netlink: decode NETLINK_NETFILTER netlink message types

* netlink.c: Include "xlat/nf_acct_msg_types.h",
"xlat/nf_cthelper_msg_types.h", "xlat/nf_ctnetlink_exp_msg_types.h",
"xlat/nf_ctnetlink_msg_types.h", "xlat/nf_cttimeout_msg_types.h",
"xlat/nf_ipset_msg_types.h", "xlat/nf_nft_compat_msg_types.h",
"xlat/nf_nftables_msg_types.h", "xlat/nf_osf_msg_types.h",
"xlat/nf_queue_msg_types.h", and "xlat/nf_ulog_msg_types.h".
(nf_nlmsg_types): New array.
(decode_nlmsg_type_netfilter): Use it.
* NEWS: Mention this.
* xlat/nf_acct_msg_types.in: New file.
* xlat/nf_cthelper_msg_types.in: Likewise.
* xlat/nf_ctnetlink_exp_msg_types.in: Likewise.
* xlat/nf_ctnetlink_msg_types.in: Likewise.
* xlat/nf_cttimeout_msg_types.in: Likewise.
* xlat/nf_ipset_msg_types.in: Likewise.
* xlat/nf_nft_compat_msg_types.in: Likewise.
* xlat/nf_nftables_msg_types.in: Likewise.
* xlat/nf_osf_msg_types.in: Likewise.
* xlat/nf_queue_msg_types.in: Likewise.
* xlat/nf_ulog_msg_types.in: Likewise.
* tests/netlink_netfilter.c (test_nlmsg_type): Update expected output.

NEWS

@@ -2,6 +2,7 @@ Noteworthy changes in release ?.?? (????-??-??)
 ===============================================
 
 * Improvements
+  * Implemented decoding of NETLINK_NETFILTER netlink message types.
   * Updated lists of ARPHRD_*, BPF_*, ETH_P_*, LOOP_*, MADV_*,
     MEMBARRIER_CMD_*, MFD_*, SO_*, SOL_*, TCP_*, and UFFD_FEATURE_* constants.
   * Updated lists of ioctl commands from Linux 4.14.

netlink.c

@@ -39,6 +39,17 @@
 #include "xlat/netlink_new_flags.h"
 #include "xlat/netlink_protocols.h"
 #include "xlat/netlink_types.h"
+#include "xlat/nf_acct_msg_types.h"
+#include "xlat/nf_cthelper_msg_types.h"
+#include "xlat/nf_ctnetlink_exp_msg_types.h"
+#include "xlat/nf_ctnetlink_msg_types.h"
+#include "xlat/nf_cttimeout_msg_types.h"
+#include "xlat/nf_ipset_msg_types.h"
+#include "xlat/nf_nft_compat_msg_types.h"
+#include "xlat/nf_nftables_msg_types.h"
+#include "xlat/nf_osf_msg_types.h"
+#include "xlat/nf_queue_msg_types.h"
+#include "xlat/nf_ulog_msg_types.h"
 #include "xlat/nl_audit_types.h"
 #include "xlat/nl_crypto_types.h"
 #include "xlat/nl_netfilter_msg_types.h"
@@ -110,6 +121,38 @@ decode_nlmsg_type_generic(const struct xlat *const xlat,
 	printxval(genl_families_xlat(), type, dflt);
 }
 
+static const struct {
+	const struct xlat *const xlat;
+	const char *const dflt;
+} nf_nlmsg_types[] = {
+	[NFNL_SUBSYS_CTNETLINK] = {
+		nf_ctnetlink_msg_types,
+		"IPCTNL_MSG_CT_???"
+	},
+	[NFNL_SUBSYS_CTNETLINK_EXP] = {
+		nf_ctnetlink_exp_msg_types,
+		"IPCTNL_MSG_EXP_???"
+	},
+	[NFNL_SUBSYS_QUEUE] = { nf_queue_msg_types, "NFQNL_MSG_???" },
+	[NFNL_SUBSYS_ULOG] = { nf_ulog_msg_types, "NFULNL_MSG_???" },
+	[NFNL_SUBSYS_OSF] = { nf_osf_msg_types, "OSF_MSG_???" },
+	[NFNL_SUBSYS_IPSET] = { nf_ipset_msg_types, "IPSET_CMD_???" },
+	[NFNL_SUBSYS_ACCT] = { nf_acct_msg_types, "NFNL_MSG_ACCT_???" },
+	[NFNL_SUBSYS_CTNETLINK_TIMEOUT] = {
+		nf_cttimeout_msg_types,
+		"IPCTNL_MSG_TIMEOUT_???"
+	},
+	[NFNL_SUBSYS_CTHELPER] = {
+		nf_cthelper_msg_types,
+		"NFNL_MSG_CTHELPER_???"
+	},
+	[NFNL_SUBSYS_NFTABLES] = { nf_nftables_msg_types, "NFT_MSG_???" },
+	[NFNL_SUBSYS_NFT_COMPAT] = {
+		nf_nft_compat_msg_types,
+		"NFNL_MSG_COMPAT_???"
+	}
+};
+
 static void
 decode_nlmsg_type_netfilter(const struct xlat *const xlat,
 			    const uint16_t type,
@@ -131,11 +174,12 @@ decode_nlmsg_type_netfilter(const struct xlat *const xlat,
 
