summaryrefslogtreecommitdiffstats
path: root/include/libnftnl
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-01-20 10:26:57 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2014-01-20 10:43:45 +0100
commit59e949294f4688bafe44b7def2972987224520c8 (patch)
tree0eccb41d605f64c88b9488879d34100ad9f17823 /include/libnftnl
parent8460aa61e7136973ea01c40098f348b13d9af26f (diff)
rename library to libnftnllibnftnl-1.0.0
We plan to use this library name for the higher layer library. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/libnftnl')
-rw-r--r--include/libnftnl/Makefile.am7
-rw-r--r--include/libnftnl/chain.h85
-rw-r--r--include/libnftnl/common.h31
-rw-r--r--include/libnftnl/expr.h150
-rw-r--r--include/libnftnl/rule.h91
-rw-r--r--include/libnftnl/ruleset.h44
-rw-r--r--include/libnftnl/set.h119
-rw-r--r--include/libnftnl/table.h73
8 files changed, 600 insertions, 0 deletions
diff --git a/include/libnftnl/Makefile.am b/include/libnftnl/Makefile.am
new file mode 100644
index 0000000..a0841d2
--- /dev/null
+++ b/include/libnftnl/Makefile.am
@@ -0,0 +1,7 @@
+pkginclude_HEADERS = table.h \
+ chain.h \
+ rule.h \
+ expr.h \
+ set.h \
+ ruleset.h \
+ common.h
diff --git a/include/libnftnl/chain.h b/include/libnftnl/chain.h
new file mode 100644
index 0000000..66626d8
--- /dev/null
+++ b/include/libnftnl/chain.h
@@ -0,0 +1,85 @@
+#ifndef _LIBNFTNL_CHAIN_H_
+#define _LIBNFTNL_CHAIN_H_
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <sys/types.h>
+
+#include <libnftnl/common.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct nft_chain;
+
+struct nft_chain *nft_chain_alloc(void);
+void nft_chain_free(struct nft_chain *);
+
+enum {
+ NFT_CHAIN_ATTR_NAME = 0,
+ NFT_CHAIN_ATTR_FAMILY,
+ NFT_CHAIN_ATTR_TABLE,
+ NFT_CHAIN_ATTR_HOOKNUM,
+ NFT_CHAIN_ATTR_PRIO = 4,
+ NFT_CHAIN_ATTR_POLICY,
+ NFT_CHAIN_ATTR_USE,
+ NFT_CHAIN_ATTR_BYTES,
+ NFT_CHAIN_ATTR_PACKETS = 8,
+ NFT_CHAIN_ATTR_HANDLE,
+ NFT_CHAIN_ATTR_TYPE,
+};
+
+bool nft_chain_attr_is_set(const struct nft_chain *c, uint16_t attr);
+void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
+void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
+void nft_chain_attr_set_u8(struct nft_chain *t, uint16_t attr, uint8_t data);
+void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
+void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
+void nft_chain_attr_set_u64(struct nft_chain *t, uint16_t attr, uint64_t data);
+void nft_chain_attr_set_str(struct nft_chain *t, uint16_t attr, const char *str);
+
+const void *nft_chain_attr_get(struct nft_chain *c, uint16_t attr);
+const char *nft_chain_attr_get_str(struct nft_chain *c, uint16_t attr);
+uint8_t nft_chain_attr_get_u8(struct nft_chain *c, uint16_t attr);
+uint32_t nft_chain_attr_get_u32(struct nft_chain *c, uint16_t attr);
+int32_t nft_chain_attr_get_s32(struct nft_chain *c, uint16_t attr);
+uint64_t nft_chain_attr_get_u64(struct nft_chain *c, uint16_t attr);
+
+struct nlmsghdr;
+
+void nft_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_chain *t);
+
+int nft_chain_parse(struct nft_chain *c, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_chain_parse_file(struct nft_chain *c, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *t, uint32_t type, uint32_t flags);
+int nft_chain_fprintf(FILE *fp, struct nft_chain *c, uint32_t type, uint32_t flags);
+
+#define nft_chain_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *t);
+
+struct nft_chain_list;
+
+struct nft_chain_list *nft_chain_list_alloc(void);
+void nft_chain_list_free(struct nft_chain_list *list);
