summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2015-09-01 19:34:18 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2015-09-07 19:24:33 +0200
commit96807c4c05e1e76b8bbf00d874a28a279e7d2840 (patch)
treefc74bc7a9bdc6c3e16524449812bc6cc7f51c5eb
parent760768890e60617acfd144dce875a4a3be14513c (diff)
src: add compat header file definitions
This patch restores the original nft_* definitions from the header files to avoid sudden compilation breakage of the existing clients of this library. Then, moving forward the idea is to deprecate the old nft_* symbols anytime soon using __attribute__((deprecated)) from the header files to warn our users that they need to update their code. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--include/libnftnl/batch.h16
-rw-r--r--include/libnftnl/chain.h77
-rw-r--r--include/libnftnl/common.h53
-rw-r--r--include/libnftnl/expr.h168
-rw-r--r--include/libnftnl/gen.h36
-rw-r--r--include/libnftnl/rule.h83
-rw-r--r--include/libnftnl/ruleset.h61
-rw-r--r--include/libnftnl/set.h136
-rw-r--r--include/libnftnl/table.h65
-rw-r--r--include/utils.h2
10 files changed, 696 insertions, 1 deletions
diff --git a/include/libnftnl/batch.h b/include/libnftnl/batch.h
index ea1ea66..bd18733 100644
--- a/include/libnftnl/batch.h
+++ b/include/libnftnl/batch.h
@@ -15,4 +15,20 @@ uint32_t nftnl_batch_buffer_len(struct nftnl_batch *batch);
int nftnl_batch_iovec_len(struct nftnl_batch *batch);
void nftnl_batch_iovec(struct nftnl_batch *batch, struct iovec *iov, uint32_t iovlen);
+/*
+ * Compat
+ */
+
+struct nft_batch;
+
+struct nft_batch *nft_batch_alloc(uint32_t pg_size, uint32_t pg_overrun_size);
+int nft_batch_update(struct nft_batch *batch);
+void nft_batch_free(struct nft_batch *batch);
+
+void *nft_batch_buffer(struct nft_batch *batch);
+uint32_t nft_batch_buffer_len(struct nft_batch *batch);
+
+int nft_batch_iovec_len(struct nft_batch *batch);
+void nft_batch_iovec(struct nft_batch *batch, struct iovec *iov, uint32_t iovlen);
+
#endif
diff --git a/include/libnftnl/chain.h b/include/libnftnl/chain.h
index 1f426f7..d952ce9 100644
--- a/include/libnftnl/chain.h
+++ b/include/libnftnl/chain.h
@@ -85,6 +85,83 @@ struct nftnl_chain_list_iter *nftnl_chain_list_iter_create(struct nftnl_chain_li
struct nftnl_chain *nftnl_chain_list_iter_next(struct nftnl_chain_list_iter *iter);
void nftnl_chain_list_iter_destroy(struct nftnl_chain_list_iter *iter);
+/*
+ * Compat
+ */
+
+struct nft_chain;
+
+struct nft_chain *nft_chain_alloc(void);
+void nft_chain_free(struct nft_chain *);
+
+enum {
+ NFT_CHAIN_ATTR_NAME = 0,
+ NFT_CHAIN_ATTR_FAMILY,
+ NFT_CHAIN_ATTR_TABLE,
+ NFT_CHAIN_ATTR_HOOKNUM,
+ NFT_CHAIN_ATTR_PRIO = 4,
+ NFT_CHAIN_ATTR_POLICY,
+ NFT_CHAIN_ATTR_USE,
+ NFT_CHAIN_ATTR_BYTES,
+ NFT_CHAIN_ATTR_PACKETS = 8,
+ NFT_CHAIN_ATTR_HANDLE,
+ NFT_CHAIN_ATTR_TYPE,
+ NFT_CHAIN_ATTR_DEV,
+ __NFT_CHAIN_ATTR_MAX
+};
+#define NFT_CHAIN_ATTR_MAX (__NFT_CHAIN_ATTR_MAX - 1)
+
+bool nft_chain_attr_is_set(const struct nft_chain *c, uint16_t attr);
+void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
+void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
+void nft_chain_attr_set_data(struct nft_chain *t, uint16_t attr,
+ const void *data, uint32_t data_len);
+void nft_chain_attr_set_u8(struct nft_chain *t, uint16_t attr, uint8_t data);
+void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
+void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
+void nft_chain_attr_set_u64(struct nft_chain *t, uint16_t attr, uint64_t data);
