 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
Functions | |
| int | mnl_socket_get_fd (const struct mnl_socket *nl) |
| mnl_socket_get_fd - obtain file descriptor from netlink socket More... | |
| EXPORT_SYMBOL (mnl_socket_get_fd) | |
| unsigned int | mnl_socket_get_portid (const struct mnl_socket *nl) |
| mnl_socket_get_portid - obtain Netlink PortID from netlink socket More... | |
| EXPORT_SYMBOL (mnl_socket_get_portid) | |
| struct mnl_socket * | mnl_socket_open (int bus) |
| mnl_socket_open - open a netlink socket More... | |
| EXPORT_SYMBOL (mnl_socket_open) | |
| struct mnl_socket * | mnl_socket_fdopen (int fd) |
| mnl_socket_fdopen - associates a mnl_socket object with pre-existing socket. More... | |
| EXPORT_SYMBOL (mnl_socket_fdopen) | |
| int | mnl_socket_bind (struct mnl_socket *nl, unsigned int groups, pid_t pid) |
| mnl_socket_bind - bind netlink socket More... | |
| EXPORT_SYMBOL (mnl_socket_bind) | |
| ssize_t | mnl_socket_sendto (const struct mnl_socket *nl, const void *buf, size_t len) |
| mnl_socket_sendto - send a netlink message of a certain size More... | |
| EXPORT_SYMBOL (mnl_socket_sendto) | |
| ssize_t | mnl_socket_recvfrom (const struct mnl_socket *nl, void *buf, size_t bufsiz) |
| mnl_socket_recvfrom - receive a netlink message More... | |
| EXPORT_SYMBOL (mnl_socket_recvfrom) | |
| int | mnl_socket_close (struct mnl_socket *nl) |
| mnl_socket_close - close a given netlink socket More... | |
| EXPORT_SYMBOL (mnl_socket_close) | |
| int | mnl_socket_setsockopt (const struct mnl_socket *nl, int type, void *buf, socklen_t len) |
| mnl_socket_setsockopt - set Netlink socket option More... | |
| EXPORT_SYMBOL (mnl_socket_setsockopt) | |
| int | mnl_socket_getsockopt (const struct mnl_socket *nl, int type, void *buf, socklen_t *len) |
| mnl_socket_getsockopt - get a Netlink socket option More... | |
| EXPORT_SYMBOL (mnl_socket_getsockopt) | |
Allocation | |
| struct nl_sock * | nl_socket_alloc (void) |
| Allocate new netlink socket. More... | |
| struct nl_sock * | nl_socket_alloc_cb (struct nl_cb *cb) |
| Allocate new socket with custom callbacks. More... | |
| void | nl_socket_free (struct nl_sock *sk) |
| Free a netlink socket. More... | |
Sequence Numbers | |
| void | nl_socket_disable_seq_check (struct nl_sock *sk) |
| Disable sequence number checking. More... | |
| unsigned int | nl_socket_use_seq (struct nl_sock *sk) |
| Use next sequence number. More... | |
| void | nl_socket_disable_auto_ack (struct nl_sock *sk) |
| Disable automatic request for ACK. More... | |
| void | nl_socket_enable_auto_ack (struct nl_sock *sk) |
| Enable automatic request for ACK (default) More... | |
Source Idenficiation | |
| uint32_t | nl_socket_get_local_port (struct nl_sock *sk) |
| void | nl_socket_set_local_port (struct nl_sock *sk, uint32_t port) |
| Set local port of socket. More... | |
Group Subscriptions | |
| int | nl_socket_add_memberships (struct nl_sock *sk, int group,...) |
| Join groups. More... | |
| int | nl_socket_add_membership (struct nl_sock *sk, int group) |
| int | nl_socket_drop_memberships (struct nl_sock *sk, int group,...) |
| Leave groups. More... | |
| int | nl_socket_drop_membership (struct nl_sock *sk, int group) |
| void | nl_join_groups (struct nl_sock *sk, int groups) |
| Join multicast groups (deprecated) More... | |
Peer Identfication | |
| uint32_t | nl_socket_get_peer_port (struct nl_sock *sk) |
| void | nl_socket_set_peer_port (struct nl_sock *sk, uint32_t port) |
File Descriptor | |
| int | nl_socket_get_fd (struct nl_sock *sk) |
| int | nl_socket_set_nonblocking (struct nl_sock *sk) |
| Set file descriptor of socket to non-blocking state. More... | |
| void | nl_socket_enable_msg_peek (struct nl_sock *sk) |
| Enable use of MSG_PEEK when reading from socket. More... | |
| void | nl_socket_disable_msg_peek (struct nl_sock *sk) |
| Disable use of MSG_PEEK when reading from socket. More... | |
Callback Handler | |
