summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorÁlvaro Neira Ayuso <alvaroneay@gmail.com>2013-08-09 13:14:31 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-08-09 13:32:46 +0200
commit343e8c3c95d3343dc6241f194c1cf47d62a2854f (patch)
treef4e53f1de36a3514ea9748fe751fceca3f4bf667
parent4d9c3be03d14ffd8e4f71083f1f3051b45054b19 (diff)
example: nft-rule-get: family parameter added
I have added the parameter family in the example nft-rule-get. Signed-off-by: Alvaro Neira Ayuso Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r--examples/nft-rule-get.c33
1 files changed, 27 insertions, 6 deletions
diff --git a/examples/nft-rule-get.c b/examples/nft-rule-get.c
index 2404f27..707e9ca 100644
--- a/examples/nft-rule-get.c
+++ b/examples/nft-rule-get.c
@@ -14,6 +14,7 @@
#include <string.h>
#include <netinet/in.h>
+#include <linux/netfilter.h>
#include <linux/netfilter/nf_tables.h>
#include <libmnl/libmnl.h>
@@ -52,12 +53,32 @@ int main(int argc, char *argv[])
struct nlmsghdr *nlh;
uint32_t portid, seq, type = NFT_RULE_O_DEFAULT;
struct nft_rule *t = NULL;
- int ret;
+ int ret, family;
- if (argc == 2 && strcmp(argv[1], "xml") == 0 ){
- type = NFT_RULE_O_XML;
- }else if (argc == 2 && strcmp(argv[1], "json") == 0 ){
- type = NFT_RULE_O_JSON;
+ if (argc < 2 || argc > 3) {
+ fprintf(stderr, "Usage: %s <family> [xml|json]\n",
+ argv[0]);
+ exit(EXIT_FAILURE);
+ }
+
+ if (strcmp(argv[1], "ip") == 0)
+ family = NFPROTO_IPV4;
+ else if (strcmp(argv[1], "ip6") == 0)
+ family = NFPROTO_IPV6;
+ else if (strcmp(argv[1], "bridge") == 0)
+ family = NFPROTO_BRIDGE;
+ else if (strcmp(argv[1], "arp") == 0)
+ family = NFPROTO_ARP;
+ else {
+ fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n");
+ exit(EXIT_FAILURE);
+ }
+
+ if (argc == 3) {
+ if (strcmp(argv[2], "xml") == 0)
+ type = NFT_RULE_O_XML;
+ else if (strcmp(argv[2], "json") == 0)
+ type = NFT_RULE_O_JSON;
}
/* XXX requires table, chain and handle attributes for selective get */
@@ -69,7 +90,7 @@ int main(int argc, char *argv[])
}
seq = time(NULL);
- nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, AF_INET,
+ nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family,
NLM_F_DUMP, seq);
nl = mnl_socket_open(NETLINK_NETFILTER);