+void nft_chain_attr_set_str(struct nft_chain *t, uint16_t attr, const char *str);
+
+const void *nft_chain_attr_get(struct nft_chain *c, uint16_t attr);
+const void *nft_chain_attr_get_data(struct nft_chain *c, uint16_t attr,
+ uint32_t *data_len);
+const char *nft_chain_attr_get_str(struct nft_chain *c, uint16_t attr);
+uint8_t nft_chain_attr_get_u8(struct nft_chain *c, uint16_t attr);
+uint32_t nft_chain_attr_get_u32(struct nft_chain *c, uint16_t attr);
+int32_t nft_chain_attr_get_s32(struct nft_chain *c, uint16_t attr);
+uint64_t nft_chain_attr_get_u64(struct nft_chain *c, uint16_t attr);
+
+struct nlmsghdr;
+
+void nft_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_chain *t);
+
+int nft_chain_parse(struct nft_chain *c, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_chain_parse_file(struct nft_chain *c, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *t, uint32_t type, uint32_t flags);
+int nft_chain_fprintf(FILE *fp, struct nft_chain *c, uint32_t type, uint32_t flags);
+
+#define nft_chain_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *t);
+
+struct nft_chain_list;
+
+struct nft_chain_list *nft_chain_list_alloc(void);
+void nft_chain_list_free(struct nft_chain_list *list);
+int nft_chain_list_is_empty(struct nft_chain_list *list);
+int nft_chain_list_foreach(struct nft_chain_list *chain_list, int (*cb)(struct nft_chain *t, void *data), void *data);
+
+void nft_chain_list_add(struct nft_chain *r, struct nft_chain_list *list);
+void nft_chain_list_add_tail(struct nft_chain *r, struct nft_chain_list *list);
+void nft_chain_list_del(struct nft_chain *c);
+
+struct nft_chain_list_iter;
+
+struct nft_chain_list_iter *nft_chain_list_iter_create(struct nft_chain_list *l);
+struct nft_chain *nft_chain_list_iter_next(struct nft_chain_list_iter *iter);
+void nft_chain_list_iter_destroy(struct nft_chain_list_iter *iter);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/libnftnl/common.h b/include/libnftnl/common.h
index b9c6ff3..a40688c 100644
--- a/include/libnftnl/common.h
+++ b/include/libnftnl/common.h
@@ -52,4 +52,57 @@ int nftnl_batch_is_supported(void);
void nftnl_batch_begin(char *buf, uint32_t seq);
void nftnl_batch_end(char *buf, uint32_t seq);
+/*
+ * Compat
+ */
+
+enum {
+ NFT_PARSE_EBADINPUT = 0,
+ NFT_PARSE_EMISSINGNODE,
+ NFT_PARSE_EBADTYPE,
+ NFT_PARSE_EOPNOTSUPP,
+};
+
+enum nft_output_type {
+ NFT_OUTPUT_DEFAULT = 0,
+ NFT_OUTPUT_XML,
+ NFT_OUTPUT_JSON,
+};
+
+enum nft_output_flags {
+ NFT_OF_EVENT_NEW = (1 << 0),
+ NFT_OF_EVENT_DEL = (1 << 1),
+ NFT_OF_EVENT_ANY = (NFT_OF_EVENT_NEW | NFT_OF_EVENT_DEL),
+};
+
+enum nft_cmd_type {
+ NFT_CMD_UNSPEC = 0,
+ NFT_CMD_ADD,
+ NFT_CMD_INSERT,
+ NFT_CMD_DELETE,
+ NFT_CMD_REPLACE,
+ NFT_CMD_FLUSH,
+ NFT_CMD_MAX,
+};
+
+enum nft_parse_type {
+ NFT_PARSE_NONE = 0,
+ NFT_PARSE_XML,
+ NFT_PARSE_JSON,
+ NFT_PARSE_MAX,
+};
+
+struct nft_parse_err;
+
+struct nlmsghdr *nft_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family,
+ uint16_t type, uint32_t seq);
+
+struct nft_parse_err *nft_parse_err_alloc(void);
+void nft_parse_err_free(struct nft_parse_err *);
+int nft_parse_perror(const char *str, struct nft_parse_err *err);
+
+int nft_batch_is_supported(void);
+void nft_batch_begin(char *buf, uint32_t seq);
+void nft_batch_end(char *buf, uint32_t seq);
+
#endif
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index 1ca1d8b..c0c8259 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -173,6 +173,174 @@ enum {
NFTNL_EXPR_REDIR_FLAGS,
};
+/*
+ * Compat
+ */
+
+struct nft_rule_expr;
+
+enum {