| struct nl_cb * | nl_socket_get_cb (struct nl_sock *sk) |
| void | nl_socket_set_cb (struct nl_sock *sk, struct nl_cb *cb) |
| int | nl_socket_modify_cb (struct nl_sock *sk, enum nl_cb_type type, enum nl_cb_kind kind, nl_recvmsg_msg_cb_t func, void *arg) |
| Modify the callback handler associated to the socket. More... | |
Utilities | |
| int | nl_socket_set_buffer_size (struct nl_sock *sk, int rxbuf, int txbuf) |
| Set socket buffer size of netlink socket. More... | |
| int | nl_socket_set_passcred (struct nl_sock *sk, int state) |
| Enable/disable credential passing on netlink socket. More... | |
| int | nl_socket_recv_pktinfo (struct nl_sock *sk, int state) |
| Enable/disable receival of additional packet information. More... | |
| EXPORT_SYMBOL | ( | mnl_socket_get_fd | ) |
| EXPORT_SYMBOL | ( | mnl_socket_get_portid | ) |
| EXPORT_SYMBOL | ( | mnl_socket_open | ) |
| EXPORT_SYMBOL | ( | mnl_socket_fdopen | ) |
| EXPORT_SYMBOL | ( | mnl_socket_bind | ) |
| EXPORT_SYMBOL | ( | mnl_socket_sendto | ) |
| EXPORT_SYMBOL | ( | mnl_socket_recvfrom | ) |
| EXPORT_SYMBOL | ( | mnl_socket_close | ) |
| EXPORT_SYMBOL | ( | mnl_socket_setsockopt | ) |
| EXPORT_SYMBOL | ( | mnl_socket_getsockopt | ) |
| int mnl_socket_bind | ( | struct mnl_socket * | nl, |
| unsigned int | groups, | ||
| pid_t | pid | ||
| ) |
mnl_socket_bind - bind netlink socket
| nl | netlink socket obtained via mnl_socket_open() |
| groups | the group of message you're interested in |
| pid | the port ID you want to use (use zero for automatic selection) |
On error, this function returns -1 and errno is appropriately set. On success, 0 is returned. You can use MNL_SOCKET_AUTOPID which is 0 for automatic port ID selection.
References mnl_socket::addr, mnl_socket::fd, sockaddr_nl::nl_family, sockaddr_nl::nl_groups, and sockaddr_nl::nl_pid.
Referenced by cthelper_init(), mnl_event_nssocket(), netlink_monitor(), nfct_mnl_open(), nft_batch_is_supported(), nft_compatible_revision(), nft_init(), and xtables_events_main().
| int mnl_socket_close | ( | struct mnl_socket * | nl | ) |
mnl_socket_close - close a given netlink socket
| nl | netlink socket obtained via mnl_socket_open() |
On error, this function returns -1 and errno is appropriately set. On success, it returns 0.
References mnl_socket::fd.
Referenced by cthelper_kill(), main(), mnl_event_nssocket(), nft_batch_is_supported(), nft_compatible_revision(), nft_fini(), nfts_socket_close(), and xtables_events_main().
| struct mnl_socket* mnl_socket_fdopen | ( | int | fd | ) |
mnl_socket_fdopen - associates a mnl_socket object with pre-existing socket.
| fd | pre-existing socket descriptor. |
On error, it returns NULL and errno is appropriately set. Otherwise, it returns a valid pointer to the mnl_socket structure. It also sets the portID if the socket fd is already bound and it is AF_NETLINK.
Note that mnl_socket_get_portid() returns 0 if this function is used with non-netlink socket.
References mnl_socket::addr, mnl_socket::fd, sockaddr_nl::nl_family, and NULL.
Referenced by mnl_nssocket_open().
| int mnl_socket_get_fd | ( | const struct mnl_socket * | nl | ) |
mnl_socket_get_fd - obtain file descriptor from netlink socket
| nl | netlink socket obtained via mnl_socket_open() |
This function returns the file descriptor of a given netlink socket.
References mnl_socket::fd.
Referenced by cthelper_init(), handle_qacb(), and mnl_batch_talk().
| unsigned int mnl_socket_get_portid | ( | const struct mnl_socket * | nl | ) |
mnl_socket_get_portid - obtain Netlink PortID from netlink socket
| nl | netlink socket obtained via mnl_socket_open() |
This function returns the Netlink PortID of a given netlink socket. It's a common mistake to assume that this PortID equals the process ID which is not always true. This is the case if you open more than one socket that is binded to the same Netlink subsystem from the same process.
References mnl_socket::addr, and sockaddr_nl::nl_pid.
