From 3e042f75d78f94b3182304566f908f5bf7d7a7ad Mon Sep 17 00:00:00 2001
From: thediveo <thediveo@gmx.eu>
Date: Sat, 14 May 2022 16:45:18 +0000
Subject: [PATCH] refactor: pass table family when un/marshalling expr

---
 conn.go              |  4 ++--
 expr/bitwise.go      |  4 ++--
 expr/bitwise_test.go |  4 ++--
 expr/byteorder.go    |  4 ++--
 expr/counter.go      |  4 ++--
 expr/ct.go           |  4 ++--
 expr/dup.go          |  4 ++--
 expr/dynset.go       |  4 ++--
 expr/expr.go         | 24 ++++++++++++------------
 expr/exthdr.go       |  6 +++---
 expr/exthdr_test.go  |  4 ++--
 expr/fib.go          |  4 ++--
 expr/hash.go         |  4 ++--
 expr/immediate.go    |  4 ++--
 expr/limit.go        |  4 ++--
 expr/log.go          |  4 ++--
 expr/lookup.go       |  4 ++--
 expr/match.go        |  4 ++--
 expr/match_test.go   |  4 ++--
 expr/nat.go          |  4 ++--
 expr/notrack.go      |  4 ++--
 expr/numgen.go       |  4 ++--
 expr/objref.go       |  4 ++--
 expr/payload.go      |  4 ++--
 expr/queue.go        |  4 ++--
 expr/quota.go        |  4 ++--
 expr/range.go        |  4 ++--
 expr/redirect.go     |  4 ++--
 expr/reject.go       |  4 ++--
 expr/rt.go           |  4 ++--
 expr/target.go       |  4 ++--
 expr/target_test.go  |  4 ++--
 expr/tproxy.go       |  4 ++--
 expr/verdict.go      |  4 ++--
 rule.go              | 19 +++++++++++--------
 35 files changed, 90 insertions(+), 87 deletions(-)

diff --git a/conn.go b/conn.go
index 2b20ea4..3218afa 100644
--- a/conn.go
+++ b/conn.go
@@ -227,8 +227,8 @@ func (cc *Conn) marshalAttr(attrs []netlink.Attribute) []byte {
 	return b
 }
 
-func (cc *Conn) marshalExpr(e expr.Any) []byte {
-	b, err := expr.Marshal(e)
+func (cc *Conn) marshalExpr(fam byte, e expr.Any) []byte {
+	b, err := expr.Marshal(fam, e)
 	if err != nil {
 		cc.setErr(err)
 		return nil
diff --git a/expr/bitwise.go b/expr/bitwise.go
index 4bb55a8..62f7f9b 100644
--- a/expr/bitwise.go
+++ b/expr/bitwise.go
@@ -30,7 +30,7 @@ type Bitwise struct {
 	Xor            []byte
 }
 
-func (e *Bitwise) marshal() ([]byte, error) {
+func (e *Bitwise) marshal(fam byte) ([]byte, error) {
 	mask, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_DATA_VALUE, Data: e.Mask},
 	})
@@ -60,7 +60,7 @@ func (e *Bitwise) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Bitwise) unmarshal(data []byte) error {
+func (e *Bitwise) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/bitwise_test.go b/expr/bitwise_test.go
index 3a71e48..35fc3b3 100644
--- a/expr/bitwise_test.go
+++ b/expr/bitwise_test.go
@@ -32,7 +32,7 @@ func TestBitwise(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			nbw := Bitwise{}
-			data, err := tt.bw.marshal()
+			data, err := tt.bw.marshal(0 /* don't care in this test */)
 			if err != nil {
 				t.Fatalf("marshal error: %+v", err)
 
@@ -44,7 +44,7 @@ func TestBitwise(t *testing.T) {
 			ad.ByteOrder = binary.BigEndian
 			for ad.Next() {
 				if ad.Type() == unix.NFTA_EXPR_DATA {
-					if err := nbw.unmarshal(ad.Bytes()); err != nil {
+					if err := nbw.unmarshal(0, ad.Bytes()); err != nil {
 						t.Errorf("unmarshal error: %+v", err)
 						break
 					}
diff --git a/expr/byteorder.go b/expr/byteorder.go
index a28996d..2450e8f 100644
--- a/expr/byteorder.go
+++ b/expr/byteorder.go
@@ -37,7 +37,7 @@ type Byteorder struct {
 	Size           uint32
 }
 
