Skip to content

Commit

Permalink
feat: add missing netfilter consts
Browse files Browse the repository at this point in the history
(backport <#3734>)
(cherry picked from commit 7000471)
  • Loading branch information
my4ng authored and tgross35 committed Nov 17, 2024
1 parent 4ad77c9 commit e582397
Show file tree
Hide file tree
Showing 5 changed files with 123 additions and 7 deletions.
14 changes: 12 additions & 2 deletions libc-test/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1789,6 +1789,8 @@ fn test_android(target: &str) {
"linux/netfilter/nfnetlink_log.h",
"linux/netfilter/nfnetlink_queue.h",
"linux/netfilter/nf_tables.h",
"linux/netfilter_arp.h",
"linux/netfilter_bridge.h",
"linux/netfilter_ipv4.h",
"linux/netfilter_ipv6.h",
"linux/netfilter_ipv6/ip6_tables.h",
Expand Down Expand Up @@ -3592,6 +3594,8 @@ fn test_linux(target: &str) {
"linux/netfilter/nfnetlink_log.h",
"linux/netfilter/nfnetlink_queue.h",
"linux/netfilter/nf_tables.h",
"linux/netfilter_arp.h",
"linux/netfilter_bridge.h",
"linux/netfilter_ipv4.h",
"linux/netfilter_ipv6.h",
"linux/netfilter_ipv6/ip6_tables.h",
Expand Down Expand Up @@ -4113,9 +4117,15 @@ fn test_linux(target: &str) {
| "MINSIGSTKSZ"
if gnu => true,

// FIXME: Linux >= 5.16 changed its value:
// FIXME: Linux >= 5.10:
// https://github.com/torvalds/linux/commit/d25e2e9388eda61b6e298585024ee3355f50c493
"NF_INET_INGRESS" if musl => true,

// FIXME: Linux >= 5.16:
// https://github.com/torvalds/linux/commit/42df6e1d221dddc0f2acf2be37e68d553ad65f96
"NF_NETDEV_NUMHOOKS" => true,
"NF_NETDEV_EGRESS" if musl || sparc64 => true,
// value changed
"NF_NETDEV_NUMHOOKS" if musl || sparc64 => true,

// FIXME: requires Linux >= 5.6:
| "RESOLVE_BENEATH"
Expand Down
24 changes: 24 additions & 0 deletions libc-test/semver/android.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1689,8 +1689,29 @@ NFULNL_COPY_PACKET
NFULNL_MSG_CONFIG
NFULNL_MSG_PACKET
NF_ACCEPT
NF_ARP
NF_ARP_FORWARD
NF_ARP_IN
NF_ARP_NUMHOOKS
NF_ARP_OUT
NF_BR_BROUTING
NF_BR_FORWARD
NF_BR_LOCAL_IN
NF_BR_LOCAL_OUT
NF_BR_NUMHOOKS
NF_BR_POST_ROUTING
NF_BR_PRE_ROUTING
NF_BR_PRI_BRNF
NF_BR_PRI_FILTER_BRIDGED
NF_BR_PRI_FILTER_OTHER
NF_BR_PRI_FIRST
NF_BR_PRI_LAST
NF_BR_PRI_NAT_DST_BRIDGED
NF_BR_PRI_NAT_DST_OTHER
NF_BR_PRI_NAT_SRC
NF_DROP
NF_INET_FORWARD
NF_INET_INGRESS
NF_INET_LOCAL_IN
NF_INET_LOCAL_OUT
NF_INET_NUMHOOKS
Expand All @@ -1712,6 +1733,7 @@ NF_IP6_PRI_MANGLE
NF_IP6_PRI_NAT_DST
NF_IP6_PRI_NAT_SRC
NF_IP6_PRI_RAW
NF_IP6_PRI_RAW_BEFORE_DEFRAG
NF_IP6_PRI_SECURITY
NF_IP6_PRI_SELINUX_FIRST
NF_IP6_PRI_SELINUX_LAST
Expand All @@ -1732,10 +1754,12 @@ NF_IP_PRI_MANGLE
NF_IP_PRI_NAT_DST
NF_IP_PRI_NAT_SRC
NF_IP_PRI_RAW
NF_IP_PRI_RAW_BEFORE_DEFRAG
NF_IP_PRI_SECURITY
NF_IP_PRI_SELINUX_FIRST
NF_IP_PRI_SELINUX_LAST
NF_MAX_VERDICT
NF_NETDEV_EGRESS
NF_NETDEV_INGRESS
NF_NETDEV_NUMHOOKS
NF_QUEUE
Expand Down
24 changes: 24 additions & 0 deletions libc-test/semver/linux.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1852,8 +1852,29 @@ NFULNL_COPY_PACKET
NFULNL_MSG_CONFIG
NFULNL_MSG_PACKET
NF_ACCEPT
NF_ARP
NF_ARP_FORWARD
NF_ARP_IN
NF_ARP_NUMHOOKS
NF_ARP_OUT
NF_BR_BROUTING
NF_BR_FORWARD
NF_BR_LOCAL_IN
NF_BR_LOCAL_OUT
NF_BR_NUMHOOKS
NF_BR_POST_ROUTING
NF_BR_PRE_ROUTING
NF_BR_PRI_BRNF
NF_BR_PRI_FILTER_BRIDGED
NF_BR_PRI_FILTER_OTHER
NF_BR_PRI_FIRST
NF_BR_PRI_LAST
NF_BR_PRI_NAT_DST_BRIDGED
NF_BR_PRI_NAT_DST_OTHER
NF_BR_PRI_NAT_SRC
NF_DROP
NF_INET_FORWARD
NF_INET_INGRESS
NF_INET_LOCAL_IN
NF_INET_LOCAL_OUT
NF_INET_NUMHOOKS
Expand All @@ -1875,6 +1896,7 @@ NF_IP6_PRI_MANGLE
NF_IP6_PRI_NAT_DST
NF_IP6_PRI_NAT_SRC
NF_IP6_PRI_RAW
NF_IP6_PRI_RAW_BEFORE_DEFRAG
NF_IP6_PRI_SECURITY
NF_IP6_PRI_SELINUX_FIRST
NF_IP6_PRI_SELINUX_LAST
Expand All @@ -1895,10 +1917,12 @@ NF_IP_PRI_MANGLE
NF_IP_PRI_NAT_DST
NF_IP_PRI_NAT_SRC
NF_IP_PRI_RAW
NF_IP_PRI_RAW_BEFORE_DEFRAG
NF_IP_PRI_SECURITY
NF_IP_PRI_SELINUX_FIRST
NF_IP_PRI_SELINUX_LAST
NF_MAX_VERDICT
NF_NETDEV_EGRESS
NF_QUEUE
NF_REPEAT
NF_STOLEN
Expand Down
31 changes: 30 additions & 1 deletion src/unix/linux_like/android/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2349,9 +2349,11 @@ pub const NF_INET_FORWARD: ::c_int = 2;
pub const NF_INET_LOCAL_OUT: ::c_int = 3;
pub const NF_INET_POST_ROUTING: ::c_int = 4;
pub const NF_INET_NUMHOOKS: ::c_int = 5;
pub const NF_INET_INGRESS: ::c_int = NF_INET_NUMHOOKS;