 	printxval(xlat, subsys_id, dflt);
 
-	/*
-	 * The type is subsystem specific,
-	 * print it in numeric format for now.
-	 */
-	tprintf("<<8|%#x", msg_type);
+	tprints("<<8|");
+	if (subsys_id < ARRAY_SIZE(nf_nlmsg_types))
+		printxval(nf_nlmsg_types[subsys_id].xlat,
+			  msg_type, nf_nlmsg_types[subsys_id].dflt);
+	else
+		tprintf("%#x", msg_type);
 }
 
 typedef void (*nlmsg_types_decoder_t)(const struct xlat *,

tests/netlink_netfilter.c

@@ -52,19 +52,19 @@ test_nlmsg_type(const int fd)
 	       ", flags=NLM_F_REQUEST, seq=0, pid=0}"
 	       ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
 	       fd, nlh.nlmsg_len, (unsigned) sizeof(nlh), sprintrc(rc));
-
-	nlh.nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8) | NFNL_MSG_BATCH_BEGIN;
-	rc = sendto(fd, &nlh, sizeof(nlh), MSG_DONTWAIT, NULL, 0);
-	printf("sendto(%d, {len=%u, type=NFNL_SUBSYS_CTNETLINK<<8|%#x"
-	       ", flags=NLM_F_REQUEST, seq=0, pid=0}"
-	       ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
-	       fd, nlh.nlmsg_len, NFNL_MSG_BATCH_BEGIN,
-	       (unsigned) sizeof(nlh), sprintrc(rc));
 # endif
 
-	nlh.nlmsg_type = (NFNL_SUBSYS_CTNETLINK << 8);
+	nlh.nlmsg_type = NFNL_SUBSYS_CTNETLINK << 8 | 0xff;
 	rc = sendto(fd, &nlh, sizeof(nlh), MSG_DONTWAIT, NULL, 0);
-	printf("sendto(%d, {len=%u, type=NFNL_SUBSYS_CTNETLINK<<8|0"
+	printf("sendto(%d, {len=%u"
+	       ", type=NFNL_SUBSYS_CTNETLINK<<8|0xff /* IPCTNL_MSG_CT_??? */"
+	       ", flags=NLM_F_REQUEST, seq=0, pid=0}"
+	       ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
+	       fd, nlh.nlmsg_len, (unsigned) sizeof(nlh), sprintrc(rc));
+
+	nlh.nlmsg_type = 0xffff;
+	rc = sendto(fd, &nlh, sizeof(nlh), MSG_DONTWAIT, NULL, 0);
+	printf("sendto(%d, {len=%u, type=0xff /* NFNL_SUBSYS_??? */<<8|0xff"
 	       ", flags=NLM_F_REQUEST, seq=0, pid=0}"
 	       ", %u, MSG_DONTWAIT, NULL, 0) = %s\n",
 	       fd, nlh.nlmsg_len, (unsigned) sizeof(nlh), sprintrc(rc));

xlat/nf_acct_msg_types.in

@@ -0,0 +1,5 @@
+NFNL_MSG_ACCT_NEW		0
+NFNL_MSG_ACCT_GET		1
+NFNL_MSG_ACCT_GET_CTRZERO	2
+NFNL_MSG_ACCT_DEL		3
+NFNL_MSG_ACCT_OVERQUOTA		4

