-
Notifications
You must be signed in to change notification settings - Fork 170
Expand file tree
/
Copy pathgen.go
More file actions
88 lines (76 loc) · 2.05 KB
/
gen.go
File metadata and controls
88 lines (76 loc) · 2.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package nftables
import (
"encoding/binary"
"fmt"
"github.com/mdlayher/netlink"
"golang.org/x/sys/unix"
)
type Gen struct {
ID uint32
ProcPID uint32
ProcComm string // [16]byte - max 16bytes - kernel TASK_COMM_LEN
}
// Deprecated: GenMsg is an inconsistent old name for Gen. Prefer using Gen.
type GenMsg = Gen
var genHeaderType = nftMsgNewGen.HeaderType()
func genFromMsg(msg netlink.Message) (*Gen, error) {
if got, want := msg.Header.Type, genHeaderType; got != want {
return nil, fmt.Errorf("unexpected header type: got %v, want %v", got, want)
}
ad, err := netlink.NewAttributeDecoder(msg.Data[4:])
if err != nil {
return nil, err
}
ad.ByteOrder = binary.BigEndian
msgOut := &Gen{}
for ad.Next() {
switch ad.Type() {
case unix.NFTA_GEN_ID:
msgOut.ID = ad.Uint32()
case unix.NFTA_GEN_PROC_PID:
msgOut.ProcPID = ad.Uint32()
case unix.NFTA_GEN_PROC_NAME:
msgOut.ProcComm = ad.String()
default:
return nil, fmt.Errorf("unknown attribute: %d, %v", ad.Type(), ad.Bytes())
}
}
if err := ad.Err(); err != nil {
return nil, err
}
return msgOut, nil
}
// GetGen retrieves the current nftables generation ID together with the name
// and ID of the process that last modified the ruleset.
// https://docs.kernel.org/networking/netlink_spec/nftables.html#getgen
func (cc *Conn) GetGen() (*Gen, error) {
conn, closer, err := cc.netlinkConn()
if err != nil {
return nil, err
}
defer func() { _ = closer() }()
data, err := netlink.MarshalAttributes([]netlink.Attribute{
{Type: unix.NFTA_GEN_ID},
})
if err != nil {
return nil, err
}
message := netlink.Message{
Header: netlink.Header{
Type: nftMsgGetGen.HeaderType(),
Flags: netlink.Request,
},
Data: append(extraHeader(0, 0), data...),
}
if _, err := conn.SendMessages([]netlink.Message{message}); err != nil {
return nil, fmt.Errorf("SendMessages: %v", err)
}
reply, err := cc.receive(conn)
if err != nil {
return nil, fmt.Errorf("receive: %v", err)
}
if len(reply) == 0 {
return nil, fmt.Errorf("receive: no reply")
}
return genFromMsg(reply[0])
}