Referenced by cthelper_init(), mnl_batch_supported(), mnl_batch_talk(), nft_batch_is_supported(), nft_compatible_revision(), and nft_init().
| int mnl_socket_getsockopt | ( | const struct mnl_socket * | nl, |
| int | type, | ||
| void * | buf, | ||
| socklen_t * | len | ||
| ) |
mnl_socket_getsockopt - get a Netlink socket option
| nl | netlink socket obtained via mnl_socket_open() |
| type | type of Netlink socket options |
| buf | pointer to the buffer to store the value of this option |
| len | size of the information written in the buffer |
On error, this function returns -1 and errno is appropriately set.
References mnl_socket::fd, and SOL_NETLINK.
| struct mnl_socket* mnl_socket_open | ( | int | bus | ) |
mnl_socket_open - open a netlink socket
| bus | the netlink socket bus ID (see NETLINK_* constants) |
On error, it returns NULL and errno is appropriately set. Otherwise, it returns a valid pointer to the mnl_socket structure.
References mnl_socket::fd, and NULL.
Referenced by cthelper_init(), nfct_mnl_open(), nft_batch_is_supported(), nft_compatible_revision(), nft_init(), and xtables_events_main().
| ssize_t mnl_socket_recvfrom | ( | const struct mnl_socket * | nl, |
| void * | buf, | ||
| size_t | bufsiz | ||
| ) |
mnl_socket_recvfrom - receive a netlink message
| nl | netlink socket obtained via mnl_socket_open() |
| buf | buffer that you want to use to store the netlink message |
| bufsiz | size of the buffer passed to store the netlink message |
On error, it returns -1 and errno is appropriately set. If errno is set to ENOSPC, it means that the buffer that you have passed to store the netlink message is too small, so you have received a truncated message. To avoid this, you have to allocate a buffer of MNL_SOCKET_BUFFER_SIZE (which is 8KB, see linux/netlink.h for more information). Using this buffer size ensures that your buffer is big enough to store the netlink message without truncating it.
References buf, mnl_socket::fd, MSG_TRUNC, and NULL.
Referenced by handle_qacb(), mnl_batch_supported(), mnl_batch_talk(), mnl_talk(), nfct_mnl_talk(), nft_batch_is_supported(), nft_compatible_revision(), and xtables_events_main().
| ssize_t mnl_socket_sendto | ( | const struct mnl_socket * | nl, |
| const void * | buf, | ||
| size_t | len | ||
| ) |
mnl_socket_sendto - send a netlink message of a certain size
| nl | netlink socket obtained via mnl_socket_open() |
| buf | buffer containing the netlink message to be sent |
| len | number of bytes in the buffer that you want to send |
On error, it returns -1 and errno is appropriately set. Otherwise, it returns the number of bytes sent.
References mnl_socket::fd, and sockaddr_nl::nl_family.
Referenced by mnl_batch_supported(), mnl_talk(), nfct_mnl_talk(), nft_batch_is_supported(), and nft_compatible_revision().
| int mnl_socket_setsockopt | ( | const struct mnl_socket * | nl, |
| int | type, | ||
| void * | buf, | ||
| socklen_t | len | ||
| ) |
mnl_socket_setsockopt - set Netlink socket option
| nl | netlink socket obtained via mnl_socket_open() |
| type | type of Netlink socket options |
| buf | the buffer that contains the data about this option |
| len | the size of the buffer passed |
This function allows you to set some Netlink socket option. As of writing this (see linux/netlink.h), the existing options are:
In the early days, Netlink only supported 32 groups expressed in a 32-bits mask. However, since 2.6.14, Netlink may have up to 2^32 multicast groups but you have to use setsockopt() with NETLINK_ADD_MEMBERSHIP to join a given multicast group. This function internally calls setsockopt() to join a given netlink multicast group. You can still use mnl_bind() and the 32-bit mask to join a set of Netlink multicast groups.
On error, this function returns -1 and errno is appropriately set.
References mnl_socket::fd, and SOL_NETLINK.
Join multicast groups (deprecated)
This function defines the old way of joining multicast group which has to be done prior to calling nl_connect(). It works on any kernel version but is very limited as only 32 groups can be joined.
References sockaddr_nl::nl_groups, and nl_sock::s_local.
References nl_socket_add_memberships().
Referenced by main(), and nl_cache_mngr_add().
Join groups.
Joins the specified groups using the modern socket option which is available since kernel version 2.6.14. It allows joining an almost arbitary number of groups without limitation. The list of groups has to be terminated by 0 (NFNLGRP_NONE).
Make sure to use the correct group definitions as the older bitmask definitions for nl_join_groups() are likely to still be present for backward compatibility reasons.
