path: root/iptables/nft-shared.h
diff options
authorGiuseppe Longo <>2014-02-10 16:49:33 +0100
committerPablo Neira Ayuso <>2014-02-11 13:57:23 +0100
commit8877968858a8dd6b7ae096988d57a7511c81733d (patch)
tree4bbab073014c98f080ed93f819502a84c79a4c83 /iptables/nft-shared.h
parent7851975e5055381d30f0788d90671485695928e1 (diff)
nft: adds save_matches_and_target
This patch permits to save matches and target for ip/ip6/arp/eb family, required for xtables-events. Also, generalizes nft_rule_print_save to be reused for all protocol families. Signed-off-by: Giuseppe Longo <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft-shared.h')
1 files changed, 5 insertions, 2 deletions
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 1d01ebad..145f19d1 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -49,8 +49,7 @@ struct nft_family_ops {
void (*parse_immediate)(const char *jumpto, bool nft_goto, void *data);
void (*print_firewall)(struct nft_rule *r, unsigned int num,
unsigned int format);
- uint8_t (*save_firewall)(const struct iptables_command_state *cs,
- unsigned int format);
+ void (*save_firewall)(const void *data, unsigned int format);
void (*proto_parse)(struct iptables_command_state *cs,
struct xtables_args *args);
void (*post_parse)(int command, struct iptables_command_state *cs,
@@ -118,6 +117,10 @@ void save_firewall_details(const struct iptables_command_state *cs,
const char *outiface,
unsigned const char *outiface_mask,
unsigned int format);
+void save_matches_and_target(struct xtables_rule_match *m,
+ struct xtables_target *target,
+ const char *jumpto,
+ uint8_t flags, const void *fw);
struct nft_family_ops *nft_family_ops_lookup(int family);