interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Compare commits

base: interesting:0420ffbf578f058d422a8ebde0a00941da436476
Branches Tags
interesting:main
interesting:v0.3.0
interesting:v0.2.0
interesting:v0.1.0
...
compare: interesting:385f80f4ef5b5aa1e6d369d1574d754497f13a7a
Branches Tags
interesting:main
interesting:v0.3.0
interesting:v0.2.0
interesting:v0.1.0

2 Commits
0420ffbf57 ... 385f80f4ef

Author SHA1 Message Date
Jan Schär 385f80f4ef Use const instead of var where possible 2025-02-26 15:11:55 +01:00
Jan Schär 594585af33 Initialize registers in test 
Recent kernels disallow reads from uninitialized registers, which breaks
this test.

See 14fb07130c
 2025-02-26 15:11:55 +01:00
6 changed files with 20 additions and 9 deletions
Show Stats Expand all files Collapse all files

3
gen.go
View File

@ -3,6 +3,7 @@ package nftables
import ( import (
"encoding/binary" "encoding/binary"
"fmt" "fmt"
"github.com/mdlayher/netlink" "github.com/mdlayher/netlink"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
@ -13,7 +14,7 @@ type GenMsg struct {
ProcComm string // [16]byte - max 16bytes - kernel TASK_COMM_LEN ProcComm string // [16]byte - max 16bytes - kernel TASK_COMM_LEN
} }
var genHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWGEN) const genHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWGEN)
func genFromMsg(msg netlink.Message) (*GenMsg, error) { func genFromMsg(msg netlink.Message) (*GenMsg, error) {
if got, want := msg.Header.Type, genHeaderType; got != want { if got, want := msg.Header.Type, genHeaderType; got != want {

14
nftables_test.go
View File

@ -622,6 +622,14 @@ func TestMasqMarshalUnmarshal(t *testing.T) {
Table: filter, Table: filter,
Chain: postrouting, Chain: postrouting,
Exprs: []expr.Any{ Exprs: []expr.Any{
&expr.Immediate{
Register: min,
Data: binaryutil.BigEndian.PutUint16(4070),
},
&expr.Immediate{
Register: max,
Data: binaryutil.BigEndian.PutUint16(4090),
},
&expr.Masq{ &expr.Masq{
ToPorts: true, ToPorts: true,
RegProtoMin: min, RegProtoMin: min,
@ -652,13 +660,13 @@ func TestMasqMarshalUnmarshal(t *testing.T) {
} }
rule := rules[0] rule := rules[0]
if got, want := len(rule.Exprs), 1; got != want { if got, want := len(rule.Exprs), 3; got != want {
t.Fatalf("unexpected number of exprs: got %d, want %d", got, want) t.Fatalf("unexpected number of exprs: got %d, want %d", got, want)
} }
me, ok := rule.Exprs[0].(*expr.Masq) me, ok := rule.Exprs[2].(*expr.Masq)
if !ok { if !ok {
t.Fatalf("unexpected expression type: got %T, want *expr.Masq", rule.Exprs[0]) t.Fatalf("unexpected expression type: got %T, want *expr.Masq", rule.Exprs[2])
} }
if got, want := me.ToPorts, true; got != want { if got, want := me.ToPorts, true; got != want {

2
obj.go
View File

@ -25,7 +25,7 @@ import (
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
var ( const (
newObjHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWOBJ) newObjHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWOBJ)
delObjHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELOBJ) delObjHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELOBJ)
) )

2
rule.go
View File

@ -25,7 +25,7 @@ import (
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
var ( const (
newRuleHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWRULE) newRuleHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWRULE)
delRuleHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELRULE) delRuleHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELRULE)
) )

6
set.go
View File

@ -166,7 +166,9 @@ var (
TypeTimeDay, TypeTimeDay,
TypeCGroupV2, TypeCGroupV2,
} }
)
const (
// ctLabelBitSize is defined in https://git.netfilter.org/nftables/tree/src/ct.c. // ctLabelBitSize is defined in https://git.netfilter.org/nftables/tree/src/ct.c.
ctLabelBitSize uint32 = 128 ctLabelBitSize uint32 = 128
@ -737,7 +739,7 @@ func (cc *Conn) FlushSet(s *Set) {
}) })
} }
var ( const (
newSetHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWSET) newSetHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWSET)
delSetHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELSET) delSetHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELSET)
) )
@ -837,7 +839,7 @@ func parseSetDatatype(magic uint32) (SetDatatype, error) {
return dt, nil return dt, nil
} }
var ( const (
newElemHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWSETELEM) newElemHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWSETELEM)
delElemHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELSETELEM) delElemHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELSETELEM)
) )

2
table.go
View File

@ -21,7 +21,7 @@ import (
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
var ( const (
newTableHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWTABLE) newTableHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWTABLE)
delTableHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELTABLE) delTableHeaderType = netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_DELTABLE)
) )