diff options
author | Álvaro Neira Ayuso <alvaroneay@gmail.com> | 2013-08-09 13:14:31 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-08-09 13:32:46 +0200 |
commit | 343e8c3c95d3343dc6241f194c1cf47d62a2854f (patch) | |
tree | f4e53f1de36a3514ea9748fe751fceca3f4bf667 /examples | |
parent | 4d9c3be03d14ffd8e4f71083f1f3051b45054b19 (diff) |
example: nft-rule-get: family parameter added
I have added the parameter family in the example nft-rule-get.
Signed-off-by: Alvaro Neira Ayuso Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'examples')
-rw-r--r-- | examples/nft-rule-get.c | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/examples/nft-rule-get.c b/examples/nft-rule-get.c index 2404f27..707e9ca 100644 --- a/examples/nft-rule-get.c +++ b/examples/nft-rule-get.c @@ -14,6 +14,7 @@ #include <string.h> #include <netinet/in.h> +#include <linux/netfilter.h> #include <linux/netfilter/nf_tables.h> #include <libmnl/libmnl.h> @@ -52,12 +53,32 @@ int main(int argc, char *argv[]) struct nlmsghdr *nlh; uint32_t portid, seq, type = NFT_RULE_O_DEFAULT; struct nft_rule *t = NULL; - int ret; + int ret, family; - if (argc == 2 && strcmp(argv[1], "xml") == 0 ){ - type = NFT_RULE_O_XML; - }else if (argc == 2 && strcmp(argv[1], "json") == 0 ){ - type = NFT_RULE_O_JSON; + if (argc < 2 || argc > 3) { + fprintf(stderr, "Usage: %s <family> [xml|json]\n", + argv[0]); + exit(EXIT_FAILURE); + } + + if (strcmp(argv[1], "ip") == 0) + family = NFPROTO_IPV4; + else if (strcmp(argv[1], "ip6") == 0) + family = NFPROTO_IPV6; + else if (strcmp(argv[1], "bridge") == 0) + family = NFPROTO_BRIDGE; + else if (strcmp(argv[1], "arp") == 0) + family = NFPROTO_ARP; + else { + fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + exit(EXIT_FAILURE); + } + + if (argc == 3) { + if (strcmp(argv[2], "xml") == 0) + type = NFT_RULE_O_XML; + else if (strcmp(argv[2], "json") == 0) + type = NFT_RULE_O_JSON; } /* XXX requires table, chain and handle attributes for selective get */ @@ -69,7 +90,7 @@ int main(int argc, char *argv[]) } seq = time(NULL); - nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, AF_INET, + nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family, NLM_F_DUMP, seq); nl = mnl_socket_open(NETLINK_NETFILTER); |