+ NFT_RULE_EXPR_ATTR_NAME = 0,
+ NFT_RULE_EXPR_ATTR_BASE,
+};
+
+struct nft_rule_expr *nft_rule_expr_alloc(const char *name);
+void nft_rule_expr_free(struct nft_rule_expr *expr);
+
+bool nft_rule_expr_is_set(const struct nft_rule_expr *expr, uint16_t type);
+void nft_rule_expr_set(struct nft_rule_expr *expr, uint16_t type, const void *data, uint32_t data_len);
+#define nft_rule_expr_set_data nft_rule_expr_set
+void nft_rule_expr_set_u8(struct nft_rule_expr *expr, uint16_t type, uint8_t data);
+void nft_rule_expr_set_u16(struct nft_rule_expr *expr, uint16_t type, uint16_t data);
+void nft_rule_expr_set_u32(struct nft_rule_expr *expr, uint16_t type, uint32_t data);
+void nft_rule_expr_set_u64(struct nft_rule_expr *expr, uint16_t type, uint64_t data);
+void nft_rule_expr_set_str(struct nft_rule_expr *expr, uint16_t type, const char *str);
+
+const void *nft_rule_expr_get(const struct nft_rule_expr *expr, uint16_t type, uint32_t *data_len);
+#define nft_rule_expr_get_data nft_rule_expr_get
+uint8_t nft_rule_expr_get_u8(const struct nft_rule_expr *expr, uint16_t type);
+uint16_t nft_rule_expr_get_u16(const struct nft_rule_expr *expr, uint16_t type);
+uint32_t nft_rule_expr_get_u32(const struct nft_rule_expr *expr, uint16_t type);
+uint64_t nft_rule_expr_get_u64(const struct nft_rule_expr *expr, uint16_t type);
+const char *nft_rule_expr_get_str(const struct nft_rule_expr *expr, uint16_t type);
+
+int nft_rule_expr_snprintf(char *buf, size_t buflen, struct nft_rule_expr *expr, uint32_t type, uint32_t flags);
+
+enum {
+ NFT_EXPR_PAYLOAD_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_PAYLOAD_BASE,
+ NFT_EXPR_PAYLOAD_OFFSET,
+ NFT_EXPR_PAYLOAD_LEN,
+};
+
+enum {
+ NFT_EXPR_META_KEY = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_META_DREG,
+ NFT_EXPR_META_SREG,
+};
+
+enum {
+ NFT_EXPR_CMP_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CMP_OP,
+ NFT_EXPR_CMP_DATA,
+};
+
+enum {
+ NFT_EXPR_IMM_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_IMM_DATA,
+ NFT_EXPR_IMM_VERDICT,
+ NFT_EXPR_IMM_CHAIN,
+};
+
+enum {
+ NFT_EXPR_CTR_PACKETS = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CTR_BYTES,
+};
+
+enum {
+ NFT_EXPR_BITWISE_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_BITWISE_DREG,
+ NFT_EXPR_BITWISE_LEN,
+ NFT_EXPR_BITWISE_MASK,
+ NFT_EXPR_BITWISE_XOR,
+};
+
+enum {
+ NFT_EXPR_TG_NAME = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_TG_REV,
+ NFT_EXPR_TG_INFO,
+};
+
+enum {
+ NFT_EXPR_MT_NAME = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_MT_REV,
+ NFT_EXPR_MT_INFO,
+};
+
+enum {
+ NFT_EXPR_NAT_TYPE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_NAT_FAMILY,
+ NFT_EXPR_NAT_REG_ADDR_MIN,
+ NFT_EXPR_NAT_REG_ADDR_MAX,
+ NFT_EXPR_NAT_REG_PROTO_MIN,
+ NFT_EXPR_NAT_REG_PROTO_MAX,
+ NFT_EXPR_NAT_FLAGS,
+};
+
+enum {
+ NFT_EXPR_LOOKUP_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LOOKUP_DREG,
+ NFT_EXPR_LOOKUP_SET,
+ NFT_EXPR_LOOKUP_SET_ID,
+};
+
+enum {
+ NFT_EXPR_DYNSET_SREG_KEY = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_DYNSET_SREG_DATA,
+ NFT_EXPR_DYNSET_OP,
+ NFT_EXPR_DYNSET_TIMEOUT,
+ NFT_EXPR_DYNSET_SET_NAME,
+ NFT_EXPR_DYNSET_SET_ID,
+ NFT_EXPR_DYNSET_EXPR,
+};
+
+enum {
+ NFT_EXPR_LOG_PREFIX = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LOG_GROUP,
+ NFT_EXPR_LOG_SNAPLEN,
+ NFT_EXPR_LOG_QTHRESHOLD,
+ NFT_EXPR_LOG_LEVEL,
+ NFT_EXPR_LOG_FLAGS,
+};
+
+enum {
+ NFT_EXPR_EXTHDR_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_EXTHDR_TYPE,
+ NFT_EXPR_EXTHDR_OFFSET,
+ NFT_EXPR_EXTHDR_LEN,
+};
