Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add: netlink socket options #277

Merged
merged 2 commits into from
Sep 23, 2024
Merged

Add: netlink socket options #277

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c03509f
Add: netlink socket options
Ignatella Sep 13, 2024
ec6e32d
Update: code refactoring
Ignatella Sep 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 36 additions & 7 deletions conn.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,16 +37,20 @@ type Conn struct {
TestDial nltest.Func // for testing only; passed to nltest.Dial
NetNS int // fd referencing the network namespace netlink will interact with.

lasting bool // establish a lasting connection to be used across multiple netlink operations.
mu sync.Mutex // protects the following state
messages []netlink.Message
err error
nlconn *netlink.Conn // netlink socket using NETLINK_NETFILTER protocol.
lasting bool // establish a lasting connection to be used across multiple netlink operations.
mu sync.Mutex // protects the following state
messages []netlink.Message
err error
nlconn *netlink.Conn // netlink socket using NETLINK_NETFILTER protocol.
sockOptions []SockOption
}

// ConnOption is an option to change the behavior of the nftables Conn returned by Open.
type ConnOption func(*Conn)

// SockOption is an option to change the behavior of the netlink socket used by the nftables Conn.
type SockOption func(*netlink.Conn) error

// New returns a netlink connection for querying and modifying nftables. Some
// aspects of the new netlink connection can be configured using the options
// WithNetNSFd, WithTestDial, and AsLasting.
Expand Down Expand Up @@ -101,6 +105,14 @@ func WithTestDial(f nltest.Func) ConnOption {
}
}

// WithSockOptions sets the specified socket options when creating a new netlink
// connection.
func WithSockOptions(opts ...SockOption) ConnOption {
return func(cc *Conn) {
cc.sockOptions = append(cc.sockOptions, opts...)
}
}

// netlinkCloser is returned by netlinkConn(UnderLock) and must be called after
// being done with the returned netlink connection in order to properly close
// this connection, if necessary.
Expand Down Expand Up @@ -284,11 +296,28 @@ func (cc *Conn) FlushRuleset() {
}

func (cc *Conn) dialNetlink() (*netlink.Conn, error) {
var (
conn *netlink.Conn
err error
)

if cc.TestDial != nil {
return nltest.Dial(cc.TestDial), nil
conn = nltest.Dial(cc.TestDial)
} else {
conn, err = netlink.Dial(unix.NETLINK_NETFILTER, &netlink.Config{NetNS: cc.NetNS})
}

if err != nil {
return nil, err
}

for _, opt := range cc.sockOptions {
if err := opt(conn); err != nil {
return nil, err
}
}

return netlink.Dial(unix.NETLINK_NETFILTER, &netlink.Config{NetNS: cc.NetNS})
return conn, nil
}

func (cc *Conn) setErr(err error) {
Expand Down
Loading