-func (e *Byteorder) marshal() ([]byte, error) {
+func (e *Byteorder) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_BYTEORDER_SREG, Data: binaryutil.BigEndian.PutUint32(e.SourceRegister)},
 		{Type: unix.NFTA_BYTEORDER_DREG, Data: binaryutil.BigEndian.PutUint32(e.DestRegister)},
@@ -54,6 +54,6 @@ func (e *Byteorder) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Byteorder) unmarshal(data []byte) error {
+func (e *Byteorder) unmarshal(fam byte, data []byte) error {
 	return fmt.Errorf("not yet implemented")
 }
diff --git a/expr/counter.go b/expr/counter.go
index d441cd8..dd6eab3 100644
--- a/expr/counter.go
+++ b/expr/counter.go
@@ -27,7 +27,7 @@ type Counter struct {
 	Packets uint64
 }
 
-func (e *Counter) marshal() ([]byte, error) {
+func (e *Counter) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_COUNTER_BYTES, Data: binaryutil.BigEndian.PutUint64(e.Bytes)},
 		{Type: unix.NFTA_COUNTER_PACKETS, Data: binaryutil.BigEndian.PutUint64(e.Packets)},
@@ -42,7 +42,7 @@ func (e *Counter) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Counter) unmarshal(data []byte) error {
+func (e *Counter) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/ct.go b/expr/ct.go
index 9e997a8..1a0ee68 100644
--- a/expr/ct.go
+++ b/expr/ct.go
@@ -63,7 +63,7 @@ type Ct struct {
 	Key            CtKey
 }
 
-func (e *Ct) marshal() ([]byte, error) {
+func (e *Ct) marshal(fam byte) ([]byte, error) {
 	regData := []byte{}
 	exprData, err := netlink.MarshalAttributes(
 		[]netlink.Attribute{
@@ -97,7 +97,7 @@ func (e *Ct) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Ct) unmarshal(data []byte) error {
+func (e *Ct) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/dup.go b/expr/dup.go
index a7e3805..0114fa7 100644
--- a/expr/dup.go
+++ b/expr/dup.go
@@ -28,7 +28,7 @@ type Dup struct {
 	IsRegDevSet bool
 }
 
-func (e *Dup) marshal() ([]byte, error) {
+func (e *Dup) marshal(fam byte) ([]byte, error) {
 	attrs := []netlink.Attribute{
 		{Type: unix.NFTA_DUP_SREG_ADDR, Data: binaryutil.BigEndian.PutUint32(e.RegAddr)},
 	}
@@ -49,7 +49,7 @@ func (e *Dup) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Dup) unmarshal(data []byte) error {
+func (e *Dup) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/dynset.go b/expr/dynset.go
index 1e990ab..423bb7a 100644
--- a/expr/dynset.go
+++ b/expr/dynset.go
@@ -34,7 +34,7 @@ type Dynset struct {
 	Invert     bool
 }
 
-func (e *Dynset) marshal() ([]byte, error) {
+func (e *Dynset) marshal(fam byte) ([]byte, error) {
 	// See: https://git.netfilter.org/libnftnl/tree/src/expr/dynset.c
 	var opAttrs []netlink.Attribute
 	opAttrs = append(opAttrs, netlink.Attribute{Type: unix.NFTA_DYNSET_SREG_KEY, Data: binaryutil.BigEndian.PutUint32(e.SrcRegKey)})
@@ -62,7 +62,7 @@ func (e *Dynset) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Dynset) unmarshal(data []byte) error {
+func (e *Dynset) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/expr.go b/expr/expr.go
index 5cb004e..ec44b13 100644
--- a/expr/expr.go
+++ b/expr/expr.go
@@ -24,19 +24,19 @@ import (
 )
 
 // Marshal serializes the specified expression into a byte slice.
-func Marshal(e Any) ([]byte, error) {
-	return e.marshal()
+func Marshal(fam byte, e Any) ([]byte, error) {
+	return e.marshal(fam)
 }
 
