diff options
Diffstat (limited to 'examples')
28 files changed, 168 insertions, 145 deletions
diff --git a/examples/nft-chain-add.c b/examples/nft-chain-add.c index cde4c97..13be982 100644 --- a/examples/nft-chain-add.c +++ b/examples/nft-chain-add.c @@ -79,12 +79,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -99,9 +101,9 @@ int main(int argc, char *argv[]) mnl_nlmsg_batch_next(batch); chain_seq = seq; - nlh = nftnl_chain_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWCHAIN, family, - NLM_F_CREATE|NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWCHAIN, family, + NLM_F_CREATE | NLM_F_ACK, seq++); nftnl_chain_nlmsg_build_payload(nlh, t); nftnl_chain_free(t); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-chain-del.c b/examples/nft-chain-del.c index 9956009..3cd483e 100644 --- a/examples/nft-chain-del.c +++ b/examples/nft-chain-del.c @@ -56,12 +56,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -76,9 +78,8 @@ int main(int argc, char *argv[]) mnl_nlmsg_batch_next(batch); chain_seq = seq; - nlh = nftnl_chain_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELCHAIN, family, - NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELCHAIN, family, NLM_F_ACK, seq++); nftnl_chain_nlmsg_build_payload(nlh, t); nftnl_chain_free(t); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-chain-get.c b/examples/nft-chain-get.c index 4e3b3c1..612f58b 100644 --- a/examples/nft-chain-get.c +++ b/examples/nft-chain-get.c @@ -67,6 +67,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -74,7 +76,7 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } @@ -84,15 +86,15 @@ int main(int argc, char *argv[]) perror("OOM"); exit(EXIT_FAILURE); } - nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, - NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, + NLM_F_ACK, seq); nftnl_chain_set_str(t, NFTNL_CHAIN_TABLE, argv[2]); nftnl_chain_set_str(t, NFTNL_CHAIN_NAME, argv[3]); nftnl_chain_nlmsg_build_payload(nlh, t); nftnl_chain_free(t); } else if (argc >= 2) { - nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, + NLM_F_DUMP, seq); } nl = mnl_socket_open(NETLINK_NETFILTER); diff --git a/examples/nft-ct-timeout-add.c b/examples/nft-ct-timeout-add.c index 913290f..4c2052e 100644 --- a/examples/nft-ct-timeout-add.c +++ b/examples/nft-ct-timeout-add.c @@ -31,12 +31,14 @@ static struct nftnl_obj *obj_add_parse(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); return NULL; } diff --git a/examples/nft-flowtable-add.c b/examples/nft-flowtable-add.c index f42d206..f509f23 100644 --- a/examples/nft-flowtable-add.c +++ b/examples/nft-flowtable-add.c @@ -47,7 +47,6 @@ int main(int argc, char *argv[]) int ret, family; struct nftnl_flowtable *t; struct mnl_nlmsg_batch *batch; - int batching; if (argc != 6) { fprintf(stderr, "Usage: %s <family> <table> <name> <hook> <prio>\n", @@ -59,12 +58,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -72,32 +73,22 @@ int main(int argc, char *argv[]) if (t == NULL) exit(EXIT_FAILURE); - batching = nftnl_batch_is_supported(); - if (batching < 0) { - perror("cannot talk to nfnetlink"); - exit(EXIT_FAILURE); - } - seq = time(NULL); batch = mnl_nlmsg_batch_start(buf, sizeof(buf)); - if (batching) { - nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); - mnl_nlmsg_batch_next(batch); - } + nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); + mnl_nlmsg_batch_next(batch); flowtable_seq = seq; - nlh = nftnl_flowtable_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWFLOWTABLE, family, - NLM_F_CREATE|NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWFLOWTABLE, family, + NLM_F_CREATE | NLM_F_ACK, seq++); nftnl_flowtable_nlmsg_build_payload(nlh, t); nftnl_flowtable_free(t); mnl_nlmsg_batch_next(batch); - if (batching) { - nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++); - mnl_nlmsg_batch_next(batch); - } + nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++); + mnl_nlmsg_batch_next(batch); nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) { diff --git a/examples/nft-flowtable-del.c b/examples/nft-flowtable-del.c index 4866ea2..c5ce339 100644 --- a/examples/nft-flowtable-del.c +++ b/examples/nft-flowtable-del.c @@ -33,7 +33,7 @@ int main(int argc, char *argv[]) struct nlmsghdr *nlh; uint32_t portid, seq, flowtable_seq; struct nftnl_flowtable *t; - int ret, family, batching; + int ret, family; if (argc != 4) { fprintf(stderr, "Usage: %s <family> <table> <flowtable>\n", @@ -45,12 +45,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -58,32 +60,22 @@ int main(int argc, char *argv[]) if (t == NULL) exit(EXIT_FAILURE); - batching = nftnl_batch_is_supported(); - if (batching < 0) { - perror("cannot talk to nfnetlink"); - exit(EXIT_FAILURE); - } - seq = time(NULL); batch = mnl_nlmsg_batch_start(buf, sizeof(buf)); - if (batching) { - nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); - mnl_nlmsg_batch_next(batch); - } + nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); + mnl_nlmsg_batch_next(batch); flowtable_seq = seq; - nlh = nftnl_flowtable_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELFLOWTABLE, family, - NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELFLOWTABLE, family, + NLM_F_ACK, seq++); nftnl_flowtable_nlmsg_build_payload(nlh, t); nftnl_flowtable_free(t); mnl_nlmsg_batch_next(batch); - if (batching) { - nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++); - mnl_nlmsg_batch_next(batch); - } + nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++); + mnl_nlmsg_batch_next(batch); nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) { diff --git a/examples/nft-flowtable-get.c b/examples/nft-flowtable-get.c index 0d92fff..1d10cc8 100644 --- a/examples/nft-flowtable-get.c +++ b/examples/nft-flowtable-get.c @@ -56,6 +56,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -63,7 +65,7 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } @@ -73,15 +75,15 @@ int main(int argc, char *argv[]) perror("OOM"); exit(EXIT_FAILURE); } - nlh = nftnl_flowtable_nlmsg_build_hdr(buf, NFT_MSG_GETFLOWTABLE, family, - NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETFLOWTABLE, family, + NLM_F_ACK, seq); nftnl_flowtable_set_str(t, NFTNL_FLOWTABLE_TABLE, argv[2]); nftnl_flowtable_set_str(t, NFTNL_FLOWTABLE_NAME, argv[3]); nftnl_flowtable_nlmsg_build_payload(nlh, t); nftnl_flowtable_free(t); } else if (argc >= 2) { - nlh = nftnl_flowtable_nlmsg_build_hdr(buf, NFT_MSG_GETFLOWTABLE, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETFLOWTABLE, family, + NLM_F_DUMP, seq); } nl = mnl_socket_open(NETLINK_NETFILTER); diff --git a/examples/nft-map-add.c b/examples/nft-map-add.c index d87d841..e5ce664 100644 --- a/examples/nft-map-add.c +++ b/examples/nft-map-add.c @@ -74,6 +74,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -101,9 +103,9 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_set_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWSET, family, - NLM_F_CREATE|NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWSET, family, + NLM_F_CREATE | NLM_F_ACK, seq++); nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s); diff --git a/examples/nft-obj-add.c b/examples/nft-obj-add.c index 83941c4..f526b3c 100644 --- a/examples/nft-obj-add.c +++ b/examples/nft-obj-add.c @@ -27,12 +27,14 @@ static struct nftnl_obj *obj_add_parse(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); return NULL; } diff --git a/examples/nft-obj-del.c b/examples/nft-obj-del.c index 0aa63c0..ae4f703 100644 --- a/examples/nft-obj-del.c +++ b/examples/nft-obj-del.c @@ -29,12 +29,14 @@ static struct nftnl_obj *obj_del_parse(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); return NULL; } diff --git a/examples/nft-obj-get.c b/examples/nft-obj-get.c index 87be3b4..e560ed0 100644 --- a/examples/nft-obj-get.c +++ b/examples/nft-obj-get.c @@ -65,6 +65,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -72,7 +74,7 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } diff --git a/examples/nft-rule-add.c b/examples/nft-rule-add.c index 9780515..7d13b92 100644 --- a/examples/nft-rule-add.c +++ b/examples/nft-rule-add.c @@ -137,8 +137,10 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else { - fprintf(stderr, "Unknown family: ip, ip6\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet\n"); exit(EXIT_FAILURE); } @@ -163,11 +165,11 