pub const NF_NETDEV_INGRESS: ::c_int = 0;
pub const NF_NETDEV_NUMHOOKS: ::c_int = 1;
pub const NF_NETDEV_EGRESS: ::c_int = 1;
pub const NF_NETDEV_NUMHOOKS: ::c_int = 2;

pub const NFPROTO_UNSPEC: ::c_int = 0;
pub const NFPROTO_INET: ::c_int = 1;
Expand All @@ -2363,6 +2365,31 @@ pub const NFPROTO_IPV6: ::c_int = 10;
pub const NFPROTO_DECNET: ::c_int = 12;
pub const NFPROTO_NUMPROTO: ::c_int = 13;

// linux/netfilter_arp.h
pub const NF_ARP: ::c_int = 0;
pub const NF_ARP_IN: ::c_int = 0;
pub const NF_ARP_OUT: ::c_int = 1;
pub const NF_ARP_FORWARD: ::c_int = 2;
pub const NF_ARP_NUMHOOKS: ::c_int = 3;

// linux/netfilter_bridge.h
pub const NF_BR_PRE_ROUTING: ::c_int = 0;
pub const NF_BR_LOCAL_IN: ::c_int = 1;
pub const NF_BR_FORWARD: ::c_int = 2;
pub const NF_BR_LOCAL_OUT: ::c_int = 3;
pub const NF_BR_POST_ROUTING: ::c_int = 4;
pub const NF_BR_BROUTING: ::c_int = 5;
pub const NF_BR_NUMHOOKS: ::c_int = 6;

pub const NF_BR_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_BR_PRI_NAT_DST_BRIDGED: ::c_int = -300;
pub const NF_BR_PRI_FILTER_BRIDGED: ::c_int = -200;
pub const NF_BR_PRI_BRNF: ::c_int = 0;
pub const NF_BR_PRI_NAT_DST_OTHER: ::c_int = 100;
pub const NF_BR_PRI_FILTER_OTHER: ::c_int = 200;
pub const NF_BR_PRI_NAT_SRC: ::c_int = 300;
pub const NF_BR_PRI_LAST: ::c_int = ::INT_MAX;