 // Unmarshal fills an expression from the specified byte slice.
-func Unmarshal(data []byte, e Any) error {
-	return e.unmarshal(data)
+func Unmarshal(fam byte, data []byte, e Any) error {
+	return e.unmarshal(fam, data)
 }
 
 // Any is an interface implemented by any expression type.
 type Any interface {
-	marshal() ([]byte, error)
-	unmarshal([]byte) error
+	marshal(fam byte) ([]byte, error)
+	unmarshal(fam byte, data []byte) error
 }
 
 // MetaKey specifies which piece of meta information should be loaded. See also
@@ -80,7 +80,7 @@ type Meta struct {
 	Register       uint32
 }
 
-func (e *Meta) marshal() ([]byte, error) {
+func (e *Meta) marshal(fam byte) ([]byte, error) {
 	regData := []byte{}
 	exprData, err := netlink.MarshalAttributes(
 		[]netlink.Attribute{
@@ -114,7 +114,7 @@ func (e *Meta) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Meta) unmarshal(data []byte) error {
+func (e *Meta) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
@@ -153,7 +153,7 @@ const (
 	NF_NAT_RANGE_PERSISTENT = 0x8
 )
 
-func (e *Masq) marshal() ([]byte, error) {
+func (e *Masq) marshal(fam byte) ([]byte, error) {
 	msgData := []byte{}
 	if !e.ToPorts {
 		flags := uint32(0)
@@ -196,7 +196,7 @@ func (e *Masq) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Masq) unmarshal(data []byte) error {
+func (e *Masq) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
@@ -238,7 +238,7 @@ type Cmp struct {
 	Data     []byte
 }
 
-func (e *Cmp) marshal() ([]byte, error) {
+func (e *Cmp) marshal(fam byte) ([]byte, error) {
 	cmpData, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_DATA_VALUE, Data: e.Data},
 	})
@@ -259,7 +259,7 @@ func (e *Cmp) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Cmp) unmarshal(data []byte) error {
+func (e *Cmp) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/exthdr.go b/expr/exthdr.go
index 57cf223..df0c7db 100644
--- a/expr/exthdr.go
+++ b/expr/exthdr.go
@@ -39,7 +39,7 @@ type Exthdr struct {
 	SourceRegister uint32
 }
 
-func (e *Exthdr) marshal() ([]byte, error) {
+func (e *Exthdr) marshal(fam byte) ([]byte, error) {
 	var attr []netlink.Attribute
 
 	// Operations are differentiated by the Op and whether the SourceRegister
@@ -49,7 +49,7 @@ func (e *Exthdr) marshal() ([]byte, error) {
 			{Type: unix.NFTA_EXTHDR_SREG, Data: binaryutil.BigEndian.PutUint32(e.SourceRegister)}}
 	} else {
 		attr = []netlink.Attribute{
-			netlink.Attribute{Type: unix.NFTA_EXTHDR_DREG, Data: binaryutil.BigEndian.PutUint32(e.DestRegister)}}
+			{Type: unix.NFTA_EXTHDR_DREG, Data: binaryutil.BigEndian.PutUint32(e.DestRegister)}}
 	}
 
 	attr = append(attr,
@@ -74,7 +74,7 @@ func (e *Exthdr) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Exthdr) unmarshal(data []byte) error {
+func (e *Exthdr) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/exthdr_test.go b/expr/exthdr_test.go
index a573436..b211818 100644
--- a/expr/exthdr_test.go
+++ b/expr/exthdr_test.go
@@ -44,7 +44,7 @@ func TestExthdr(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			neh := Exthdr{}
-			data, err := tt.eh.marshal()
+			data, err := tt.eh.marshal(0 /* don't care in this test */)
 			if err != nil {
 				t.Fatalf("marshal error: %+v", err)
 
@@ -56,7 +56,7 @@ func TestExthdr(t *testing.T) {
 			ad.ByteOrder = binary.BigEndian
 			for ad.Next() {
 				if ad.Type() == unix.NFTA_EXPR_DATA {
-					if err := neh.unmarshal(ad.Bytes()); err != nil {
+					if err := neh.unmarshal(0, ad.Bytes()); err != nil {
 						t.Errorf("unmarshal error: %+v", err)
 						break
 					}
diff --git a/expr/fib.go b/expr/fib.go
index fdac832..f7ee704 100644
--- a/expr/fib.go
+++ b/expr/fib.go
@@ -36,7 +36,7 @@ type Fib struct {
 	FlagPRESENT    bool
 }
 