+int nft_chain_list_is_empty(struct nft_chain_list *list);
+int nft_chain_list_foreach(struct nft_chain_list *chain_list, int (*cb)(struct nft_chain *t, void *data), void *data);
+
+void nft_chain_list_add(struct nft_chain *r, struct nft_chain_list *list);
+void nft_chain_list_add_tail(struct nft_chain *r, struct nft_chain_list *list);
+void nft_chain_list_del(struct nft_chain *c);
+
+struct nft_chain_list_iter;
+
+struct nft_chain_list_iter *nft_chain_list_iter_create(struct nft_chain_list *l);
+struct nft_chain *nft_chain_list_iter_next(struct nft_chain_list_iter *iter);
+void nft_chain_list_iter_destroy(struct nft_chain_list_iter *iter);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* _LIBNFTNL_CHAIN_H_ */
diff --git a/include/libnftnl/common.h b/include/libnftnl/common.h
new file mode 100644
index 0000000..9d18b2b
--- /dev/null
+++ b/include/libnftnl/common.h
@@ -0,0 +1,31 @@
+#ifndef _LIBNFTNL_COMMON_H_
+#define _LIBNFTNL_COMMON_H_
+
+enum {
+ NFT_PARSE_EBADINPUT = 0,
+ NFT_PARSE_EMISSINGNODE,
+ NFT_PARSE_EBADTYPE,
+};
+
+enum nft_output_type {
+ NFT_OUTPUT_DEFAULT = 0,
+ NFT_OUTPUT_XML,
+ NFT_OUTPUT_JSON,
+};
+
+enum nft_parse_type {
+ NFT_PARSE_NONE = 0,
+ NFT_PARSE_XML,
+ NFT_PARSE_JSON,
+ NFT_PARSE_MAX,
+};
+
+struct nft_parse_err;
+
+struct nlmsghdr *nft_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family,
+ uint16_t type, uint32_t seq);
+
+struct nft_parse_err *nft_parse_err_alloc(void);
+void nft_parse_err_free(struct nft_parse_err *);
+int nft_parse_perror(const char *str, struct nft_parse_err *err);
+#endif
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
new file mode 100644
index 0000000..a2f44df
--- /dev/null
+++ b/include/libnftnl/expr.h
@@ -0,0 +1,150 @@
+#ifndef _LIBNFTNL_RULE_EXPR_H_
+#define _LIBNFTNL_RULE_EXPR_H_
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <sys/types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct nft_rule_expr;
+
+enum {
+ NFT_RULE_EXPR_ATTR_NAME = 0,
+ NFT_RULE_EXPR_ATTR_BASE,
+};
+
+struct nft_rule_expr *nft_rule_expr_alloc(const char *name);
+void nft_rule_expr_free(struct nft_rule_expr *expr);
+
+bool nft_rule_expr_is_set(const struct nft_rule_expr *expr, uint16_t type);
+void nft_rule_expr_set(struct nft_rule_expr *expr, uint16_t type, const void *data, uint32_t data_len);
+void nft_rule_expr_set_u8(struct nft_rule_expr *expr, uint16_t type, uint8_t data);
+void nft_rule_expr_set_u16(struct nft_rule_expr *expr, uint16_t type, uint16_t data);
+void nft_rule_expr_set_u32(struct nft_rule_expr *expr, uint16_t type, uint32_t data);
+void nft_rule_expr_set_u64(struct nft_rule_expr *expr, uint16_t type, uint64_t data);
+void nft_rule_expr_set_str(struct nft_rule_expr *expr, uint16_t type, const char *str);
+
+const void *nft_rule_expr_get(const struct nft_rule_expr *expr, uint16_t type, uint32_t *data_len);
+uint8_t nft_rule_expr_get_u8(const struct nft_rule_expr *expr, uint16_t type);
+uint16_t nft_rule_expr_get_u16(const struct nft_rule_expr *expr, uint16_t type);
+uint32_t nft_rule_expr_get_u32(const struct nft_rule_expr *expr, uint16_t type);
+uint64_t nft_rule_expr_get_u64(const struct nft_rule_expr *expr, uint16_t type);
+const char *nft_rule_expr_get_str(const struct nft_rule_expr *expr, uint16_t type);
+
+struct nlmsghdr;
+
+void nft_rule_expr_build_payload(struct nlmsghdr *nlh, struct nft_rule_expr *expr);
+
+int nft_rule_expr_snprintf(char *buf, size_t buflen, struct nft_rule_expr *expr, uint32_t type, uint32_t flags);
+
+enum {
+ NFT_EXPR_PAYLOAD_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_PAYLOAD_BASE,
