diff options
author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2013-10-01 00:33:18 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-10-01 11:22:06 +0200 |
commit | 656141197153f22d8b4fd0920abbe8f455ca558f (patch) | |
tree | d03a7e173c4137e8d1395822e64ec73cfe5df327 /include | |
parent | 7834cbfd827474d31437218b866e13c6e72436c6 (diff) |
src: add low-level ruleset API
This patch adds a low level ruleset API for libnftables.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/libnftables/Makefile.am | 3 | ||||
-rw-r--r-- | include/libnftables/ruleset.h | 45 |
2 files changed, 47 insertions, 1 deletions
diff --git a/include/libnftables/Makefile.am b/include/libnftables/Makefile.am index b052992..e243f32 100644 --- a/include/libnftables/Makefile.am +++ b/include/libnftables/Makefile.am @@ -2,4 +2,5 @@ pkginclude_HEADERS = table.h \ chain.h \ rule.h \ expr.h \ - set.h + set.h \ + ruleset.h diff --git a/include/libnftables/ruleset.h b/include/libnftables/ruleset.h new file mode 100644 index 0000000..a4a1279 --- /dev/null +++ b/include/libnftables/ruleset.h @@ -0,0 +1,45 @@ +#ifndef _RULESET_H_ +#define _RULESET_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +struct nft_ruleset; + +struct nft_ruleset *nft_ruleset_alloc(void); +void nft_ruleset_free(struct nft_ruleset *r); + +enum { + NFT_RULESET_ATTR_TABLELIST = 0, + NFT_RULESET_ATTR_CHAINLIST, + NFT_RULESET_ATTR_SETLIST, + NFT_RULESET_ATTR_RULELIST, +}; + +bool nft_ruleset_attr_is_set(const struct nft_ruleset *r, uint16_t attr); +void nft_ruleset_attr_unset(struct nft_ruleset *r, uint16_t attr); +void nft_ruleset_attr_set(struct nft_ruleset *r, uint16_t attr, void *data); +const void *nft_ruleset_attr_get(const struct nft_ruleset *r, uint16_t attr); + +enum { + NFT_RULESET_O_DEFAULT = 0, + NFT_RULESET_O_XML, + NFT_RULESET_O_JSON, +}; + +enum nft_ruleset_parse_type { + NFT_RULESET_PARSE_NONE = 0, + NFT_RULESET_PARSE_XML, + NFT_RULESET_PARSE_JSON, + NFT_RULESET_PARSE_MAX, +}; + +int nft_ruleset_parse(struct nft_ruleset *rs, enum nft_ruleset_parse_type type, const char *data); +int nft_ruleset_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, uint32_t type, uint32_t flags); + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* _RULESET_H_ */ |