-func (e *Fib) marshal() ([]byte, error) {
+func (e *Fib) marshal(fam byte) ([]byte, error) {
 	data := []byte{}
 	reg, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_FIB_DREG, Data: binaryutil.BigEndian.PutUint32(e.Register)},
@@ -99,7 +99,7 @@ func (e *Fib) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Fib) unmarshal(data []byte) error {
+func (e *Fib) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/hash.go b/expr/hash.go
index 08e0d3f..6849177 100644
--- a/expr/hash.go
+++ b/expr/hash.go
@@ -40,7 +40,7 @@ type Hash struct {
 	Type           HashType
 }
 
-func (e *Hash) marshal() ([]byte, error) {
+func (e *Hash) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_HASH_SREG, Data: binaryutil.BigEndian.PutUint32(uint32(e.SourceRegister))},
 		{Type: unix.NFTA_HASH_DREG, Data: binaryutil.BigEndian.PutUint32(uint32(e.DestRegister))},
@@ -59,7 +59,7 @@ func (e *Hash) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Hash) unmarshal(data []byte) error {
+func (e *Hash) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/immediate.go b/expr/immediate.go
index a503845..99531f8 100644
--- a/expr/immediate.go
+++ b/expr/immediate.go
@@ -28,7 +28,7 @@ type Immediate struct {
 	Data     []byte
 }
 
-func (e *Immediate) marshal() ([]byte, error) {
+func (e *Immediate) marshal(fam byte) ([]byte, error) {
 	immData, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_DATA_VALUE, Data: e.Data},
 	})
@@ -49,7 +49,7 @@ func (e *Immediate) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Immediate) unmarshal(data []byte) error {
+func (e *Immediate) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/limit.go b/expr/limit.go
index 45cdd36..8e110f5 100644
--- a/expr/limit.go
+++ b/expr/limit.go
@@ -71,7 +71,7 @@ type Limit struct {
 	Burst uint32
 }
 
-func (l *Limit) marshal() ([]byte, error) {
+func (l *Limit) marshal(fam byte) ([]byte, error) {
 	attrs := []netlink.Attribute{
 		{Type: unix.NFTA_LIMIT_TYPE, Data: binaryutil.BigEndian.PutUint32(uint32(l.Type))},
 		{Type: unix.NFTA_LIMIT_RATE, Data: binaryutil.BigEndian.PutUint64(l.Rate)},
@@ -103,7 +103,7 @@ func (l *Limit) marshal() ([]byte, error) {
 	})
 }
 
-func (l *Limit) unmarshal(data []byte) error {
+func (l *Limit) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/log.go b/expr/log.go
index 7730a92..a712b99 100644
--- a/expr/log.go
+++ b/expr/log.go
@@ -68,7 +68,7 @@ type Log struct {
 	Data []byte
 }
 
-func (e *Log) marshal() ([]byte, error) {
+func (e *Log) marshal(fam byte) ([]byte, error) {
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/log.c?id=09456c720e9c00eecc08e41ac6b7c291b3821ee5#n129
 	attrs := make([]netlink.Attribute, 0)
 	if e.Key&(1<<unix.NFTA_LOG_GROUP) != 0 {
@@ -120,7 +120,7 @@ func (e *Log) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Log) unmarshal(data []byte) error {
+func (e *Log) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/lookup.go b/expr/lookup.go
index b41b1fc..6b7440c 100644
--- a/expr/lookup.go
+++ b/expr/lookup.go
@@ -33,7 +33,7 @@ type Lookup struct {
 	Invert  bool
 }
 
-func (e *Lookup) marshal() ([]byte, error) {
+func (e *Lookup) marshal(fam byte) ([]byte, error) {
 	// See: https://git.netfilter.org/libnftnl/tree/src/expr/lookup.c?id=6dc1c3d8bb64077da7f3f28c7368fb087d10a492#n115
 	var opAttrs []netlink.Attribute
 	if e.SourceRegister != 0 {
@@ -60,7 +60,7 @@ func (e *Lookup) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Lookup) unmarshal(data []byte) error {
+func (e *Lookup) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/match.go b/expr/match.go
index 6c0e83d..b568f4a 100644
--- a/expr/match.go
+++ b/expr/match.go
@@ -16,7 +16,7 @@ type Match struct {
 	Info []byte
 }
 
