Merge pull request #1 from fqrouter/master

set_payload has been implemented
2015-06-01 09:26:37 -07:00 · 2015-06-01 09:26:37 -07:00 · 53a55fd588
parent 093a129e42 6b8be8a5ec
commit 53a55fd588
5 changed files with 1800 additions and 855 deletions
--- a/CHANGES.txt
+++ b/CHANGES.txt
@ -1,3 +1,12 @@
+v0.6, 15 Apr 2013
+    Add get_mark.
+
+v0.5, 3 Apr 2013
+    Add repeat.
+
+v0.4, 24 Dec 2012
+    Add set_payload.
+
 v0.2, 13 May 2011
    Rename NetfilterQueue to QueueHandler.
    Add API section to README.rst.
--- a/netfilterqueue.c
+++ b/netfilterqueue.c
--- a/netfilterqueue.pxd
+++ b/netfilterqueue.pxd
@ -129,6 +129,7 @@ cdef extern from "libnetfilter_queue/libnetfilter_queue.h":
    int nfq_get_payload(nfq_data *nfad, char **data)
    int nfq_get_timestamp(nfq_data *nfad, timeval *tv)
    nfqnl_msg_packet_hw *nfq_get_packet_hw(nfq_data *nfad)
+    int nfq_get_nfmark (nfq_data *nfad)
    
 # Dummy defines from linux/socket.h:
 cdef enum: #  Protocol families, same as address families.
@ -156,12 +157,13 @@ cdef class Packet:
        # false otherwise
    cdef bint _mark_is_set # True if a mark has been given, false otherwise
    cdef u_int32_t _given_mark # Mark given to packet
-    cdef unsigned char *_given_payload # New payload of packet, or null
+    cdef bytes _given_payload # New payload of packet, or null
    
    # From NFQ packet header:
    cdef readonly u_int32_t id
    cdef readonly u_int16_t hw_protocol
    cdef readonly u_int8_t hook
+    cdef readonly u_int32_t mark
    
    # Packet details:
    cdef Py_ssize_t payload_len
@ -179,9 +181,12 @@ cdef class Packet:
    cdef void verdict(self, u_int8_t verdict)
    cpdef Py_ssize_t get_payload_len(self)
    cpdef double get_timestamp(self)
+    cpdef set_payload(self, bytes payload)
    cpdef set_mark(self, u_int32_t mark)
+    cpdef get_mark(self)
    cpdef accept(self)
    cpdef drop(self)
+    cpdef repeat(self)
    
 cdef class NetfilterQueue:
    cdef object user_callback # User callback
--- a/netfilterqueue.pyx
+++ b/netfilterqueue.pyx
@ -5,7 +5,7 @@ function.
 Copyright: (c) 2011, Kerkhoff Technologies Inc.
 License: MIT; see LICENSE.txt
 """
-VERSION = (0, 3, 0)
+VERSION = (0, 6, 0)

 # Constants for module users
 COPY_NONE = 1
@ -36,7 +36,7 @@ cdef class Packet:
    def __cinit__(self):
        self._verdict_is_set = False
        self._mark_is_set = False
-        self._given_payload = NULL
+        self._given_payload = None
    
    def __str__(self):
        cdef iphdr *hdr = <iphdr*>self.payload
@ -61,30 +61,33 @@ cdef class Packet:
            raise OSError("Failed to get payload of packet.")
        
        nfq_get_timestamp(self._nfa, &self.timestamp)
+        self.mark = nfq_get_nfmark(nfa)

    cdef void verdict(self, u_int8_t verdict):
        """Call appropriate set_verdict... function on packet."""
        if self._verdict_is_set:
            raise RuntimeWarning("Verdict already given for this packet.")
-        
+
+        cdef u_int32_t modified_payload_len = 0
+        cdef unsigned char *modified_payload = NULL        
+        if self._given_payload:
+            modified_payload_len = len(self._given_payload)
+            modified_payload = self._given_payload
        if self._mark_is_set:
-            nfq_set_verdict_mark( # TODO: make this use nfq_set_verdict2 if
-                                    # available on system
+            nfq_set_verdict_mark(
                self._qh,
                self.id,
                verdict,
                htonl(self._given_mark),
-                0, # TODO: adapt to use self._given_payload
-                NULL # TODO: adapt to use self._given_payload
-            )
+                modified_payload_len,
+                modified_payload)
        else:
            nfq_set_verdict(
                self._qh,
                self.id,
                verdict,
-                0, # TODO: adapt to use self._given_payload
-                NULL # TODO: adapt to use self._given_payload
-            )
+                modified_payload_len,
+                modified_payload)

        self._verdict_is_set = True
    
@ -100,14 +103,18 @@ cdef class Packet:
    cpdef double get_timestamp(self):
        return self.timestamp.tv_sec + (self.timestamp.tv_usec/1000000.0)
    
-    # TODO: implement this
-    #cpdef set_payload(self, unsigned char *payload):
-    #    """Set the new payload of this packet."""
-    #    self._given_payload = payload
+    cpdef set_payload(self, bytes payload):
+        """Set the new payload of this packet."""
+        self._given_payload = payload
        
    cpdef set_mark(self, u_int32_t mark):
        self._given_mark = mark
        self._mark_is_set = True
+
+    cpdef get_mark(self):
+        if self._mark_is_set:
+            return self._given_mark
+        return self.mark
    
    cpdef accept(self):
        """Accept the packet."""
@ -117,6 +124,10 @@ cdef class Packet:
        """Drop the packet."""
        self.verdict(NF_DROP)

+    cpdef repeat(self):
+        """Repeat the packet."""
+        self.verdict(NF_REPEAT)
+
 cdef class NetfilterQueue:
    """Handle a single numbered queue."""
    def __cinit__(self, *args, **kwargs):
--- a/setup.py
+++ b/setup.py
@ -1,6 +1,6 @@
 from distutils.core import setup, Extension

-VERSION = "0.3" # Remember to change README.rst when version changes.
+VERSION = "0.6" # Remember to change README.rst when version changes.

 try:
    # Use Cython