+ NFT_EXPR_PAYLOAD_OFFSET,
+ NFT_EXPR_PAYLOAD_LEN,
+};
+
+enum {
+ NFT_EXPR_META_KEY = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_META_DREG,
+};
+
+enum {
+ NFT_EXPR_CMP_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CMP_OP,
+ NFT_EXPR_CMP_DATA,
+};
+
+enum {
+ NFT_EXPR_IMM_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_IMM_DATA,
+ NFT_EXPR_IMM_VERDICT,
+ NFT_EXPR_IMM_CHAIN,
+};
+
+enum {
+ NFT_EXPR_CTR_PACKETS = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CTR_BYTES,
+};
+
+enum {
+ NFT_EXPR_BITWISE_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_BITWISE_DREG,
+ NFT_EXPR_BITWISE_LEN,
+ NFT_EXPR_BITWISE_MASK,
+ NFT_EXPR_BITWISE_XOR,
+};
+
+enum {
+ NFT_EXPR_TG_NAME = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_TG_REV,
+ NFT_EXPR_TG_INFO,
+};
+
+enum {
+ NFT_EXPR_MT_NAME = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_MT_REV,
+ NFT_EXPR_MT_INFO,
+};
+
+enum {
+ NFT_EXPR_NAT_TYPE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_NAT_FAMILY,
+ NFT_EXPR_NAT_REG_ADDR_MIN,
+ NFT_EXPR_NAT_REG_ADDR_MAX,
+ NFT_EXPR_NAT_REG_PROTO_MIN,
+ NFT_EXPR_NAT_REG_PROTO_MAX,
+};
+
+enum {
+ NFT_EXPR_LOOKUP_SREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LOOKUP_DREG,
+ NFT_EXPR_LOOKUP_SET,
+};
+
+enum {
+ NFT_EXPR_LOG_PREFIX = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LOG_GROUP,
+ NFT_EXPR_LOG_SNAPLEN,
+ NFT_EXPR_LOG_QTHRESHOLD,
+};
+
+enum {
+ NFT_EXPR_EXTHDR_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_EXTHDR_TYPE,
+ NFT_EXPR_EXTHDR_OFFSET,
+ NFT_EXPR_EXTHDR_LEN,
+};
+
+enum {
+ NFT_EXPR_CT_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_CT_KEY,
+ NFT_EXPR_CT_DIR,
+};
+
+enum {
+ NFT_EXPR_BYTEORDER_DREG = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_BYTEORDER_SREG,
+ NFT_EXPR_BYTEORDER_OP,
+ NFT_EXPR_BYTEORDER_LEN,
+ NFT_EXPR_BYTEORDER_SIZE,
+};
+
+enum {
+ NFT_EXPR_LIMIT_RATE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_LIMIT_UNIT,
+};
+
+enum {
+ NFT_EXPR_REJECT_TYPE = NFT_RULE_EXPR_ATTR_BASE,
+ NFT_EXPR_REJECT_CODE,
+};
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* _LIBNFTNL_RULE_EXPR_H_ */
diff --git a/include/libnftnl/rule.h b/include/libnftnl/rule.h
new file mode 100644
index 0000000..4033d3c
--- /dev/null
+++ b/include/libnftnl/rule.h
@@ -0,0 +1,91 @@
+#ifndef _LIBNFTNL_RULE_H_
+#define _LIBNFTNL_RULE_H_
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <sys/types.h>
+
+#include <libnftnl/common.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct nft_rule;
+struct nft_rule_expr;
+
+struct nft_rule *nft_rule_alloc(void);
+void nft_rule_free(struct nft_rule *);
+
+enum {
+ NFT_RULE_ATTR_FAMILY = 0,
+ NFT_RULE_ATTR_TABLE,
+ NFT_RULE_ATTR_CHAIN,
+ NFT_RULE_ATTR_HANDLE,
+ NFT_RULE_ATTR_COMPAT_PROTO,
+ NFT_RULE_ATTR_COMPAT_FLAGS,
+ NFT_RULE_ATTR_POSITION,
+};
+
+void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
+bool nft_rule_attr_is_set(const struct nft_rule *r, uint16_t attr);
+void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
+void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
+void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
+void nft_rule_attr_set_str(struct nft_rule *r, uint16_t attr, const char *str);
+
+const void *nft_rule_attr_get(const struct nft_rule *r, uint16_t attr);
+const char *nft_rule_attr_get_str(const struct nft_rule *r, uint16_t attr);
+uint8_t nft_rule_attr_get_u8(const struct nft_rule *r, uint16_t attr);
+uint32_t nft_rule_attr_get_u32(const struct nft_rule *r, uint16_t attr);