-func (e *Match) marshal() ([]byte, error) {
+func (e *Match) marshal(fam byte) ([]byte, error) {
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/match.c?id=09456c720e9c00eecc08e41ac6b7c291b3821ee5#n38
 	name := e.Name
 	// limit the extension name as (some) user-space tools do and leave room for
@@ -40,7 +40,7 @@ func (e *Match) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Match) unmarshal(data []byte) error {
+func (e *Match) unmarshal(fam byte, data []byte) error {
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/match.c?id=09456c720e9c00eecc08e41ac6b7c291b3821ee5#n65
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
diff --git a/expr/match_test.go b/expr/match_test.go
index 08730b8..2e12d9c 100644
--- a/expr/match_test.go
+++ b/expr/match_test.go
@@ -28,7 +28,7 @@ func TestMatch(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ntgt := Match{}
-			data, err := tt.mtch.marshal()
+			data, err := tt.mtch.marshal(0 /* don't care in this test */)
 			if err != nil {
 				t.Fatalf("marshal error: %+v", err)
 
@@ -40,7 +40,7 @@ func TestMatch(t *testing.T) {
 			ad.ByteOrder = binary.BigEndian
 			for ad.Next() {
 				if ad.Type() == unix.NFTA_EXPR_DATA {
-					if err := ntgt.unmarshal(ad.Bytes()); err != nil {
+					if err := ntgt.unmarshal(0 /* don't care in this test */, ad.Bytes()); err != nil {
 						t.Errorf("unmarshal error: %+v", err)
 						break
 					}
diff --git a/expr/nat.go b/expr/nat.go
index 27813a6..9602c23 100644
--- a/expr/nat.go
+++ b/expr/nat.go
@@ -55,7 +55,7 @@ type NAT struct {
 // |00008|--|00005|	|len |flags| type| NFTA_NAT_REG_PROTO_MIN
 // | 00 00 00 02  |	|      data      |  reg 2
 
-func (e *NAT) marshal() ([]byte, error) {
+func (e *NAT) marshal(fam byte) ([]byte, error) {
 	attrs := []netlink.Attribute{
 		{Type: unix.NFTA_NAT_TYPE, Data: binaryutil.BigEndian.PutUint32(uint32(e.Type))},
 		{Type: unix.NFTA_NAT_FAMILY, Data: binaryutil.BigEndian.PutUint32(e.Family)},
@@ -96,7 +96,7 @@ func (e *NAT) marshal() ([]byte, error) {
 	})
 }
 
-func (e *NAT) unmarshal(data []byte) error {
+func (e *NAT) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/notrack.go b/expr/notrack.go
index d7b28ae..cb665d3 100644
--- a/expr/notrack.go
+++ b/expr/notrack.go
@@ -21,13 +21,13 @@ import (
 
 type Notrack struct{}
 
-func (e *Notrack) marshal() ([]byte, error) {
+func (e *Notrack) marshal(fam byte) ([]byte, error) {
 	return netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_EXPR_NAME, Data: []byte("notrack\x00")},
 	})
 }
 
-func (e *Notrack) unmarshal(data []byte) error {
+func (e *Notrack) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 
 	if err != nil {
diff --git a/expr/numgen.go b/expr/numgen.go
index 8c51545..bcbb1bb 100644
--- a/expr/numgen.go
+++ b/expr/numgen.go
@@ -31,7 +31,7 @@ type Numgen struct {
 	Offset   uint32
 }
 
-func (e *Numgen) marshal() ([]byte, error) {
+func (e *Numgen) marshal(fam byte) ([]byte, error) {
 	// Currently only two types are supported, failing if Type is not of two known types
 	switch e.Type {
 	case unix.NFT_NG_INCREMENTAL:
@@ -56,7 +56,7 @@ func (e *Numgen) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Numgen) unmarshal(data []byte) error {
+func (e *Numgen) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/objref.go b/expr/objref.go
index 39de39e..ae9521b 100644
--- a/expr/objref.go
+++ b/expr/objref.go
@@ -27,7 +27,7 @@ type Objref struct {
 	Name string
 }
 