References NETLINK_ADD_MEMBERSHIP, nl_syserr2nlerr(), NLE_BAD_SOCK, NLE_INVAL, nl_sock::s_fd, and SOL_NETLINK.
Referenced by nl_socket_add_membership().
Allocate new netlink socket.
References nl_cb_alloc(), and NULL.
Referenced by nfnl_queue_socket_alloc(), and nl_cli_alloc_socket().
Allocate new socket with custom callbacks.
The reference to the callback handler is taken into account automatically, it is released again upon calling nl_socket_free().
References BUG, nl_cb_get(), and NULL.
Disable automatic request for ACK.
The default behaviour of a socket is to request an ACK for each message sent to allow for the caller to synchronize to the completion of the netlink operation. This function disables this behaviour and will result in requests being sent which will not have the NLM_F_ACK flag set automatically. However, it is still possible for the caller to set the NLM_F_ACK flag explicitely.
References NL_NO_AUTO_ACK, and nl_sock::s_flags.
Referenced by nfnl_queue_socket_alloc().
Disable use of MSG_PEEK when reading from socket.
References NL_MSG_PEEK, and nl_sock::s_flags.
Disable sequence number checking.
Disables checking of sequence numbers on the netlink socket This is required to allow messages to be processed which were not requested by a preceding request message, e.g. netlink events.
References NL_CB_CUSTOM, NL_CB_SEQ_CHECK, nl_cb_set(), NULL, and nl_sock::s_cb.
Referenced by main(), and nl_cache_mngr_alloc().
References nl_socket_drop_memberships().
Referenced by nl_cache_mngr_add().
Leave groups.
Leaves the specified groups using the modern socket option which is available since kernel version 2.6.14. The list of groups has to terminated by 0 (NFNLGRP_NONE).
References NETLINK_DROP_MEMBERSHIP, nl_syserr2nlerr(), NLE_BAD_SOCK, NLE_INVAL, nl_sock::s_fd, and SOL_NETLINK.
Referenced by nl_socket_drop_membership().
Enable automatic request for ACK (default)
References NL_NO_AUTO_ACK, and nl_sock::s_flags.
Enable use of MSG_PEEK when reading from socket.
References NL_MSG_PEEK, and nl_sock::s_flags.
Free a netlink socket.
References nl_cb_put(), NL_OWN_PORT, sockaddr_nl::nl_pid, nl_sock::s_cb, nl_sock::s_fd, nl_sock::s_flags, and nl_sock::s_local.
References nl_sock::s_fd.
Referenced by main(), nl_cache_mngr_get_fd(), and nl_cache_mngr_poll().
References sockaddr_nl::nl_pid, and nl_sock::s_local.
References sockaddr_nl::nl_pid, and nl_sock::s_peer.
| int nl_socket_modify_cb | ( | struct nl_sock * | sk, |
| enum nl_cb_type | type, | ||
| enum nl_cb_kind | kind, | ||
| nl_recvmsg_msg_cb_t | func, | ||
| void * | arg | ||
| ) |
Modify the callback handler associated to the socket.
References nl_cb_set(), and nl_sock::s_cb.
Referenced by main(), and nl_cache_mngr_alloc().
Enable/disable receival of additional packet information.
References NETLINK_PKTINFO, nl_syserr2nlerr(), NLE_BAD_SOCK, nl_sock::s_fd, and SOL_NETLINK.
Set socket buffer size of netlink socket.
Sets the socket buffer size of a netlink socket to the specified values rxbuf and txbuf. Providing a value of 0 assumes a good default value.
References NL_SOCK_BUFSIZE_SET, nl_syserr2nlerr(), NLE_BAD_SOCK, nl_sock::s_fd, and nl_sock::s_flags.
Referenced by main(), and nl_connect().
Set local port of socket.
Assigns a local port identifier to the socket. If port is 0 a unique port identifier will be generated automatically.
References NL_OWN_PORT, sockaddr_nl::nl_pid, nl_sock::s_flags, and nl_sock::s_local.
Set file descriptor of socket to non-blocking state.
References nl_syserr2nlerr(), NLE_BAD_SOCK, and nl_sock::s_fd.
Referenced by nl_cache_mngr_alloc().
Enable/disable credential passing on netlink socket.
References NL_SOCK_PASSCRED, nl_syserr2nlerr(), NLE_BAD_SOCK, nl_sock::s_fd, and nl_sock::s_flags.
References sockaddr_nl::nl_pid, and nl_sock::s_peer.
Use next sequence number.
Uses the next available sequence number and increases the counter by one for subsequent calls.
References nl_sock::s_seq_next.
1.8.8 