+uint64_t nft_rule_attr_get_u64(const struct nft_rule *r, uint16_t attr);
+
+void nft_rule_add_expr(struct nft_rule *r, struct nft_rule_expr *expr);
+
+struct nlmsghdr;
+
+void nft_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_rule *t);
+
+int nft_rule_parse(struct nft_rule *r, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_rule_parse_file(struct nft_rule *r, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *t, uint32_t type, uint32_t flags);
+int nft_rule_fprintf(FILE *fp, struct nft_rule *r, uint32_t type, uint32_t flags);
+
+#define nft_rule_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_rule_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_rule *t);
+
+int nft_rule_expr_foreach(struct nft_rule *r,
+ int (*cb)(struct nft_rule_expr *e, void *data),
+ void *data);
+
+struct nft_rule_expr_iter;
+
+struct nft_rule_expr_iter *nft_rule_expr_iter_create(struct nft_rule *r);
+struct nft_rule_expr *nft_rule_expr_iter_next(struct nft_rule_expr_iter *iter);
+void nft_rule_expr_iter_destroy(struct nft_rule_expr_iter *iter);
+
+struct nft_rule_list;
+
+struct nft_rule_list *nft_rule_list_alloc(void);
+void nft_rule_list_free(struct nft_rule_list *list);
+int nft_rule_list_is_empty(struct nft_rule_list *list);
+void nft_rule_list_add(struct nft_rule *r, struct nft_rule_list *list);
+void nft_rule_list_add_tail(struct nft_rule *r, struct nft_rule_list *list);
+void nft_rule_list_del(struct nft_rule *r);
+int nft_rule_list_foreach(struct nft_rule_list *rule_list, int (*cb)(struct nft_rule *t, void *data), void *data);
+
+struct nft_rule_list_iter;
+
+struct nft_rule_list_iter *nft_rule_list_iter_create(struct nft_rule_list *l);
+struct nft_rule *nft_rule_list_iter_cur(struct nft_rule_list_iter *iter);
+struct nft_rule *nft_rule_list_iter_next(struct nft_rule_list_iter *iter);
+void nft_rule_list_iter_destroy(struct nft_rule_list_iter *iter);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* _LIBNFTNL_RULE_H_ */
diff --git a/include/libnftnl/ruleset.h b/include/libnftnl/ruleset.h
new file mode 100644
index 0000000..6f89110
--- /dev/null
+++ b/include/libnftnl/ruleset.h
@@ -0,0 +1,44 @@
+#ifndef _LIBNFTNL_RULESET_H_
+#define _LIBNFTNL_RULESET_H_
+
+#include <stdio.h>
+
+#include <stdbool.h>
+#include <stdint.h>
+#include <sys/types.h>
+
+#include <libnftnl/common.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct nft_ruleset;
+
+struct nft_ruleset *nft_ruleset_alloc(void);
+void nft_ruleset_free(struct nft_ruleset *r);
+
+enum {
+ NFT_RULESET_ATTR_TABLELIST = 0,
+ NFT_RULESET_ATTR_CHAINLIST,
+ NFT_RULESET_ATTR_SETLIST,
+ NFT_RULESET_ATTR_RULELIST,
+};
+
+bool nft_ruleset_attr_is_set(const struct nft_ruleset *r, uint16_t attr);
+void nft_ruleset_attr_unset(struct nft_ruleset *r, uint16_t attr);
+void nft_ruleset_attr_set(struct nft_ruleset *r, uint16_t attr, void *data);
+const void *nft_ruleset_attr_get(const struct nft_ruleset *r, uint16_t attr);
+
+int nft_ruleset_parse(struct nft_ruleset *rs, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_ruleset_parse_file(struct nft_ruleset *rs, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_ruleset_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
+int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* _LIBNFTNL_RULESET_H_ */
diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
new file mode 100644
index 0000000..7fa9fb2
--- /dev/null
+++ b/include/libnftnl/set.h
@@ -0,0 +1,119 @@
+#ifndef _LIBNFTNL_SET_H_
+#define _LIBNFTNL_SET_H_
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <sys/types.h>
+
+#include <libnftnl/common.h>