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWRULE, - nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), - NLM_F_APPEND|NLM_F_CREATE|NLM_F_ACK, seq++); - + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWRULE, + nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), + NLM_F_APPEND | NLM_F_CREATE | NLM_F_ACK, + seq++); nftnl_rule_nlmsg_build_payload(nlh, r); nftnl_rule_free(r); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-rule-ct-expectation-add.c b/examples/nft-rule-ct-expectation-add.c index 2012b3c..07c8306 100644 --- a/examples/nft-rule-ct-expectation-add.c +++ b/examples/nft-rule-ct-expectation-add.c @@ -123,12 +123,11 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWRULE, - nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), - NLM_F_APPEND|NLM_F_CREATE|NLM_F_ACK, - seq++); - + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWRULE, + nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), + NLM_F_APPEND | NLM_F_CREATE | NLM_F_ACK, + seq++); nftnl_rule_nlmsg_build_payload(nlh, r); nftnl_rule_free(r); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-rule-ct-helper-add.c b/examples/nft-rule-ct-helper-add.c index 632cc5c..594e6ba 100644 --- a/examples/nft-rule-ct-helper-add.c +++ b/examples/nft-rule-ct-helper-add.c @@ -89,8 +89,10 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else { - fprintf(stderr, "Unknown family: ip, ip6\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet\n"); exit(EXIT_FAILURE); } @@ -115,11 +117,11 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWRULE, - nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), - NLM_F_APPEND|NLM_F_CREATE|NLM_F_ACK, seq++); - + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWRULE, + nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), + NLM_F_APPEND | NLM_F_CREATE | NLM_F_ACK, + seq++); nftnl_rule_nlmsg_build_payload(nlh, r); nftnl_rule_free(r); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-rule-ct-timeout-add.c b/examples/nft-rule-ct-timeout-add.c index d3f843e..0953cb4 100644 --- a/examples/nft-rule-ct-timeout-add.c +++ b/examples/nft-rule-ct-timeout-add.c @@ -89,8 +89,10 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else { - fprintf(stderr, "Unknown family: ip, ip6\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet\n"); exit(EXIT_FAILURE); } @@ -115,11 +117,11 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWRULE, - nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), - NLM_F_APPEND|NLM_F_CREATE|NLM_F_ACK, seq++); - + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWRULE, + nftnl_rule_get_u32(r, NFTNL_RULE_FAMILY), + NLM_F_APPEND | NLM_F_CREATE | NLM_F_ACK, + seq++); nftnl_rule_nlmsg_build_payload(nlh, r); nftnl_rule_free(r); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-rule-del.c b/examples/nft-rule-del.c index fee3011..cb085ff 100644 --- a/examples/nft-rule-del.c +++ b/examples/nft-rule-del.c @@ -48,12 +48,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -70,11 +72,8 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELRULE, - family, - NLM_F_ACK, seq++); - + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELRULE, family, NLM_F_ACK, seq++); nftnl_rule_nlmsg_build_payload(nlh, r); nftnl_rule_free(r); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-rule-get.c b/examples/nft-rule-get.c index 8a980ef..8da5b59 100644 --- a/examples/nft-rule-get.c +++ b/examples/nft-rule-get.c @@ -91,6 +91,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -98,7 +100,7 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } @@ -109,8 +111,8 @@ int main(int argc, char *argv[]) } seq = time(NULL); - nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family, + NLM_F_DUMP, seq); r = setup_rule(family, table, chain, NULL); if (!r) { diff --git a/examples/nft-ruleset-get.c b/examples/nft-ruleset-get.c index 7098437..34ebe1f 100644 --- a/examples/nft-ruleset-get.c +++ b/examples/nft-ruleset-get.c @@ -5,9 +5,9 @@ * * Copyright (c) 2013 Pablo Neira Ayuso <pablo@netfilter.org> * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * */ @@ -97,8 +97,8 @@ static struct nftnl_rule_list *mnl_rule_dump(struct mnl_socket *nf_sock, if (nlr_list == NULL) memory_allocation_error(); - nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETRULE, family, + NLM_F_DUMP, seq); ret = mnl_talk(nf_sock, nlh, nlh->nlmsg_len, rule_cb, nlr_list); if (ret < 0) @@ -145,8 +145,8 @@ static struct nftnl_chain_list *mnl_chain_dump(struct mnl_socket *nf_sock, if (nlc_list == NULL) memory_allocation_error(); - nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, family, + NLM_F_DUMP, seq); ret = mnl_talk(nf_sock, nlh, nlh->nlmsg_len, chain_cb, nlc_list); if (ret < 0) @@ -193,8 +193,8 @@ static struct nftnl_table_list *mnl_table_dump(struct mnl_socket *nf_sock, if (nlt_list == NULL) memory_allocation_error(); - nlh = nftnl_table_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, + NLM_F_DUMP, seq); ret = mnl_talk(nf_sock, nlh, nlh->nlmsg_len, table_cb, nlt_list); if (ret < 0) @@ -221,8 +221,8 @@ static int mnl_setelem_get(struct mnl_socket *nf_sock, struct nftnl_set *nls) struct nlmsghdr *nlh; uint32_t family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY); - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSETELEM, family, - NLM_F_DUMP|NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSETELEM, family, + NLM_F_DUMP | NLM_F_ACK, seq); nftnl_set_nlmsg_build_payload(nlh, nls); return mnl_talk(nf_sock, nlh, nlh->nlmsg_len, set_elem_cb, nls); @@ -266,8 +266,8 @@ mnl_set_dump(struct mnl_socket *nf_sock, int family) if (s == NULL) memory_allocation_error(); - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, - NLM_F_DUMP|NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, + NLM_F_DUMP | NLM_F_ACK, seq); nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s); diff --git a/examples/nft-set-add.c b/examples/nft-set-add.c index d8e3e4e..109e33a 100644 --- a/examples/nft-set-add.c +++ b/examples/nft-set-add.c @@ -70,12 +70,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -97,9 +99,9 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_set_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWSET, family, - NLM_F_CREATE|NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWSET, family, + NLM_F_CREATE | NLM_F_ACK, seq++); nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s); diff --git a/examples/nft-set-del.c b/examples/nft-set-del.c index 7f20e21..5e8dea9 100644 --- a/examples/nft-set-del.c +++ b/examples/nft-set-del.c @@ -46,12 +46,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -60,9 +62,8 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_set_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELSET, family, - NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELSET, family, NLM_F_ACK, seq); nftnl_set_set_str(t, NFTNL_SET_TABLE, argv[2]); nftnl_set_set_str(t, NFTNL_SET_NAME, argv[3]); diff --git a/examples/nft-set-elem-add.c b/examples/nft-set-elem-add.c index 438966f..4b8b37c 100644 --- a/examples/nft-set-elem-add.c +++ b/examples/nft-set-elem-add.c @@ -48,12 +48,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } diff --git a/examples/nft-set-elem-del.c b/examples/nft-set-elem-del.c index 157fbcf..1e6c90d 100644 --- a/examples/nft-set-elem-del.c +++ b/examples/nft-set-elem-del.c @@ -48,12 +48,14 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } @@ -85,9 +87,8 @@ int main(int argc, char *argv[]) nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); - nlh = nftnl_set_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELSETELEM, family, - NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELSETELEM, family, NLM_F_ACK, seq); nftnl_set_elems_nlmsg_build_payload(nlh, s); nftnl_set_free(s); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-set-elem-get.c b/examples/nft-set-elem-get.c index 778e40f..7f99a60 100644 --- a/examples/nft-set-elem-get.c +++ b/examples/nft-set-elem-get.c @@ -70,17 +70,19 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); exit(EXIT_FAILURE); } - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSETELEM, family, - NLM_F_DUMP|NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSETELEM, family, + NLM_F_DUMP | NLM_F_ACK, seq); nftnl_set_set_str(t, NFTNL_SET_NAME, argv[3]); nftnl_set_set_str(t, NFTNL_SET_TABLE, argv[2]); nftnl_set_elems_nlmsg_build_payload(nlh, t); diff --git a/examples/nft-set-get.c b/examples/nft-set-get.c index