+
+enum {
+ NFT_EXPR_CT_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CT_KEY,
+ NFT_EXPR_CT_DIR,
+ NFT_EXPR_CT_SREG,
+};
+
+enum {
+ NFT_EXPR_BYTEORDER_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_BYTEORDER_SREG,
+ NFT_EXPR_BYTEORDER_OP,
+ NFT_EXPR_BYTEORDER_LEN,
+ NFT_EXPR_BYTEORDER_SIZE,
+};
+
+enum {
+ NFT_EXPR_LIMIT_RATE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LIMIT_UNIT,
+};
+
+enum {
+ NFT_EXPR_REJECT_TYPE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_REJECT_CODE,
+};
+
+enum {
+ NFT_EXPR_QUEUE_NUM = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_QUEUE_TOTAL,
+ NFT_EXPR_QUEUE_FLAGS,
+};
+
+enum {
+ NFT_EXPR_MASQ_FLAGS = NFT_RULE_EXPR_ATTR_BASE,
+};
+
+enum {
+ NFT_EXPR_REDIR_REG_PROTO_MIN = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_REDIR_REG_PROTO_MAX,
+ NFT_EXPR_REDIR_FLAGS,
+};
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/libnftnl/gen.h b/include/libnftnl/gen.h
index eb72d56..1bb2d56 100644
--- a/include/libnftnl/gen.h
+++ b/include/libnftnl/gen.h
@@ -44,6 +44,42 @@ int nftnl_gen_fprintf(FILE *fp, struct nftnl_gen *gen, uint32_t type, uint32_t f
#define nftnl_gen_nlmsg_build_hdr nftnl_nlmsg_build_hdr
int nftnl_gen_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_gen *gen);
+/*
+ * Compat
+ */
+
+struct nft_gen;
+
+struct nft_gen *nft_gen_alloc(void);
+void nft_gen_free(struct nft_gen *);
+
+enum {
+ NFT_GEN_ID = 0,
+ __NFT_GEN_MAX
+};
+#define NFT_GEN_MAX (__NFT_GEN_MAX - 1)
+
+bool nft_gen_attr_is_set(const struct nft_gen *gen, uint16_t attr);
+void nft_gen_attr_unset(struct nft_gen *gen, uint16_t attr);
+void nft_gen_attr_set(struct nft_gen *gen, uint16_t attr, const void *data);
+void nft_gen_attr_set_data(struct nft_gen *gen, uint16_t attr,
+ const void *data, uint32_t data_len);
+const void *nft_gen_attr_get(struct nft_gen *gen, uint16_t attr);
+const void *nft_gen_attr_get_data(struct nft_gen *gen, uint16_t attr,
+ uint32_t *data_len);
+
+void nft_gen_attr_set_u32(struct nft_gen *gen, uint16_t attr, uint32_t data);
+uint32_t nft_gen_attr_get_u32(struct nft_gen *gen, uint16_t attr);
+
+struct nlmsghdr;
+int nft_gen_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_gen *gen);
+
+int nft_gen_snprintf(char *buf, size_t size, struct nft_gen *gen, uint32_t type, uint32_t flags);
+int nft_gen_fprintf(FILE *fp, struct nft_gen *gen, uint32_t type, uint32_t flags);
+
+#define nft_gen_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_gen_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_gen *gen);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/libnftnl/rule.h b/include/libnftnl/rule.h
index 8aa47ea..c1bfcb6 100644
--- a/include/libnftnl/rule.h
+++ b/include/libnftnl/rule.h
@@ -91,6 +91,89 @@ struct nftnl_rule *nftnl_rule_list_iter_cur(struct nftnl_rule_list_iter *iter);
struct nftnl_rule *nftnl_rule_list_iter_next(struct nftnl_rule_list_iter *iter);
void nftnl_rule_list_iter_destroy(struct nftnl_rule_list_iter *iter);
+/*
+ * Compat
+ */
+
+struct nft_rule;
+struct nft_rule_expr;
+
+struct nft_rule *nft_rule_alloc(void);
+void nft_rule_free(struct nft_rule *);
+
+enum {
+ NFT_RULE_ATTR_FAMILY = 0,
+ NFT_RULE_ATTR_TABLE,
+ NFT_RULE_ATTR_CHAIN,
+ NFT_RULE_ATTR_HANDLE,
+ NFT_RULE_ATTR_COMPAT_PROTO,
+ NFT_RULE_ATTR_COMPAT_FLAGS,
+ NFT_RULE_ATTR_POSITION,
+ NFT_RULE_ATTR_USERDATA,
+ __NFT_RULE_ATTR_MAX
+};
+#define NFT_RULE_ATTR_MAX (__NFT_RULE_ATTR_MAX - 1)
+
+void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
+bool nft_rule_attr_is_set(const struct nft_rule *r, uint16_t attr);
