
247-
pub const CTA_STATS_INSERT: u16 = 8;
248-
pub const CTA_STATS_INSERT_FAILED: u16 = 9;
249-
pub const CTA_STATS_DROP: u16 = 10;
250-
pub const CTA_STATS_EARLY_DROP: u16 = 11;
251-
pub const CTA_STATS_ERROR: u16 = 12;
252-
pub const CTA_STATS_SEARCH_RESTART: u16 = 13;
253-
pub const CTA_STATS_CLASH_RESOLVE: u16 = 14;
254-
pub const CTA_STATS_CHAIN_TOOLONG: u16 = 15;
255-
256-
pub const CTA_STATS_GLOBAL_UNSPEC: u8 = 0;
257-
pub const CTA_STATS_GLOBAL_ENTRIES: u8 = 1;
258-
pub const CTA_STATS_GLOBAL_MAX_ENTRIES: u8 = 2;
259-
260-
pub const CTA_STATS_EXP_UNSPEC: u8 = 0;
261-
pub const CTA_STATS_EXP_NEW: u8 = 1;
262-
pub const CTA_STATS_EXP_CREATE: u8 = 2;
263-
pub const CTA_STATS_EXP_DELETE: u8 = 3;
264-
265-
pub const CTA_FILTER_UNSPEC: u8 = 0;
266-
pub const CTA_FILTER_ORIG_FLAGS: u8 = 1;
267-
pub const CTA_FILTER_REPLY_FLAGS: u8 = 2;

src/ctnetlink/message.rs

Lines changed: 45 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -4,28 +4,34 @@ use netlink_packet_utils::{
44
nla::DefaultNla, DecodeError, Emitable, Parseable, ParseableParametrized,
55
};
66

7-
use crate::{
8-
buffer::NetfilterBuffer,
9-
constants::{
10-
IPCTNL_MSG_CT_DELETE, IPCTNL_MSG_CT_GET, IPCTNL_MSG_CT_GET_CTRZERO,
11-
IPCTNL_MSG_CT_GET_DYING, IPCTNL_MSG_CT_GET_STATS,
12-
IPCTNL_MSG_CT_GET_STATS_CPU, IPCTNL_MSG_CT_GET_UNCONFIRMED,
13-
IPCTNL_MSG_CT_NEW, NFNL_SUBSYS_CTNETLINK,
14-
},
7+
use crate::{buffer::NetfilterBuffer, constants::NFNL_SUBSYS_CTNETLINK};
8+
9+
use super::nlas::{
10+
flow::nla::FlowAttribute,
11+
stat::nla::{StatCpuAttribute, StatGlobalAttribute},
1512
};
1613

17-
use super::nlas::{flow::nla::FlowNla, stat::nla::StatNla};
14+
// netflter/nfnetlink_conntrack.h
15+
// There is no definitions in rust-lang/libc
16+
const IPCTNL_MSG_CT_NEW: u8 = 0;
17+
const IPCTNL_MSG_CT_GET: u8 = 1;
18+
const IPCTNL_MSG_CT_DELETE: u8 = 2;
19+
const IPCTNL_MSG_CT_GET_CTRZERO: u8 = 3;
20+
const IPCTNL_MSG_CT_GET_STATS_CPU: u8 = 4;
21+
const IPCTNL_MSG_CT_GET_STATS: u8 = 5;
22+
const IPCTNL_MSG_CT_GET_DYING: u8 = 6;
23+
const IPCTNL_MSG_CT_GET_UNCONFIRMED: u8 = 7;
1824