bb33674..48a0699 100644 --- a/examples/nft-set-get.c +++ b/examples/nft-set-get.c @@ -70,6 +70,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -77,12 +79,12 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, - NLM_F_DUMP|NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETSET, family, + NLM_F_DUMP | NLM_F_ACK, seq); /* Use this below if you want to obtain sets per table */ /* nftnl_set_set(t, NFT_SET_TABLE, argv[2]); */ nftnl_set_nlmsg_build_payload(nlh, t); diff --git a/examples/nft-table-add.c b/examples/nft-table-add.c index 4418a51..3d54e0e 100644 --- a/examples/nft-table-add.c +++ b/examples/nft-table-add.c @@ -29,12 +29,14 @@ static struct nftnl_table *table_add_parse(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); return NULL; } @@ -77,9 +79,9 @@ int main(int argc, char *argv[]) table_seq = seq; family = nftnl_table_get_u32(t, NFTNL_TABLE_FAMILY); - nlh = nftnl_table_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWTABLE, family, - NLM_F_CREATE|NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWTABLE, family, + NLM_F_CREATE | NLM_F_ACK, seq++); nftnl_table_nlmsg_build_payload(nlh, t); nftnl_table_free(t); mnl_nlmsg_batch_next(batch); diff --git a/examples/nft-table-del.c b/examples/nft-table-del.c index aa1827d..44f0b1f 100644 --- a/examples/nft-table-del.c +++ b/examples/nft-table-del.c @@ -29,12 +29,14 @@ static struct nftnl_table *table_del_parse(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) family = NFPROTO_ARP; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp\n"); return NULL; } @@ -77,9 +79,9 @@ int main(int argc, char *argv[]) table_seq = seq; family = nftnl_table_get_u32(t, NFTNL_TABLE_FAMILY); - nlh = nftnl_table_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_DELTABLE, family, - NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_DELTABLE, family, + NLM_F_ACK, seq++); nftnl_table_nlmsg_build_payload(nlh, t); mnl_nlmsg_batch_next(batch); nftnl_table_free(t); diff --git a/examples/nft-table-get.c b/examples/nft-table-get.c index c0c8454..58eca9c 100644 --- a/examples/nft-table-get.c +++ b/examples/nft-table-get.c @@ -65,6 +65,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -72,7 +74,7 @@ int main(int argc, char *argv[]) else if (strcmp(argv[1], "unspec") == 0) family = NFPROTO_UNSPEC; else { - fprintf(stderr, "Unknown family: ip, ip6, bridge, arp, unspec\n"); + fprintf(stderr, "Unknown family: ip, ip6, inet, bridge, arp, unspec\n"); exit(EXIT_FAILURE); } @@ -86,11 +88,11 @@ int main(int argc, char *argv[]) seq = time(NULL); if (t == NULL) { - nlh = nftnl_table_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, - NLM_F_DUMP, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, + NLM_F_DUMP, seq); } else { - nlh = nftnl_table_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, - NLM_F_ACK, seq); + nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETTABLE, family, + NLM_F_ACK, seq); nftnl_table_set_str(t, NFTNL_TABLE_NAME, argv[2]); nftnl_table_nlmsg_build_payload(nlh, t); nftnl_table_free(t); diff --git a/examples/nft-table-upd.c b/examples/nft-table-upd.c index 1c7f9b3..7346636 100644 --- a/examples/nft-table-upd.c +++ b/examples/nft-table-upd.c @@ -51,6 +51,8 @@ int main(int argc, char *argv[]) family = NFPROTO_IPV4; else if (strcmp(argv[1], "ip6") == 0) family = NFPROTO_IPV6; + else if (strcmp(argv[1], "inet") == 0) + family = NFPROTO_INET; else if (strcmp(argv[1], "bridge") == 0) family = NFPROTO_BRIDGE; else if (strcmp(argv[1], "arp") == 0) @@ -59,7 +61,7 @@ int main(int argc, char *argv[]) family = NFPROTO_NETDEV; else { fprintf(stderr, - "Unknown family: ip, ip6, bridge, arp, netdev\n"); + "Unknown family: ip, ip6, inet, bridge, arp, netdev\n"); exit(EXIT_FAILURE); } @@ -76,9 +78,8 @@ int main(int argc, char *argv[]) nftnl_table_set_u32(t, NFTNL_TABLE_FLAGS, flags); table_seq = seq; - nlh = nftnl_table_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), - NFT_MSG_NEWTABLE, family, - NLM_F_ACK, seq++); + nlh = nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), + NFT_MSG_NEWTABLE, family, NLM_F_ACK, seq++); nftnl_table_nlmsg_build_payload(nlh, t); nftnl_table_free(t); mnl_nlmsg_batch_next(batch); |