+
+enum {
+ NFT_SET_ATTR_TABLE,
+ NFT_SET_ATTR_NAME,
+ NFT_SET_ATTR_FLAGS,
+ NFT_SET_ATTR_KEY_TYPE,
+ NFT_SET_ATTR_KEY_LEN,
+ NFT_SET_ATTR_DATA_TYPE,
+ NFT_SET_ATTR_DATA_LEN,
+ NFT_SET_ATTR_FAMILY,
+};
+
+struct nft_set;
+
+struct nft_set *nft_set_alloc(void);
+void nft_set_free(struct nft_set *s);
+
+bool nft_set_attr_is_set(const struct nft_set *s, uint16_t attr);
+void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
+void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
+void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
+void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
+
+const void *nft_set_attr_get(struct nft_set *s, uint16_t attr);
+const char *nft_set_attr_get_str(struct nft_set *s, uint16_t attr);
+uint32_t nft_set_attr_get_u32(struct nft_set *s, uint16_t attr);
+
+struct nlmsghdr;
+
+#define nft_set_nlmsg_build_hdr nft_nlmsg_build_hdr
+void nft_set_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s);
+int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
+int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
+
+int nft_set_snprintf(char *buf, size_t size, struct nft_set *s, uint32_t type, uint32_t flags);
+int nft_set_fprintf(FILE *fp, struct nft_set *s, uint32_t type, uint32_t flags);
+
+struct nft_set_list;
+
+struct nft_set_list *nft_set_list_alloc(void);
+void nft_set_list_free(struct nft_set_list *list);
+int nft_set_list_is_empty(struct nft_set_list *list);
+void nft_set_list_add(struct nft_set *s, struct nft_set_list *list);
+void nft_set_list_add_tail(struct nft_set *s, struct nft_set_list *list);
+void nft_set_list_del(struct nft_set *s);
+int nft_set_list_foreach(struct nft_set_list *set_list, int (*cb)(struct nft_set *t, void *data), void *data);
+
+struct nft_set_list_iter;
+struct nft_set_list_iter *nft_set_list_iter_create(struct nft_set_list *l);
+struct nft_set *nft_set_list_iter_cur(struct nft_set_list_iter *iter);
+struct nft_set *nft_set_list_iter_next(struct nft_set_list_iter *iter);
+void nft_set_list_iter_destroy(struct nft_set_list_iter *iter);
+
+int nft_set_parse(struct nft_set *s, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_set_parse_file(struct nft_set *s, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+
+/*
+ * Set elements
+ */
+
+enum {
+ NFT_SET_ELEM_ATTR_FLAGS,
+ NFT_SET_ELEM_ATTR_KEY,
+ NFT_SET_ELEM_ATTR_VERDICT,
+ NFT_SET_ELEM_ATTR_CHAIN,
+ NFT_SET_ELEM_ATTR_DATA,
+};
+
+struct nft_set_elem;
+
+struct nft_set_elem *nft_set_elem_alloc(void);
+void nft_set_elem_free(struct nft_set_elem *s);
+
+void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
+
+void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
+void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, uint32_t data_len);
+void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
+void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
+
+const void *nft_set_elem_attr_get(struct nft_set_elem *s, uint16_t attr, uint32_t *data_len);
+const char *nft_set_elem_attr_get_str(struct nft_set_elem *s, uint16_t attr);
+uint32_t nft_set_elem_attr_get_u32(struct nft_set_elem *s, uint16_t attr);
+
+bool nft_set_elem_attr_is_set(const struct nft_set_elem *s, uint16_t attr);
+
+#define nft_set_elem_nlmsg_build_hdr nft_nlmsg_build_hdr
+void nft_set_elems_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set *s);
+void nft_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_set_elem *e);
+
+int nft_set_elem_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set_elem *s);
+