+void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
+void nft_rule_attr_set_data(struct nft_rule *r, uint16_t attr,
+ const void *data, uint32_t data_len);
+void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
+void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
+void nft_rule_attr_set_str(struct nft_rule *r, uint16_t attr, const char *str);
+
+const void *nft_rule_attr_get(const struct nft_rule *r, uint16_t attr);
+const void *nft_rule_attr_get_data(const struct nft_rule *r, uint16_t attr,
+ uint32_t *data_len);
+const char *nft_rule_attr_get_str(const struct nft_rule *r, uint16_t attr);
+uint8_t nft_rule_attr_get_u8(const struct nft_rule *r, uint16_t attr);
+uint32_t nft_rule_attr_get_u32(const struct nft_rule *r, uint16_t attr);
+uint64_t nft_rule_attr_get_u64(const struct nft_rule *r, uint16_t attr);
+
+void nft_rule_add_expr(struct nft_rule *r, struct nft_rule_expr *expr);
+
+struct nlmsghdr;
+
+void nft_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_rule *t);
+
+int nft_rule_parse(struct nft_rule *r, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_rule_parse_file(struct nft_rule *r, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *t, uint32_t type, uint32_t flags);
+int nft_rule_fprintf(FILE *fp, struct nft_rule *r, uint32_t type, uint32_t flags);
+
+#define nft_rule_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_rule_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_rule *t);
+
+int nft_rule_expr_foreach(struct nft_rule *r,
+ int (*cb)(struct nft_rule_expr *e, void *data),
+ void *data);
+
+struct nft_rule_expr_iter;
+
+struct nft_rule_expr_iter *nft_rule_expr_iter_create(struct nft_rule *r);
+struct nft_rule_expr *nft_rule_expr_iter_next(struct nft_rule_expr_iter *iter);
+void nft_rule_expr_iter_destroy(struct nft_rule_expr_iter *iter);
+
+struct nft_rule_list;
+
+struct nft_rule_list *nft_rule_list_alloc(void);
+void nft_rule_list_free(struct nft_rule_list *list);
+int nft_rule_list_is_empty(struct nft_rule_list *list);
+void nft_rule_list_add(struct nft_rule *r, struct nft_rule_list *list);
+void nft_rule_list_add_tail(struct nft_rule *r, struct nft_rule_list *list);
+void nft_rule_list_del(struct nft_rule *r);
+int nft_rule_list_foreach(struct nft_rule_list *rule_list, int (*cb)(struct nft_rule *t, void *data), void *data);
+
+struct nft_rule_list_iter;
+
+struct nft_rule_list_iter *nft_rule_list_iter_create(struct nft_rule_list *l);
+struct nft_rule *nft_rule_list_iter_cur(struct nft_rule_list_iter *iter);
+struct nft_rule *nft_rule_list_iter_next(struct nft_rule_list_iter *iter);
+void nft_rule_list_iter_destroy(struct nft_rule_list_iter *iter);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/libnftnl/ruleset.h b/include/libnftnl/ruleset.h
index 12e2495..6c304dc 100644
--- a/include/libnftnl/ruleset.h
+++ b/include/libnftnl/ruleset.h
@@ -70,6 +70,67 @@ int nftnl_ruleset_parse_file(struct nftnl_ruleset *rs, enum nftnl_parse_type typ
int nftnl_ruleset_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs, uint32_t type, uint32_t flags);
int nftnl_ruleset_fprintf(FILE *fp, const struct nftnl_ruleset *rs, uint32_t type, uint32_t flags);
+/*
+ * Compat
+ */
+
+struct nft_ruleset;
+
+struct nft_ruleset *nft_ruleset_alloc(void);
+void nft_ruleset_free(struct nft_ruleset *r);
+
+enum {
+ NFT_RULESET_ATTR_TABLELIST = 0,
+ NFT_RULESET_ATTR_CHAINLIST,
+ NFT_RULESET_ATTR_SETLIST,
+ NFT_RULESET_ATTR_RULELIST,
+};
+
+enum nft_ruleset_type {
+ NFT_RULESET_UNSPEC = 0,
+ NFT_RULESET_RULESET,