-func (e *Objref) marshal() ([]byte, error) {
+func (e *Objref) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_OBJREF_IMM_TYPE, Data: binaryutil.BigEndian.PutUint32(uint32(e.Type))},
 		{Type: unix.NFTA_OBJREF_IMM_NAME, Data: []byte(e.Name)}, // NOT \x00-terminated?!
@@ -42,7 +42,7 @@ func (e *Objref) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Objref) unmarshal(data []byte) error {
+func (e *Objref) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/payload.go b/expr/payload.go
index e4bfd51..7f69809 100644
--- a/expr/payload.go
+++ b/expr/payload.go
@@ -57,7 +57,7 @@ type Payload struct {
 	CsumFlags      uint32
 }
 
-func (e *Payload) marshal() ([]byte, error) {
+func (e *Payload) marshal(fam byte) ([]byte, error) {
 
 	var attrs []netlink.Attribute
 
@@ -100,7 +100,7 @@ func (e *Payload) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Payload) unmarshal(data []byte) error {
+func (e *Payload) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/queue.go b/expr/queue.go
index 9008ab5..3d0012d 100644
--- a/expr/queue.go
+++ b/expr/queue.go
@@ -44,7 +44,7 @@ type Queue struct {
 	Flag  QueueFlag
 }
 
-func (e *Queue) marshal() ([]byte, error) {
+func (e *Queue) marshal(fam byte) ([]byte, error) {
 	if e.Total == 0 {
 		e.Total = 1 // The total default value is 1
 	}
@@ -62,7 +62,7 @@ func (e *Queue) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Queue) unmarshal(data []byte) error {
+func (e *Queue) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/quota.go b/expr/quota.go
index 91db028..f8bc0f3 100644
--- a/expr/quota.go
+++ b/expr/quota.go
@@ -29,7 +29,7 @@ type Quota struct {
 	Over     bool
 }
 
-func (q *Quota) marshal() ([]byte, error) {
+func (q *Quota) marshal(fam byte) ([]byte, error) {
 	attrs := []netlink.Attribute{
 		{Type: unix.NFTA_QUOTA_BYTES, Data: binaryutil.BigEndian.PutUint64(q.Bytes)},
 		{Type: unix.NFTA_QUOTA_CONSUMED, Data: binaryutil.BigEndian.PutUint64(q.Consumed)},
@@ -55,7 +55,7 @@ func (q *Quota) marshal() ([]byte, error) {
 	})
 }
 
-func (q *Quota) unmarshal(data []byte) error {
+func (q *Quota) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/range.go b/expr/range.go
index fd03704..8a1f6ea 100644
--- a/expr/range.go
+++ b/expr/range.go
@@ -30,7 +30,7 @@ type Range struct {
 	ToData   []byte
 }
 
-func (e *Range) marshal() ([]byte, error) {
+func (e *Range) marshal(fam byte) ([]byte, error) {
 	var attrs []netlink.Attribute
 	var err error
 	var rangeFromData, rangeToData []byte
@@ -64,7 +64,7 @@ func (e *Range) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Range) unmarshal(data []byte) error {
+func (e *Range) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/redirect.go b/expr/redirect.go
index 506047a..1c6f622 100644
--- a/expr/redirect.go
+++ b/expr/redirect.go
@@ -28,7 +28,7 @@ type Redir struct {
 	Flags            uint32
 }
 
-func (e *Redir) marshal() ([]byte, error) {
+func (e *Redir) marshal(fam byte) ([]byte, error) {
 	var attrs []netlink.Attribute
 	if e.RegisterProtoMin > 0 {
 		attrs = append(attrs, netlink.Attribute{Type: unix.NFTA_REDIR_REG_PROTO_MIN, Data: binaryutil.BigEndian.PutUint32(e.RegisterProtoMin)})
@@ -51,7 +51,7 @@ func (e *Redir) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Redir) unmarshal(data []byte) error {
+func (e *Redir) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/reject.go b/expr/reject.go
index c0eedb2..a742626 100644
--- a/expr/reject.go
+++ b/expr/reject.go
@@ -27,7 +27,7 @@ type Reject struct {
 	Code uint8
 }
 