xlat/nf_cthelper_msg_types.in

@@ -0,0 +1,3 @@
+NFNL_MSG_CTHELPER_NEW	0
+NFNL_MSG_CTHELPER_GET	1
+NFNL_MSG_CTHELPER_DEL	2

xlat/nf_ctnetlink_exp_msg_types.in

@@ -0,0 +1,4 @@
+IPCTNL_MSG_EXP_NEW		0
+IPCTNL_MSG_EXP_GET		1
+IPCTNL_MSG_EXP_DELETE		2
+IPCTNL_MSG_EXP_GET_STATS_CPU	3

xlat/nf_ctnetlink_msg_types.in

@@ -0,0 +1,8 @@
+IPCTNL_MSG_CT_NEW		0
+IPCTNL_MSG_CT_GET		1
+IPCTNL_MSG_CT_DELETE		2
+IPCTNL_MSG_CT_GET_CTRZERO	3
+IPCTNL_MSG_CT_GET_STATS_CPU	4
+IPCTNL_MSG_CT_GET_STATS		5
+IPCTNL_MSG_CT_GET_DYING		6
+IPCTNL_MSG_CT_GET_UNCONFIRMED	7

xlat/nf_cttimeout_msg_types.in

@@ -0,0 +1,5 @@
+IPCTNL_MSG_TIMEOUT_NEW		0
+IPCTNL_MSG_TIMEOUT_GET		1
+IPCTNL_MSG_TIMEOUT_DELETE	2
+IPCTNL_MSG_TIMEOUT_DEFAULT_SET	3
+IPCTNL_MSG_TIMEOUT_DEFAULT_GET	4

xlat/nf_ipset_msg_types.in

@@ -0,0 +1,21 @@
+IPSET_CMD_NONE		0
+IPSET_CMD_PROTOCOL	1
+IPSET_CMD_CREATE	2
+IPSET_CMD_DESTROY	3
+IPSET_CMD_FLUSH		4
+IPSET_CMD_RENAME	5
+IPSET_CMD_SWAP		6
+IPSET_CMD_LIST		7
+IPSET_CMD_SAVE		8
+IPSET_CMD_ADD		9
+IPSET_CMD_DEL		10
+IPSET_CMD_TEST		11
+IPSET_CMD_HEADER	12
+IPSET_CMD_TYPE		13
+
+IPSET_CMD_RESTORE	14
+IPSET_CMD_HELP		15
+IPSET_CMD_VERSION	16
+IPSET_CMD_QUIT		17
+
+IPSET_CMD_COMMIT	18

xlat/nf_nft_compat_msg_types.in

@@ -0,0 +1 @@
+NFNL_MSG_COMPAT_GET	0

xlat/nf_nftables_msg_types.in

@@ -0,0 +1,22 @@
+NFT_MSG_NEWTABLE	0
+NFT_MSG_GETTABLE	1
+NFT_MSG_DELTABLE	2
+NFT_MSG_NEWCHAIN	3
+NFT_MSG_GETCHAIN	4
+NFT_MSG_DELCHAIN	5
+NFT_MSG_NEWRULE		6
+NFT_MSG_GETRULE		7
+NFT_MSG_DELRULE		8
+NFT_MSG_NEWSET		9
+NFT_MSG_GETSET		10
+NFT_MSG_DELSET		11
+NFT_MSG_NEWSETELEM	12
+NFT_MSG_GETSETELEM	13
+NFT_MSG_DELSETELEM	14
+NFT_MSG_NEWGEN		15
+NFT_MSG_GETGEN		16
+NFT_MSG_TRACE		17
+NFT_MSG_NEWOBJ		18
+NFT_MSG_GETOBJ		19
+NFT_MSG_DELOBJ		20
+NFT_MSG_GETOBJ_RESET	21

xlat/nf_osf_msg_types.in

@@ -0,0 +1,2 @@
+OSF_MSG_ADD	0
+OSF_MSG_REMOVE	1

xlat/nf_queue_msg_types.in

@@ -0,0 +1,4 @@
+NFQNL_MSG_PACKET	0
+NFQNL_MSG_VERDICT	1
+NFQNL_MSG_CONFIG	2
+NFQNL_MSG_VERDICT_BATCH	3

xlat/nf_ulog_msg_types.in

@@ -0,0 +1,2 @@
+NFULNL_MSG_PACKET	0
+NFULNL_MSG_CONFIG	1