+int nft_set_elem_parse(struct nft_set_elem *e, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_set_elem_parse_file(struct nft_set_elem *e, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *s, uint32_t type, uint32_t flags);
+int nft_set_elem_fprintf(FILE *fp, struct nft_set_elem *se, uint32_t type, uint32_t flags);
+
+int nft_set_elem_foreach(struct nft_set *s, int (*cb)(struct nft_set_elem *e, void *data), void *data);
+
+struct nft_set_elems_iter;
+struct nft_set_elems_iter *nft_set_elems_iter_create(struct nft_set *s);
+struct nft_set_elem *nft_set_elems_iter_cur(struct nft_set_elems_iter *iter);
+struct nft_set_elem *nft_set_elems_iter_next(struct nft_set_elems_iter *iter);
+void nft_set_elems_iter_destroy(struct nft_set_elems_iter *iter);
+
+#endif /* _LIBNFTNL_SET_H_ */
diff --git a/include/libnftnl/table.h b/include/libnftnl/table.h
new file mode 100644
index 0000000..22a8c1b
--- /dev/null
+++ b/include/libnftnl/table.h
@@ -0,0 +1,73 @@
+#ifndef _LIBNFTNL_TABLE_H_
+#define _LIBNFTNL_TABLE_H_
+
+#include <stdio.h>
+#include <stdint.h>
+#include <stdbool.h>
+#include <sys/types.h>
+
+#include <libnftnl/common.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct nft_table;
+
+struct nft_table *nft_table_alloc(void);
+void nft_table_free(struct nft_table *);
+
+enum {
+ NFT_TABLE_ATTR_NAME = 0,
+ NFT_TABLE_ATTR_FAMILY,
+ NFT_TABLE_ATTR_FLAGS,
+};
+
+bool nft_table_attr_is_set(const struct nft_table *t, uint16_t attr);
+void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
+void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
+const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
+
+void nft_table_attr_set_u8(struct nft_table *t, uint16_t attr, uint8_t data);
+void nft_table_attr_set_u32(struct nft_table *t, uint16_t attr, uint32_t data);
+void nft_table_attr_set_str(struct nft_table *t, uint16_t attr, const char *str);
+uint8_t nft_table_attr_get_u8(struct nft_table *t, uint16_t attr);
+uint32_t nft_table_attr_get_u32(struct nft_table *t, uint16_t attr);
+const char *nft_table_attr_get_str(struct nft_table *t, uint16_t attr);
+
+struct nlmsghdr;
+
+void nft_table_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_table *t);
+
+int nft_table_parse(struct nft_table *t, enum nft_parse_type type,
+ const char *data, struct nft_parse_err *err);
+int nft_table_parse_file(struct nft_table *t, enum nft_parse_type type,
+ FILE *fp, struct nft_parse_err *err);
+int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, uint32_t type, uint32_t flags);
+int nft_table_fprintf(FILE *fp, struct nft_table *t, uint32_t type, uint32_t flags);
+
+#define nft_table_nlmsg_build_hdr nft_nlmsg_build_hdr
+int nft_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_table *t);
+
+struct nft_table_list;
+
+struct nft_table_list *nft_table_list_alloc(void);
+void nft_table_list_free(struct nft_table_list *list);
+int nft_table_list_is_empty(struct nft_table_list *list);
+int nft_table_list_foreach(struct nft_table_list *table_list, int (*cb)(struct nft_table *t, void *data), void *data);
+
+void nft_table_list_add(struct nft_table *r, struct nft_table_list *list);
+void nft_table_list_add_tail(struct nft_table *r, struct nft_table_list *list);
+void nft_table_list_del(struct nft_table *r);
+
+struct nft_table_list_iter;
+
+struct nft_table_list_iter *nft_table_list_iter_create(struct nft_table_list *l);
+struct nft_table *nft_table_list_iter_next(struct nft_table_list_iter *iter);
+void nft_table_list_iter_destroy(struct nft_table_list_iter *iter);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* _LIBNFTNL_TABLE_H_ */