-func (e *Reject) marshal() ([]byte, error) {
+func (e *Reject) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_REJECT_TYPE, Data: binaryutil.BigEndian.PutUint32(e.Type)},
 		{Type: unix.NFTA_REJECT_ICMP_CODE, Data: []byte{e.Code}},
@@ -41,7 +41,7 @@ func (e *Reject) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Reject) unmarshal(data []byte) error {
+func (e *Reject) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/rt.go b/expr/rt.go
index 8fdbdb5..c3be7ff 100644
--- a/expr/rt.go
+++ b/expr/rt.go
@@ -36,7 +36,7 @@ type Rt struct {
 	Key      RtKey
 }
 
-func (e *Rt) marshal() ([]byte, error) {
+func (e *Rt) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: unix.NFTA_RT_KEY, Data: binaryutil.BigEndian.PutUint32(uint32(e.Key))},
 		{Type: unix.NFTA_RT_DREG, Data: binaryutil.BigEndian.PutUint32(e.Register)},
@@ -50,6 +50,6 @@ func (e *Rt) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Rt) unmarshal(data []byte) error {
+func (e *Rt) unmarshal(fam byte, data []byte) error {
 	return fmt.Errorf("not yet implemented")
 }
diff --git a/expr/target.go b/expr/target.go
index dab6424..c22d30c 100644
--- a/expr/target.go
+++ b/expr/target.go
@@ -19,7 +19,7 @@ type Target struct {
 	Info []byte
 }
 
-func (e *Target) marshal() ([]byte, error) {
+func (e *Target) marshal(fam byte) ([]byte, error) {
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/target.c?id=09456c720e9c00eecc08e41ac6b7c291b3821ee5#n38
 	name := e.Name
 	// limit the extension name as (some) user-space tools do and leave room for
@@ -44,7 +44,7 @@ func (e *Target) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Target) unmarshal(data []byte) error {
+func (e *Target) unmarshal(fam byte, data []byte) error {
 	// Per https://git.netfilter.org/libnftnl/tree/src/expr/target.c?id=09456c720e9c00eecc08e41ac6b7c291b3821ee5#n65
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
diff --git a/expr/target_test.go b/expr/target_test.go
index b757fc9..87783b4 100644
--- a/expr/target_test.go
+++ b/expr/target_test.go
@@ -28,7 +28,7 @@ func TestTarget(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ntgt := Target{}
-			data, err := tt.tgt.marshal()
+			data, err := tt.tgt.marshal(0 /* don't care in this test */)
 			if err != nil {
 				t.Fatalf("marshal error: %+v", err)
 
@@ -40,7 +40,7 @@ func TestTarget(t *testing.T) {
 			ad.ByteOrder = binary.BigEndian
 			for ad.Next() {
 				if ad.Type() == unix.NFTA_EXPR_DATA {
-					if err := ntgt.unmarshal(ad.Bytes()); err != nil {
+					if err := ntgt.unmarshal(0 /* don't care in this test */, ad.Bytes()); err != nil {
 						t.Errorf("unmarshal error: %+v", err)
 						break
 					}
diff --git a/expr/tproxy.go b/expr/tproxy.go
index 5b533a7..ea936f3 100644
--- a/expr/tproxy.go
+++ b/expr/tproxy.go
@@ -36,7 +36,7 @@ type TProxy struct {
 	RegPort     uint32
 }
 
-func (e *TProxy) marshal() ([]byte, error) {
+func (e *TProxy) marshal(fam byte) ([]byte, error) {
 	data, err := netlink.MarshalAttributes([]netlink.Attribute{
 		{Type: NFTA_TPROXY_FAMILY, Data: binaryutil.BigEndian.PutUint32(uint32(e.Family))},
 		{Type: NFTA_TPROXY_REG, Data: binaryutil.BigEndian.PutUint32(e.RegPort)},
@@ -50,7 +50,7 @@ func (e *TProxy) marshal() ([]byte, error) {
 	})
 }
 
-func (e *TProxy) unmarshal(data []byte) error {
+func (e *TProxy) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/expr/verdict.go b/expr/verdict.go
index b166a19..421fa06 100644
--- a/expr/verdict.go
+++ b/expr/verdict.go
@@ -53,7 +53,7 @@ const (
 	VerdictStop
 )
 
