diff options
| author | Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> | 2013-05-22 00:33:25 +0000 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-05-23 12:34:13 +0200 |
| commit | 4d6045630bb90182abf553df1b7f2764a24620b0 (patch) | |
| tree | 38f1f95d7f8adc073ded4aefb98a29bf7fcec164 /examples/rule.xml | |
| parent | 51370f0eedb1c8167ab2c340d2a53f0d9f02509c (diff) | |
examples: XML parsing examples
Some code snipplets to add tables/chain/rules using the XML representation.
The examples contains:
* A binary to parse/add the object using libnftables.
* A shellscript to easily call that binary, doing some tests.
* table/chain/rule sample XML file.
I included my name in new files, but I don't know if this is correct. Please let me know.
Instructions:
$ cd examples/ ; make nft-table-xml-add
# cd test/ ; ./nft-table-xml-add.sh
NOTE: Some kernel changes are required to allow reinsert exactly what is printed (handle handling, flags..)
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'examples/rule.xml')
| -rw-r--r-- | examples/rule.xml | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/examples/rule.xml b/examples/rule.xml new file mode 100644 index 0000000..b1de25a --- /dev/null +++ b/examples/rule.xml @@ -0,0 +1,85 @@ +<?xml version="1.0"?> +<rule family="2" table="filter" chain="INPUT" handle="100" version="0"> + <rule_flags>0</rule_flags> + <flags>127</flags> + <compat_flags>0</compat_flags> + <compat_proto>0</compat_proto> + <expr type="meta"> + <dreg>1</dreg> + <key>4</key> + </expr> + <expr type="cmp"> + <sreg>1</sreg> + <op>eq</op> + <cmpdata> + <data_reg type="value"> + <len>1</len> + <data0>0x04000000</data0> + </data_reg> + </cmpdata> + </expr> + <expr type="payload"> + <dreg>1</dreg> + <base>1</base> + <offset>12</offset> + <len>4</len> + </expr> + <expr type="cmp"> + <sreg>1</sreg> + <op>eq</op> + <cmpdata> + <data_reg type="value"> + <len>1</len> + <data0>0x96d60496</data0> + </data_reg> + </cmpdata> + </expr> + <expr type="payload"> + <dreg>1</dreg> + <base>1</base> + <offset>16</offset> + <len>4</len> + </expr> + <expr type="cmp"> + <sreg>1</sreg> + <op>eq</op> + <cmpdata> + <data_reg type="value"> + <len>1</len> + <data0>0x96d60329</data0> + </data_reg> + </cmpdata> + </expr> + <expr type="payload"> + <dreg>1</dreg> + <base>1</base> + <offset>9</offset> + <len>1</len> + </expr> + <expr type="cmp"> + <sreg>1</sreg> + <op>eq</op> + <cmpdata> + <data_reg type="value"> + <len>1</len> + <data0>0x06000000</data0> + </data_reg> + </cmpdata> + </expr> + <expr type="match"> + <name>state</name> + <rev>0</rev> + <info> + </info> + </expr> + <expr type="counter"> + <pkts>123123</pkts> + <bytes>321321</bytes> + </expr> + <expr type="target"> + <name>LOG</name> + <rev>0</rev> + <info> + </info> + </expr> +</rule> |