Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d8bcc768 authored Dec 12, 2013 by Tomasz Bursztyka Committed by Pablo Neira Ayuso Dec 17, 2013

netfilter: nf_tables: Expose the table usage counter via netlink



Userspace can therefore know whether a table is in use or not, and
by how many chains. Suggested by Pablo Neira Ayuso.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

parent 0aff078d

include/uapi/linux/netfilter/nf_tables.h

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -110,11 +110,13 @@ enum nft_table_flags {
	*		*
	* @NFTA_TABLE_NAME: name of the table (NLA_STRING)		* @NFTA_TABLE_NAME: name of the table (NLA_STRING)
	* @NFTA_TABLE_FLAGS: bitmask of enum nft_table_flags (NLA_U32)		* @NFTA_TABLE_FLAGS: bitmask of enum nft_table_flags (NLA_U32)
			* @NFTA_TABLE_USE: number of chains in this table (NLA_U32)
	*/		*/
	enum nft_table_attributes {		enum nft_table_attributes {
	NFTA_TABLE_UNSPEC,		NFTA_TABLE_UNSPEC,
	NFTA_TABLE_NAME,		NFTA_TABLE_NAME,
	NFTA_TABLE_FLAGS,		NFTA_TABLE_FLAGS,
			NFTA_TABLE_USE,
	__NFTA_TABLE_MAX		__NFTA_TABLE_MAX
	};		};
	#define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1)		#define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1)

net/netfilter/nf_tables_api.c

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -180,7 +180,8 @@ static int nf_tables_fill_table_info(struct sk_buff *skb, u32 portid, u32 seq,
	nfmsg->res_id = 0;		nfmsg->res_id = 0;

	if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) \|\|		if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) \|\|
	nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)))		nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) \|\|
			nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use)))
	goto nla_put_failure;		goto nla_put_failure;

	return nlmsg_end(skb, nlh);		return nlmsg_end(skb, nlh);