-func (e *Verdict) marshal() ([]byte, error) {
+func (e *Verdict) marshal(fam byte) ([]byte, error) {
 	// A verdict is a tree of netlink attributes structured as follows:
 	// NFTA_LIST_ELEM | NLA_F_NESTED {
 	//   NFTA_EXPR_NAME { "immediate\x00" }
@@ -96,7 +96,7 @@ func (e *Verdict) marshal() ([]byte, error) {
 	})
 }
 
-func (e *Verdict) unmarshal(data []byte) error {
+func (e *Verdict) unmarshal(fam byte, data []byte) error {
 	ad, err := netlink.NewAttributeDecoder(data)
 	if err != nil {
 		return err
diff --git a/rule.go b/rule.go
index 11013d7..09cbeee 100644
--- a/rule.go
+++ b/rule.go
@@ -92,7 +92,7 @@ func (cc *Conn) GetRules(t *Table, c *Chain) ([]*Rule, error) {
 	}
 	var rules []*Rule
 	for _, msg := range reply {
-		r, err := ruleFromMsg(msg)
+		r, err := ruleFromMsg(t.Family, msg)
 		if err != nil {
 			return nil, err
 		}
@@ -113,7 +113,7 @@ func (cc *Conn) newRule(r *Rule, op ruleOperation) *Rule {
 	for idx, expr := range r.Exprs {
 		exprAttrs[idx] = netlink.Attribute{
 			Type: unix.NLA_F_NESTED | unix.NFTA_LIST_ELEM,
-			Data: cc.marshalExpr(expr),
+			Data: cc.marshalExpr(byte(r.Table.Family), expr),
 		}
 	}
 
@@ -215,7 +215,7 @@ func (cc *Conn) DelRule(r *Rule) error {
 	return nil
 }
 
-func exprsFromMsg(b []byte) ([]expr.Any, error) {
+func exprsFromMsg(fam TableFamily, b []byte) ([]expr.Any, error) {
 	ad, err := netlink.NewAttributeDecoder(b)
 	if err != nil {
 		return nil, err
@@ -285,7 +285,7 @@ func exprsFromMsg(b []byte) ([]expr.Any, error) {
 					}
 
 					ad.Do(func(b []byte) error {
-						if err := expr.Unmarshal(b, e); err != nil {
+						if err := expr.Unmarshal(byte(fam), b, e); err != nil {
 							return err
 						}
 						// Verdict expressions are a special-case of immediate expressions, so
@@ -293,7 +293,7 @@ func exprsFromMsg(b []byte) ([]expr.Any, error) {
 						// register (invalid), re-parse it as a verdict expression.
 						if imm, isImmediate := e.(*expr.Immediate); isImmediate && imm.Register == unix.NFT_REG_VERDICT && len(imm.Data) == 0 {
 							e = &expr.Verdict{}
-							if err := expr.Unmarshal(b, e); err != nil {
+							if err := expr.Unmarshal(byte(fam), b, e); err != nil {
 								return err
 							}
 						}
@@ -308,7 +308,7 @@ func exprsFromMsg(b []byte) ([]expr.Any, error) {
 	return exprs, ad.Err()
 }
 
-func ruleFromMsg(msg netlink.Message) (*Rule, error) {
+func ruleFromMsg(fam TableFamily, msg netlink.Message) (*Rule, error) {
 	if got, want := msg.Header.Type, ruleHeaderType; got != want {
 		return nil, fmt.Errorf("unexpected header type: got %v, want %v", got, want)
 	}
@@ -321,12 +321,15 @@ func ruleFromMsg(msg netlink.Message) (*Rule, error) {
 	for ad.Next() {
 		switch ad.Type() {
 		case unix.NFTA_RULE_TABLE:
-			r.Table = &Table{Name: ad.String()}
+			r.Table = &Table{
+				Name:   ad.String(),
+				Family: fam,
+			}
 		case unix.NFTA_RULE_CHAIN:
 			r.Chain = &Chain{Name: ad.String()}
 		case unix.NFTA_RULE_EXPRESSIONS:
 			ad.Do(func(b []byte) error {
-				r.Exprs, err = exprsFromMsg(b)
+				r.Exprs, err = exprsFromMsg(fam, b)
 				return err
 			})
 		case unix.NFTA_RULE_POSITION: