diff options
author | Phil Sutter <phil@nwl.cc> | 2018-08-06 17:21:57 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-08-06 18:17:39 +0200 |
commit | 63c3dae305cf27cabe5577da5599ddc26f4af36c (patch) | |
tree | 726900fb286b0a55f8356ab6e1ed2653dcf1c1eb /iptables/xtables-save.c | |
parent | aa7fb04fcf72cf50ba6c490ae1cae30181672004 (diff) |
xtables: Implement arptables-{save,restore}
This adds C implementations for arptables-save and -restore in compat
layer based on the two perl scripts in legacy arptables repository.
To share common code, introduce nft_init_arp() analogous to
nft_init_eb() introduced earlier.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/xtables-save.c')
-rw-r--r-- | iptables/xtables-save.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index c9df51d5..fc51fcfe 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -287,3 +287,42 @@ int xtables_eb_save_main(int argc_, char *argv_[]) nft_for_each_table(&h, __ebt_save, !!ctr); return 0; } + +int xtables_arp_save_main(int argc, char **argv) +{ + struct nft_handle h = { + .family = NFPROTO_ARP, + }; + int c; + + xtables_globals.program_name = "arptables-save"; + c = xtables_init_all(&xtables_globals, h.family); + if (c < 0) { + fprintf(stderr, "%s/%s Failed to initialize xtables\n", + xtables_globals.program_name, + xtables_globals.program_version); + exit(1); + } + + if (nft_init(&h, xtables_arp) < 0) { + fprintf(stderr, "%s/%s Failed to initialize nft: %s\n", + xtables_globals.program_name, + xtables_globals.program_version, + strerror(errno)); + exit(EXIT_FAILURE); + } + + if (!nft_table_find(&h, "filter")) + return 0; + + if (!nft_is_table_compatible(&h, "filter")) { + printf("# Table `filter' is incompatible, use 'nft' tool.\n"); + return 0; + } + + printf("*filter\n"); + nft_chain_save(&h, nft_chain_dump(&h), "filter"); + nft_rule_save(&h, "filter", FMT_NOCOUNTS); + printf("\n"); + return 0; +} |