// linux/netfilter_ipv4.h
pub const NF_IP_PRE_ROUTING: ::c_int = 0;
pub const NF_IP_LOCAL_IN: ::c_int = 1;
Expand All @@ -2372,6 +2399,7 @@ pub const NF_IP_POST_ROUTING: ::c_int = 4;
pub const NF_IP_NUMHOOKS: ::c_int = 5;

pub const NF_IP_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_IP_PRI_RAW_BEFORE_DEFRAG: ::c_int = -450;
pub const NF_IP_PRI_CONNTRACK_DEFRAG: ::c_int = -400;
pub const NF_IP_PRI_RAW: ::c_int = -300;
pub const NF_IP_PRI_SELINUX_FIRST: ::c_int = -225;
Expand All @@ -2395,6 +2423,7 @@ pub const NF_IP6_POST_ROUTING: ::c_int = 4;
pub const NF_IP6_NUMHOOKS: ::c_int = 5;

pub const NF_IP6_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_IP6_PRI_RAW_BEFORE_DEFRAG: ::c_int = -450;
pub const NF_IP6_PRI_CONNTRACK_DEFRAG: ::c_int = -400;
pub const NF_IP6_PRI_RAW: ::c_int = -300;
pub const NF_IP6_PRI_SELINUX_FIRST: ::c_int = -225;
Expand Down
37 changes: 33 additions & 4 deletions src/unix/linux_like/linux/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3336,20 +3336,47 @@ pub const NF_INET_FORWARD: ::c_int = 2;
pub const NF_INET_LOCAL_OUT: ::c_int = 3;
pub const NF_INET_POST_ROUTING: ::c_int = 4;
pub const NF_INET_NUMHOOKS: ::c_int = 5;
pub const NF_INET_INGRESS: ::c_int = NF_INET_NUMHOOKS;

pub const NF_NETDEV_INGRESS: ::c_int = 0;
pub const NF_NETDEV_EGRESS: ::c_int = 1;
pub const NF_NETDEV_NUMHOOKS: ::c_int = 2;

// Some NFPROTO are not compatible with musl and are defined in submodules.
pub const NFPROTO_UNSPEC: ::c_int = 0;
pub const NFPROTO_INET: ::c_int = 1;
pub const NFPROTO_IPV4: ::c_int = 2;
pub const NFPROTO_ARP: ::c_int = 3;
pub const NFPROTO_NETDEV: ::c_int = 5;
pub const NFPROTO_BRIDGE: ::c_int = 7;
pub const NFPROTO_IPV6: ::c_int = 10;
pub const NFPROTO_DECNET: ::c_int = 12;
pub const NFPROTO_NUMPROTO: ::c_int = 13;
pub const NFPROTO_INET: ::c_int = 1;
pub const NFPROTO_NETDEV: ::c_int = 5;

pub const NF_NETDEV_INGRESS: ::c_int = 0;
pub const NF_NETDEV_NUMHOOKS: ::c_int = 1;
// linux/netfilter_arp.h
pub const NF_ARP: ::c_int = 0;
pub const NF_ARP_IN: ::c_int = 0;
pub const NF_ARP_OUT: ::c_int = 1;
pub const NF_ARP_FORWARD: ::c_int = 2;
pub const NF_ARP_NUMHOOKS: ::c_int = 3;

// linux/netfilter_bridge.h
pub const NF_BR_PRE_ROUTING: ::c_int = 0;
pub const NF_BR_LOCAL_IN: ::c_int = 1;
pub const NF_BR_FORWARD: ::c_int = 2;
pub const NF_BR_LOCAL_OUT: ::c_int = 3;
pub const NF_BR_POST_ROUTING: ::c_int = 4;
pub const NF_BR_BROUTING: ::c_int = 5;
pub const NF_BR_NUMHOOKS: ::c_int = 6;

pub const NF_BR_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_BR_PRI_NAT_DST_BRIDGED: ::c_int = -300;
pub const NF_BR_PRI_FILTER_BRIDGED: ::c_int = -200;
pub const NF_BR_PRI_BRNF: ::c_int = 0;
pub const NF_BR_PRI_NAT_DST_OTHER: ::c_int = 100;
pub const NF_BR_PRI_FILTER_OTHER: ::c_int = 200;
pub const NF_BR_PRI_NAT_SRC: ::c_int = 300;
pub const NF_BR_PRI_LAST: ::c_int = ::INT_MAX;

// linux/netfilter_ipv4.h
pub const NF_IP_PRE_ROUTING: ::c_int = 0;
Expand All @@ -3360,6 +3387,7 @@ pub const NF_IP_POST_ROUTING: ::c_int = 4;
pub const NF_IP_NUMHOOKS: ::c_int = 5;

pub const NF_IP_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_IP_PRI_RAW_BEFORE_DEFRAG: ::c_int = -450;
pub const NF_IP_PRI_CONNTRACK_DEFRAG: ::c_int = -400;
pub const NF_IP_PRI_RAW: ::c_int = -300;
pub const NF_IP_PRI_SELINUX_FIRST: ::c_int = -225;
Expand All @@ -3383,6 +3411,7 @@ pub const NF_IP6_POST_ROUTING: ::c_int = 4;
pub const NF_IP6_NUMHOOKS: ::c_int = 5;

pub const NF_IP6_PRI_FIRST: ::c_int = ::INT_MIN;
pub const NF_IP6_PRI_RAW_BEFORE_DEFRAG: ::c_int = -450;
pub const NF_IP6_PRI_CONNTRACK_DEFRAG: ::c_int = -400;
pub const NF_IP6_PRI_RAW: ::c_int = -300;
pub const NF_IP6_PRI_SELINUX_FIRST: ::c_int = -225;
Expand Down

0 comments on commit e582397

Please sign in to comment.