+ NFT_RULESET_TABLE,
+ NFT_RULESET_CHAIN,
+ NFT_RULESET_RULE,
+ NFT_RULESET_SET,
+ NFT_RULESET_SET_ELEMS,
+};
+
+bool nft_ruleset_attr_is_set(const struct nft_ruleset *r, uint16_t attr);
+void nft_ruleset_attr_unset(struct nft_ruleset *r, uint16_t attr);
+void nft_ruleset_attr_set(struct nft_ruleset *r, uint16_t attr, void *data);
+void *nft_ruleset_attr_get(const struct nft_ruleset *r, uint16_t attr);
+
+enum {
+ NFT_RULESET_CTX_CMD = 0,
+ NFT_RULESET_CTX_TYPE,
+ NFT_RULESET_CTX_TABLE,
+ NFT_RULESET_CTX_CHAIN,
+ NFT_RULESET_CTX_RULE,
+ NFT_RULESET_CTX_SET,
+ NFT_RULESET_CTX_DATA,
+};
+
+struct nft_parse_ctx;
+void nft_ruleset_ctx_free(const struct nft_parse_ctx *ctx);
+bool nft_ruleset_ctx_is_set(const struct nft_parse_ctx *ctx, uint16_t attr);
+void *nft_ruleset_ctx_get(const struct nft_parse_ctx *ctx, uint16_t attr);
+uint32_t nft_ruleset_ctx_get_u32(const struct nft_parse_ctx *ctx,
+ uint16_t attr);
+
+int nft_ruleset_parse_file_cb(enum nft_parse_type type, FILE *fp,
+ struct nft_parse_err *err, void *data,
+ int (*cb)(const struct nft_parse_ctx *ctx));
+int nft_ruleset_parse_buffer_cb(enum nft_parse_type type, const char *buffer,
+ struct nft_parse_err *err, void *data,
+ int (*cb)(const struct nft_parse_ctx *ctx));
+int nft_ruleset_parse(struct nft_ruleset *rs, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_ruleset_parse_file(struct nft_ruleset *rs, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_ruleset_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
+int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
index d3958f6..4420d03 100644
--- a/include/libnftnl/set.h
+++ b/include/libnftnl/set.h
@@ -140,4 +140,140 @@ void nftnl_set_elems_iter_destroy(struct nftnl_set_elems_iter *iter);
int nftnl_set_elems_nlmsg_build_payload_iter(struct nlmsghdr *nlh,
struct nftnl_set_elems_iter *iter);
+/*
+ * Compat
+ */
+
+enum {
+ NFT_SET_ATTR_TABLE,
+ NFT_SET_ATTR_NAME,
+ NFT_SET_ATTR_FLAGS,
+ NFT_SET_ATTR_KEY_TYPE,
+ NFT_SET_ATTR_KEY_LEN,
+ NFT_SET_ATTR_DATA_TYPE,
+ NFT_SET_ATTR_DATA_LEN,
+ NFT_SET_ATTR_FAMILY,
+ NFT_SET_ATTR_ID,
+ NFT_SET_ATTR_POLICY,
+ NFT_SET_ATTR_DESC_SIZE,
+ NFT_SET_ATTR_TIMEOUT,
+ NFT_SET_ATTR_GC_INTERVAL,
+ __NFT_SET_ATTR_MAX
+};
+#define NFT_SET_ATTR_MAX (__NFT_SET_ATTR_MAX - 1)
+
+struct nft_set;
+
+struct nft_set *nft_set_alloc(void);
+void nft_set_free(struct nft_set *s);
+
+struct nft_set *nft_set_clone(const struct nft_set *set);
+
+bool nft_set_attr_is_set(const struct nft_set *s, uint16_t attr);
+void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
+void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
+void nft_set_attr_set_data(struct nft_set *s, uint16_t attr, const void *data,
+ uint32_t data_len);
+void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
+void nft_set_attr_set_u64(struct nft_set *s, uint16_t attr, uint64_t val);
+void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
+
+const void *nft_set_attr_get(struct nft_set *s, uint16_t attr);
+const void *nft_set_attr_get_data(struct nft_set *s, uint16_t attr,
+ uint32_t *data_len);
+const char *nft_set_attr_get_str(struct nft_set *s, uint16_t attr);
+uint32_t nft_set_attr_get_u32(struct nft_set *s, uint16_t attr);
+uint64_t nft_set_attr_get_u64(struct nft_set *s, uint16_t attr);
+
+struct nlmsghdr;
+
+#define nft_set_nlmsg_build_hdr nft_nlmsg_build_hdr
+void nft_set_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s);
+int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
+int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
+
