diff options
author | Carlos Falgueras García <carlosfg@riseup.net> | 2016-08-17 16:07:09 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-17 16:08:06 +0200 |
commit | e35693fd13de771e1e047ffa4f799f72f1446e8d (patch) | |
tree | 4727255558de280341f39a3514c996ab92654cc4 /src/expr/lookup.c | |
parent | 48a71a20420e307d0a1d8a89ac9fc7b46ec5a1ca (diff) |
src: Implement rule comparison
This patch implements the function:
bool nftnl_rule_cmp(const struct nftnl_rule *r1,
const struct nftnl_rule *r2)
for rule comparison.
Expressions within rules need to be compared, so also has been created the
function:
bool nftnl_expr_cmp(const struct nftnl_expr *e1,
const struct nftnl_expr *e2);
Also includes all expression comparators.
Signed-off-by: Carlos Falgueras García <carlosfg@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr/lookup.c')
-rw-r--r-- | src/expr/lookup.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/expr/lookup.c b/src/expr/lookup.c index 639470d..1377c0c 100644 --- a/src/expr/lookup.c +++ b/src/expr/lookup.c @@ -295,11 +295,33 @@ static void nftnl_expr_lookup_free(const struct nftnl_expr *e) xfree(lookup->set_name); } +static bool nftnl_expr_lookup_cmp(const struct nftnl_expr *e1, + const struct nftnl_expr *e2) +{ + struct nftnl_expr_lookup *l1 = nftnl_expr_data(e1); + struct nftnl_expr_lookup *l2 = nftnl_expr_data(e2); + bool eq = true; + + if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SREG)) + eq &= (l1->sreg == l2->sreg); + if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_DREG)) + eq &= (l1->dreg == l2->dreg); + if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SET)) + eq &= !strcmp(l1->set_name, l2->set_name); + if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_SET_ID)) + eq &= (l1->set_id == l2->set_id); + if (e1->flags & (1 << NFTNL_EXPR_LOOKUP_FLAGS)) + eq &= (l1->flags == l2->flags); + + return eq; +} + struct expr_ops expr_ops_lookup = { .name = "lookup", .alloc_len = sizeof(struct nftnl_expr_lookup), .max_attr = NFTA_LOOKUP_MAX, .free = nftnl_expr_lookup_free, + .cmp = nftnl_expr_lookup_cmp, .set = nftnl_expr_lookup_set, .get = nftnl_expr_lookup_get, .parse = nftnl_expr_lookup_parse, |