netlink: add decoding of NETLINK_NETFILTER message types

* xlat/nl_netfilter_msg_types.in: New file.
* xlat/nl_netfilter_subsys_ids.in: Likewise.
* netlink.c: Include "xlat/nl_netfilter_msg_types.h"
and "xlat/nl_netfilter_subsys_ids.h".
(nlmsg_types): Add NETLINK_NETFILTER.
(decode_nlmsg_type): Handle NETLINK_NETFILTER.

Co-authored-by: Fabien Siron <fabien.siron@epita.fr>

diff --git a/netlink.c b/netlink.c
index 033e82ed9b85a0d548137e73881dfd2b13aee063..f9ff4651a9e70d54718beedca69e6d20856c741f 100644 (file)
--- a/netlink.c
+++ b/netlink.c
@@ -37,6 +37,8 @@
 #include "xlat/netlink_protocols.h"
 #include "xlat/netlink_types.h"
 #include "xlat/nl_audit_types.h"
+#include "xlat/nl_netfilter_msg_types.h"
+#include "xlat/nl_netfilter_subsys_ids.h"
 #include "xlat/nl_route_types.h"
 #include "xlat/nl_selinux_types.h"
 #include "xlat/nl_sock_diag_types.h"
@@ -101,6 +103,7 @@ static const struct {
        const char *const dflt;
 } nlmsg_types[] = {
        [NETLINK_AUDIT] = { nl_audit_types, "AUDIT_???" },
+       [NETLINK_NETFILTER] = { nl_netfilter_subsys_ids, "NFNL_SUBSYS_???" },
        [NETLINK_ROUTE] = { nl_route_types, "RTM_???" },
        [NETLINK_SELINUX] = { nl_selinux_types, "SELNL_MSG_???" },
        [NETLINK_SOCK_DIAG] = { nl_sock_diag_types, "SOCK_DIAG_???" },
@@ -116,7 +119,34 @@ decode_nlmsg_type(const uint16_t type, const unsigned int family)
 {
        if (family < ARRAY_SIZE(nlmsg_types)
            && nlmsg_types[family].xlat) {
-               printxval(nlmsg_types[family].xlat, type, nlmsg_types[family].dflt);
+               if (family == NETLINK_NETFILTER) {
+                       /* Reserved control nfnetlink messages first. */
+                       const char *text = xlookup(nl_netfilter_msg_types,
+                                                  type);
+                       if (text) {
+                               tprints(text);
+                               return;
+                       }
+
+                       /*
+                        * Other netfilter message types are split
+                        * in two pieces: 8 bits subsystem and 8 bits type.
+                        */
+                       const uint8_t subsys_id = (uint8_t) (type >> 8);
+                       const uint8_t msg_type = (uint8_t) type;
+
+                       printxval(nlmsg_types[family].xlat, subsys_id,
+                                 nlmsg_types[family].dflt);
+
+                       /*
+                        * The type is subsystem specific,
+                        * print it in numeric format for now.
+                        */
+                       tprintf("<<8|%#x", msg_type);
+               } else {
+                       printxval(nlmsg_types[family].xlat, type,
+                                 nlmsg_types[family].dflt);
+               }
        } else {
                printxval(netlink_types, type, "NLMSG_???");
        }

diff --git a/xlat/nl_netfilter_msg_types.in b/xlat/nl_netfilter_msg_types.in
new file mode 100644 (file)
index 0000000..dd13207
--- /dev/null
+++ b/xlat/nl_netfilter_msg_types.in
@@ -0,0 +1,2 @@
+NFNL_MSG_BATCH_BEGIN   0x10
+NFNL_MSG_BATCH_END     0x11

diff --git a/xlat/nl_netfilter_subsys_ids.in b/xlat/nl_netfilter_subsys_ids.in
new file mode 100644 (file)
index 0000000..50d757e
--- /dev/null
+++ b/xlat/nl_netfilter_subsys_ids.in
@@ -0,0 +1,13 @@
+NFNL_SUBSYS_NONE               0
+NFNL_SUBSYS_CTNETLINK          1
+NFNL_SUBSYS_CTNETLINK_EXP      2
+NFNL_SUBSYS_QUEUE              3
+NFNL_SUBSYS_ULOG               4
+NFNL_SUBSYS_OSF                        5
+NFNL_SUBSYS_IPSET              6
+NFNL_SUBSYS_ACCT               7
+NFNL_SUBSYS_CTNETLINK_TIMEOUT  8
+NFNL_SUBSYS_CTHELPER           9
+NFNL_SUBSYS_NFTABLES           10
+NFNL_SUBSYS_NFT_COMPAT         11
+NFNL_SUBSYS_COUNT              12