+int nft_set_snprintf(char *buf, size_t size, struct nft_set *s, uint32_t type, uint32_t flags);
+int nft_set_fprintf(FILE *fp, struct nft_set *s, uint32_t type, uint32_t flags);
+
+struct nft_set_list;
+
+struct nft_set_list *nft_set_list_alloc(void);
+void nft_set_list_free(struct nft_set_list *list);
+int nft_set_list_is_empty(struct nft_set_list *list);
+void nft_set_list_add(struct nft_set *s, struct nft_set_list *list);
+void nft_set_list_add_tail(struct nft_set *s, struct nft_set_list *list);
+void nft_set_list_del(struct nft_set *s);
+int nft_set_list_foreach(struct nft_set_list *set_list, int (*cb)(struct nft_set *t, void *data), void *data);
+
+struct nft_set_list_iter;
+struct nft_set_list_iter *nft_set_list_iter_create(struct nft_set_list *l);
+struct nft_set *nft_set_list_iter_cur(struct nft_set_list_iter *iter);
+struct nft_set *nft_set_list_iter_next(struct nft_set_list_iter *iter);
+void nft_set_list_iter_destroy(struct nft_set_list_iter *iter);
+
+int nft_set_parse(struct nft_set *s, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_set_parse_file(struct nft_set *s, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+
+/*
+ * Set elements
+ */
+
+enum {
+ NFT_SET_ELEM_ATTR_FLAGS,
+ NFT_SET_ELEM_ATTR_KEY,
+ NFT_SET_ELEM_ATTR_VERDICT,
+ NFT_SET_ELEM_ATTR_CHAIN,
+ NFT_SET_ELEM_ATTR_DATA,
+ NFT_SET_ELEM_ATTR_TIMEOUT,
+ NFT_SET_ELEM_ATTR_EXPIRATION,
+ NFT_SET_ELEM_ATTR_USERDATA,
+ NFT_SET_ELEM_ATTR_EXPR,
+};
+
+struct nft_set_elem;
+
+struct nft_set_elem *nft_set_elem_alloc(void);
+void nft_set_elem_free(struct nft_set_elem *s);
+
+struct nft_set_elem *nft_set_elem_clone(struct nft_set_elem *elem);
+
+void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
+
+void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
+void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, uint32_t data_len);
+void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
+void nft_set_elem_attr_set_u64(struct nft_set_elem *s, uint16_t attr, uint64_t val);
+void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
+
+const void *nft_set_elem_attr_get(struct nft_set_elem *s, uint16_t attr, uint32_t *data_len);
+const char *nft_set_elem_attr_get_str(struct nft_set_elem *s, uint16_t attr);
+uint32_t nft_set_elem_attr_get_u32(struct nft_set_elem *s, uint16_t attr);
+uint64_t nft_set_elem_attr_get_u64(struct nft_set_elem *s, uint16_t attr);
+
+bool nft_set_elem_attr_is_set(const struct nft_set_elem *s, uint16_t attr);
+
+#define nft_set_elem_nlmsg_build_hdr nft_nlmsg_build_hdr
+void nft_set_elems_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s);
+void nft_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set_elem *e);
+
+int nft_set_elem_parse(struct nft_set_elem *e, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_set_elem_parse_file(struct nft_set_elem *e, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *s, uint32_t type, uint32_t flags);
+int nft_set_elem_fprintf(FILE *fp, struct nft_set_elem *se, uint32_t type, uint32_t flags);
+
+int nft_set_elem_foreach(struct nft_set *s, int (*cb)(struct nft_set_elem *e, void *data), void *data);
+
+struct nft_set_elems_iter;
+struct nft_set_elems_iter *nft_set_elems_iter_create(struct nft_set *s);
+struct nft_set_elem *nft_set_elems_iter_cur(struct nft_set_elems_iter *iter);
+struct nft_set_elem *nft_set_elems_iter_next(struct nft_set_elems_iter *iter);
+void nft_set_elems_iter_destroy(struct nft_set_elems_iter *iter);
+
+int nft_set_elems_nlmsg_build_payload_iter(struct nlmsghdr *nlh,
+ struct nft_set_elems_iter *iter);
