Message ID | 1372946679-11352-1-git-send-email-fw@strlen.de |
---|---|
State | Accepted |
Commit | d343b8c554b6a04f6c477841dc4cbb89b5cd1bd9 |
Headers | show |
On Thu, Jul 04, 2013 at 04:04:39PM +0200, Florian Westphal wrote: > Signed-off-by: Florian Westphal <fw@strlen.de> > --- > Changes since v2: > - allow xml output again > - use new nfct_snprint_labels() function from libnetfilter_conntrack.git Looks good, thanks Florian. You can remove a trailing whitespace by @@ -749,8 +751,8 @@ after labels, not your fault, it was already there, but it's a good chance to get rid of it. We need to bump libnetfilter_conntrack dependency. I'll remember that for the upcoming release. > conntrack.8 | 4 +++- > src/conntrack.c | 17 +++++++++++++---- > 2 files changed, 16 insertions(+), 5 deletions(-) > > diff --git a/conntrack.8 b/conntrack.8 > index a411fd4..d80a778 100644 > --- a/conntrack.8 > +++ b/conntrack.8 > @@ -88,11 +88,13 @@ Show the in-kernel connection tracking system statistics. > Atomically zero counters after reading them. This option is only valid in > combination with the "-L, --dump" command options. > .TP > -.BI "-o, --output [extended,xml,timestamp,id,ktimestamp] " > +.BI "-o, --output [extended,xml,timestamp,id,ktimestamp,labels] " > Display output in a certain format. With the extended output option, this tool > displays the layer 3 information. With ktimestamp, it displays the in-kernel > timestamp available since 2.6.38 (you can enable it via echo 1 > > /proc/sys/net/netfilter/nf_conntrack_timestamp). > +The labels output option tells conntrack to show the names of connection > +tracking labels that might be present. > .TP > .BI "-e, --event-mask " "[ALL|NEW|UPDATES|DESTROY][,...]" > Set the bitmask of events that are to be generated by the in-kernel ctnetlink > diff --git a/src/conntrack.c b/src/conntrack.c > index d4e79de..82a8917 100644 > --- a/src/conntrack.c > +++ b/src/conntrack.c > @@ -488,6 +488,7 @@ static unsigned int addr_valid_flags[ADDR_VALID_FLAGS_MAX] = { > static LIST_HEAD(proto_list); > > static unsigned int options; > +static struct nfct_labelmap *labelmap; > > void register_proto(struct ctproto_handler *h) > { > @@ -731,6 +732,7 @@ enum { > _O_TMS = (1 << 2), > _O_ID = (1 << 3), > _O_KTMS = (1 << 4), > + _O_CL = (1 << 5), > }; > > enum { > @@ -749,8 +751,8 @@ static struct parse_parameter { > { IPS_ASSURED, IPS_SEEN_REPLY, 0, IPS_FIXED_TIMEOUT, IPS_EXPECTED} }, > { {"ALL", "NEW", "UPDATES", "DESTROY"}, 4, > { CT_EVENT_F_ALL, CT_EVENT_F_NEW, CT_EVENT_F_UPD, CT_EVENT_F_DEL } }, > - { {"xml", "extended", "timestamp", "id", "ktimestamp"}, 5, > - { _O_XML, _O_EXT, _O_TMS, _O_ID, _O_KTMS }, > + { {"xml", "extended", "timestamp", "id", "ktimestamp", "labels", }, 6, > + { _O_XML, _O_EXT, _O_TMS, _O_ID, _O_KTMS, _O_CL }, > }, > }; > > @@ -1150,7 +1152,7 @@ static int event_cb(enum nf_conntrack_msg_type type, > if (output_mask & _O_ID) > op_flags |= NFCT_OF_ID; > > - nfct_snprintf(buf, sizeof(buf), ct, type, op_type, op_flags); > + nfct_snprintf_labels(buf, sizeof(buf), ct, type, op_type, op_flags, labelmap); > > printf("%s\n", buf); > fflush(stdout); > @@ -1194,7 +1196,7 @@ static int dump_cb(enum nf_conntrack_msg_type type, > if (output_mask & _O_ID) > op_flags |= NFCT_OF_ID; > > - nfct_snprintf(buf, sizeof(buf), ct, NFCT_T_UNKNOWN, op_type, op_flags); > + nfct_snprintf_labels(buf, sizeof(buf), ct, type, op_type, op_flags, labelmap); > printf("%s\n", buf); > > counter++; > @@ -1879,6 +1881,11 @@ int main(int argc, char *argv[]) > case 'o': > options |= CT_OPT_OUTPUT; > parse_parameter(optarg, &output_mask, PARSE_OUTPUT); > + if (output_mask & _O_CL) { > + labelmap = nfct_labelmap_new(NULL); > + if (!labelmap) > + perror("nfct_labelmap_new"); > + } > break; > case 'z': > options |= CT_OPT_ZERO; > @@ -2372,6 +2379,8 @@ try_proc: > > free_tmpl_objects(); > free_options(); > + if (labelmap) > + nfct_labelmap_destroy(labelmap); > > if (command && exit_msg[cmd][0]) { > fprintf(stderr, "%s v%s (conntrack-tools): ",PROGNAME,VERSION); > -- > 1.7.8.6 > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/conntrack.8 b/conntrack.8 index a411fd4..d80a778 100644 --- a/conntrack.8 +++ b/conntrack.8 @@ -88,11 +88,13 @@ Show the in-kernel connection tracking system statistics. Atomically zero counters after reading them. This option is only valid in combination with the "-L, --dump" command options. .TP -.BI "-o, --output [extended,xml,timestamp,id,ktimestamp] " +.BI "-o, --output [extended,xml,timestamp,id,ktimestamp,labels] " Display output in a certain format. With the extended output option, this tool displays the layer 3 information. With ktimestamp, it displays the in-kernel timestamp available since 2.6.38 (you can enable it via echo 1 > /proc/sys/net/netfilter/nf_conntrack_timestamp). +The labels output option tells conntrack to show the names of connection +tracking labels that might be present. .TP .BI "-e, --event-mask " "[ALL|NEW|UPDATES|DESTROY][,...]" Set the bitmask of events that are to be generated by the in-kernel ctnetlink diff --git a/src/conntrack.c b/src/conntrack.c index d4e79de..82a8917 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -488,6 +488,7 @@ static unsigned int addr_valid_flags[ADDR_VALID_FLAGS_MAX] = { static LIST_HEAD(proto_list); static unsigned int options; +static struct nfct_labelmap *labelmap; void register_proto(struct ctproto_handler *h) { @@ -731,6 +732,7 @@ enum { _O_TMS = (1 << 2), _O_ID = (1 << 3), _O_KTMS = (1 << 4), + _O_CL = (1 << 5), }; enum { @@ -749,8 +751,8 @@ static struct parse_parameter { { IPS_ASSURED, IPS_SEEN_REPLY, 0, IPS_FIXED_TIMEOUT, IPS_EXPECTED} }, { {"ALL", "NEW", "UPDATES", "DESTROY"}, 4, { CT_EVENT_F_ALL, CT_EVENT_F_NEW, CT_EVENT_F_UPD, CT_EVENT_F_DEL } }, - { {"xml", "extended", "timestamp", "id", "ktimestamp"}, 5, - { _O_XML, _O_EXT, _O_TMS, _O_ID, _O_KTMS }, + { {"xml", "extended", "timestamp", "id", "ktimestamp", "labels", }, 6, + { _O_XML, _O_EXT, _O_TMS, _O_ID, _O_KTMS, _O_CL }, }, }; @@ -1150,7 +1152,7 @@ static int event_cb(enum nf_conntrack_msg_type type, if (output_mask & _O_ID) op_flags |= NFCT_OF_ID; - nfct_snprintf(buf, sizeof(buf), ct, type, op_type, op_flags); + nfct_snprintf_labels(buf, sizeof(buf), ct, type, op_type, op_flags, labelmap); printf("%s\n", buf); fflush(stdout); @@ -1194,7 +1196,7 @@ static int dump_cb(enum nf_conntrack_msg_type type, if (output_mask & _O_ID) op_flags |= NFCT_OF_ID; - nfct_snprintf(buf, sizeof(buf), ct, NFCT_T_UNKNOWN, op_type, op_flags); + nfct_snprintf_labels(buf, sizeof(buf), ct, type, op_type, op_flags, labelmap); printf("%s\n", buf); counter++; @@ -1879,6 +1881,11 @@ int main(int argc, char *argv[]) case 'o': options |= CT_OPT_OUTPUT; parse_parameter(optarg, &output_mask, PARSE_OUTPUT); + if (output_mask & _O_CL) { + labelmap = nfct_labelmap_new(NULL); + if (!labelmap) + perror("nfct_labelmap_new"); + } break; case 'z': options |= CT_OPT_ZERO; @@ -2372,6 +2379,8 @@ try_proc: free_tmpl_objects(); free_options(); + if (labelmap) + nfct_labelmap_destroy(labelmap); if (command && exit_msg[cmd][0]) { fprintf(stderr, "%s v%s (conntrack-tools): ",PROGNAME,VERSION);
Signed-off-by: Florian Westphal <fw@strlen.de> --- Changes since v2: - allow xml output again - use new nfct_snprint_labels() function from libnetfilter_conntrack.git conntrack.8 | 4 +++- src/conntrack.c | 17 +++++++++++++---- 2 files changed, 16 insertions(+), 5 deletions(-)