1925
#[derive(Debug, PartialEq, Eq, Clone)]
2026
pub enum CtNetlinkMessage {
21-
New(Vec<FlowNla>),
22-
Get(Option<Vec<FlowNla>>),
23-
Delete(Vec<FlowNla>),
24-
GetCrtZero(Option<Vec<FlowNla>>),
25-
GetStatsCPU(Option<Vec<StatNla>>),
26-
GetStats(Option<Vec<StatNla>>),
27-
GetDying(Option<Vec<FlowNla>>),
28-
GetUnconfirmed(Option<Vec<FlowNla>>),
27+
New(Vec<FlowAttribute>),
28+
Get(Option<Vec<FlowAttribute>>),
29+
Delete(Vec<FlowAttribute>),
30+
GetCrtZero(Option<Vec<FlowAttribute>>),
31+
GetStatsCPU(Option<Vec<StatCpuAttribute>>),
32+
GetStats(Option<Vec<StatGlobalAttribute>>),
33+
GetDying(Option<Vec<FlowAttribute>>),
34+
GetUnconfirmed(Option<Vec<FlowAttribute>>),
2935
Other {
3036
message_type: u8,
3137
nlas: Vec<DefaultNla>,
@@ -137,66 +143,72 @@ impl<'a, T: AsRef<[u8]> + ?Sized>
137143
) -> Result<Self, DecodeError> {
138144
Ok(match message_type {
139145
IPCTNL_MSG_CT_NEW => {
140-
let nlas =
141-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
146+
let nlas = buf
147+
.parse_all_nlas(|nla_buf| FlowAttribute::parse(&nla_buf))?;
142148
CtNetlinkMessage::New(nlas)
143149
}
144150
IPCTNL_MSG_CT_GET => {
145151
if buf.payload().is_empty() {
146152
CtNetlinkMessage::Get(None)
147153
} else {
148-
let nlas =
149-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
154+
let nlas = buf.parse_all_nlas(|nla_buf| {
155+
FlowAttribute::parse(&nla_buf)
156+
})?;
150157
CtNetlinkMessage::Get(Some(nlas))
151158
}
152159
}
153160
IPCTNL_MSG_CT_DELETE => {
154-
let nlas =
155-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
161+
let nlas = buf
162+
.parse_all_nlas(|nla_buf| FlowAttribute::parse(&nla_buf))?;
156163
CtNetlinkMessage::Delete(nlas)
157164
}
158165
IPCTNL_MSG_CT_GET_CTRZERO => {
159166
if buf.payload().is_empty() {
160167
CtNetlinkMessage::GetCrtZero(None)
161168
} else {
162-
let nlas =
163-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
169+
let nlas = buf.parse_all_nlas(|nla_buf| {
170+
FlowAttribute::parse(&nla_buf)
171+
})?;
164172
CtNetlinkMessage::GetCrtZero(Some(nlas))
165173
}
166174
}
167175
IPCTNL_MSG_CT_GET_STATS_CPU => {
168176
if buf.payload().is_empty() {
169177
CtNetlinkMessage::GetStatsCPU(None)
170178
} else {
171-
let nlas =
172-
buf.parse_all_nlas(|nla_buf| StatNla::parse(&nla_buf))?;
179+
let nlas = buf.parse_all_nlas(|nla_buf| {
180+
StatCpuAttribute::parse(&nla_buf)
181+
})?;
173182
CtNetlinkMessage::GetStatsCPU(Some(nlas))
174183
}
175184
}
176185
IPCTNL_MSG_CT_GET_STATS => {
177186
if buf.payload().is_empty() {
178187
CtNetlinkMessage::GetStats(None)
179188
} else {
180-
let nlas =
181-
buf.parse_all_nlas(|nla_buf| StatNla::parse(&nla_buf))?;
189+
let nlas = buf.parse_all_nlas(|nla_buf| {
190+
StatGlobalAttribute::parse(&nla_buf)
191+
})?;
182192
CtNetlinkMessage::GetStats(Some(nlas))
183193
}
184194
}
185195
IPCTNL_MSG_CT_GET_DYING => {
186196
if buf.payload().is_empty() {
187197
CtNetlinkMessage::GetDying(None)
188198
} else {
189-
let nlas =
190-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
199+
let nlas = buf.parse_all_nlas(|nla_buf| {
200+
FlowAttribute::parse(&nla_buf)
201+
})?;
191202
CtNetlinkMessage::GetDying(Some(nlas))
192203
}
193204
}
194205
IPCTNL_MSG_CT_GET_UNCONFIRMED => {
195206
if buf.payload().is_empty() {
196207
CtNetlinkMessage::GetUnconfirmed(None)
197208
} else {
198-
let nlas =
199-
buf.parse_all_nlas(|nla_buf| FlowNla::parse(&nla_buf))?;
209+
let nlas = buf.parse_all_nlas(|nla_buf| {
210+
FlowAttribute::parse(&nla_buf)
211+
})?;
200212
CtNetlinkMessage::GetUnconfirmed(Some(nlas))
201213
}
202214
}

src/ctnetlink/mod.rs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
// SPDX-License-Identifier: MIT
22

3-
pub mod message;
3+
mod message;
4+
pub use message::CtNetlinkMessage;
45
pub mod nlas;

0 commit comments

Comments
 (0)