summaryrefslogtreecommitdiffstats
path: root/src/libnftables.map
Commit message (Collapse)AuthorAgeFilesLines
* expr: add nft_rule_expr_get_u16 and nft_rule_expr_set_u16Pablo Neira Ayuso2013-08-171-0/+2
| | | | | | Now required since log has two u16 fields. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: add XML parsingArturo Borrero2013-07-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sets are now parsed, following this previous snprintf pattern: <set> <set_name>string</set_name> <set_table>table</set_table> <set_xml_version>int</set_xml_version> <set_flags>uint32_t</set_flags> <key_type>uint32_t</key_type> <key_len>size_t</key_len> <data_type>uint32_t</data_type> <data_len>size_t</data_len> <set_elem> <set_elem_flags>uint32_t</set_elem_flags> <set_elem_key> <data_reg type="value"> <len></len> <dataN></dataN> </data_reg> </set_elem_key> <set_elem_data> <data_reg type="xx"> [...] </data_reg> </set_elem_data> </set_elem> </set> Signed-off-by: Arturo Borrero González <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add nft_*_list_add_tailPablo Neira Ayuso2013-07-161-0/+4
| | | | | | | This redefines the meaning of nft_*_list_add to prepend, before this patch it was appending, which was semantically wrong. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add nft_*_list_is_empty() functionsArturo Borrero2013-07-151-0/+4
| | | | | | | | | This functions check if a given nft_*_list is empty or not. I found this quite useful while working with a full ruleset. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: add nft_rule_expr_snprintfPablo Neira Ayuso2013-06-191-0/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add nft_*_attr_is_setPablo Neira Ayuso2013-06-171-0/+6
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add nft_*_list_foreachPablo Neira Ayuso2013-06-171-0/+8
| | | | | | This patch adds a simplied iterator interface. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add nft_*_unset functionsArturo Borrero Gonzalez2013-06-071-0/+5
| | | | | | | | These functions unset the given attribute in each object and release the data if needed. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: add support for XML parsingArturo Borrero Gonzalez2013-05-231-0/+3
| | | | | | | | | | | | | | | | | | | This patch adds capabilities for parsing a XML table/chain/rule. Some comments: * The XML data is case sensitive (so <chain>asd</chain> != <chain>ASD</chain> != <CHAIN>asd</CHAIN>) * All exported functions receive XML and return an object (table|chain|rule). * To compile the lib with XML parsing support, run './configure --with-xml-parsing' * XML parsing is done with libmxml (http://minixml.org). XML parsing depends on this external lib, this dependency is optional at compile time. NOTE: expr/target and expr/match binary data are exported. [ Fixed to compile without --with-xml-parsing --pablo ] Signed-off-by: Arturo Borrero González <arturo.borrero.glez@gmail.com>
* map: fix missing nft_rule_expr_build_payload exportTomasz Bursztyka2013-05-161-0/+1
| | | | | | | Update .map file to include it, otherwise it's not exported. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* chain: add nft_chain_attr_set_strPablo Neira Ayuso2013-05-161-0/+1
| | | | | | And constify data passed to nft_chain_attr_set. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* table: add nft_table_attr_[set|table]_strPablo Neira Ayuso2013-05-161-0/+2
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: add support to add elements to setsPablo Neira Ayuso2013-02-051-0/+22
| | | | | | This patch includes iterators and several examples. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rule: add support for rule flagsPablo Neira Ayuso2013-01-231-0/+2
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* chain: add nft_chain_list_delPablo Neira Ayuso2013-01-201-0/+1
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rule: Add a function to get rule's familyTomasz Bursztyka2013-01-131-0/+1
| | | | | | Add nft_rule_attr_get_u8 to obtain the family number. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
* set: add initial supportPablo Neira Ayuso2012-12-241-0/+22
| | | | | | Add initial support for nf_tables native sets Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* table: add nft_table_attr_set_u32 and nft_table_attr_get_u32Pablo Neira Ayuso2012-11-111-0/+2
| | | | | | Useful to obtain recently added table flags. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rule: use 64-bits handle instead of 16-bitsPablo Neira Ayuso2012-11-031-2/+2
| | | | | | 5c4d30c nf_tables: use 64-bits rule handle instead of 16-bits Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* initial version of libnftablesPablo Neira Ayuso2012-10-111-0/+80
It adds support for table, chain and rule handling. This also includes expression handling for each rule. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>