| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Merged the example for inserting rules and fixed for using
the correct header.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
The nft_mnl_batch_talk() is overly complicated for a simple example
that just adds one single rule. Simplify this to prepare the merge
of nft-rule-insert, which looks very similar.
|
|
|
|
|
|
| |
We plan to use this library name for the higher layer library.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch reworks the existing example to add the rule:
nft add rule ip filter input tcp dport 22 counter
It uses the existing nfnl batching approach using the generic mnl
netlink message batching infrastructure. It also removed the code
that uses xtables compat code.
Based on original patch by Arturo Borrero Gonzalez.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
| |
While at it, convert all examples to use NFPROTO_*.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
CC nft-rule-add.o
nft-rule-add.c:105:13: warning: ‘add_payload’ defined but not used [-Wunused-function]
Reported-by: Eric Leblond <eric@regit.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
| |
Reported-by: Eric Leblond <eric@regit.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
| |
Missing NLM_F_CREATE, otherwise the automatic handle allocation
returns -EINVAL.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
It adds support for table, chain and rule handling.
This also includes expression handling for each rule.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|