+
#endif /* _LIBNFTNL_SET_H_ */
diff --git a/include/libnftnl/table.h b/include/libnftnl/table.h
index 0f0589b..ca9a5c6 100644
--- a/include/libnftnl/table.h
+++ b/include/libnftnl/table.h
@@ -73,6 +73,71 @@ struct nftnl_table_list_iter *nftnl_table_list_iter_create(struct nftnl_table_li
struct nftnl_table *nftnl_table_list_iter_next(struct nftnl_table_list_iter *iter);
void nftnl_table_list_iter_destroy(struct nftnl_table_list_iter *iter);
+/*
+ * Compat
+ */
+
+struct nft_table;
+
+struct nft_table *nft_table_alloc(void);
+void nft_table_free(struct nft_table *);
+
+enum {
+ NFT_TABLE_ATTR_NAME = 0,
+ NFT_TABLE_ATTR_FAMILY,
+ NFT_TABLE_ATTR_FLAGS,
+ NFT_TABLE_ATTR_USE,
+ __NFT_TABLE_ATTR_MAX
+};
+#define NFT_TABLE_ATTR_MAX (__NFT_TABLE_ATTR_MAX - 1)
+
+bool nft_table_attr_is_set(const struct nft_table *t, uint16_t attr);
+void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
+void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
+void nft_table_attr_set_data(struct nft_table *t, uint16_t attr,
+ const void *data, uint32_t data_len);
+const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
+const void *nft_table_attr_get_data(struct nft_table *t, uint16_t attr,
+ uint32_t *data_len);
+
+void nft_table_attr_set_u8(struct nft_table *t, uint16_t attr, uint8_t data);
+void nft_table_attr_set_u32(struct nft_table *t, uint16_t attr, uint32_t data);
+void nft_table_attr_set_str(struct nft_table *t, uint16_t attr, const char *str);
+uint8_t nft_table_attr_get_u8(struct nft_table *t, uint16_t attr);
+uint32_t nft_table_attr_get_u32(struct nft_table *t, uint16_t attr);
+const char *nft_table_attr_get_str(struct nft_table *t, uint16_t attr);
+
+struct nlmsghdr;
+
+void nft_table_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_table *t);
+
+int nft_table_parse(struct nft_table *t, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_table_parse_file(struct nft_table *t, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, uint32_t type, uint32_t flags);
+int nft_table_fprintf(FILE *fp, struct nft_table *t, uint32_t type, uint32_t flags);
+
+#define nft_table_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_table *t);
+
+struct nft_table_list;
+
+struct nft_table_list *nft_table_list_alloc(void);
+void nft_table_list_free(struct nft_table_list *list);
+int nft_table_list_is_empty(struct nft_table_list *list);
+int nft_table_list_foreach(struct nft_table_list *table_list, int (*cb)(struct nft_table *t, void *data), void *data);
+
+void nft_table_list_add(struct nft_table *r, struct nft_table_list *list);
+void nft_table_list_add_tail(struct nft_table *r, struct nft_table_list *list);
+void nft_table_list_del(struct nft_table *r);
+
+struct nft_table_list_iter;
+
+struct nft_table_list_iter *nft_table_list_iter_create(struct nft_table_list *l);
+struct nft_table *nft_table_list_iter_next(struct nft_table_list_iter *iter);
+void nft_table_list_iter_destroy(struct nft_table_list_iter *iter);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/include/utils.h b/include/utils.h
index 7a46725..f7436fa 100644
--- a/include/utils.h
+++ b/include/utils.h
@@ -10,7 +10,7 @@
#include "config.h"
#ifdef HAVE_VISIBILITY_HIDDEN
# define __visible __attribute__((visibility("default")))
-# define EXPORT_SYMBOL(x, y) typeof(x) (x) __visible; __typeof (x) y __attribute ((alias (#x), visibility ("default")))
+# define EXPORT_SYMBOL(x, y) typeof(x) (x) __visible; __typeof (y) y __attribute ((alias (#x), visibility ("default")))
#else
# define EXPORT_SYMBOL
#endif