diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-11-27 23:34:53 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-03 14:21:53 +0100 |
commit | 4d38878b39be44ea3d6a146a7dd678c269a9804a (patch) | |
tree | 9eb1a2feeb21d5772c965dd49088a330e19db294 /src/rule.c | |
parent | 4756d92e517ae1f7d662c0ed083b54d8dc822e4a (diff) |
src: add/create/delete stateful objects
This patch allows you to add and to delete objects, eg.
# nft add quota filter test 1234567 bytes
# nft list quotas
table ip filter {
quota test {
1234567 bytes
}
}
# nft delete quota filter test
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r-- | src/rule.c | 21 |
1 files changed, 21 insertions, 0 deletions
@@ -44,6 +44,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->chain = xstrdup(src->chain); if (dst->set == NULL && src->set != NULL) dst->set = xstrdup(src->set); + if (dst->obj == NULL && src->obj != NULL) + dst->obj = xstrdup(src->obj); if (dst->handle.id == 0) dst->handle = src->handle; if (dst->position.id == 0) @@ -875,6 +877,10 @@ void cmd_free(struct cmd *cmd) case CMD_OBJ_EXPORT: export_free(cmd->export); break; + case CMD_OBJ_COUNTER: + case CMD_OBJ_QUOTA: + obj_free(cmd->object); + break; default: BUG("invalid command object type %u\n", cmd->obj); } @@ -940,6 +946,7 @@ static int do_add_table(struct netlink_ctx *ctx, const struct handle *h, bool excl) { struct chain *chain; + struct obj *obj; struct set *set; if (netlink_add_table(ctx, h, loc, table, excl) < 0) @@ -951,6 +958,11 @@ static int do_add_table(struct netlink_ctx *ctx, const struct handle *h, excl) < 0) return -1; } + list_for_each_entry(obj, &table->objs, list) { + handle_merge(&obj->handle, &table->handle); + if (netlink_add_obj(ctx, &obj->handle, obj, excl) < 0) + return -1; + } list_for_each_entry(set, &table->sets, list) { handle_merge(&set->handle, &table->handle); if (do_add_set(ctx, &set->handle, set, excl) < 0) @@ -980,6 +992,9 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) return do_add_set(ctx, &cmd->handle, cmd->set, excl); case CMD_OBJ_SETELEM: return do_add_setelems(ctx, &cmd->handle, cmd->expr, excl); + case CMD_OBJ_COUNTER: + case CMD_OBJ_QUOTA: + return netlink_add_obj(ctx, &cmd->handle, cmd->object, excl); default: BUG("invalid command object type %u\n", cmd->obj); } @@ -1043,6 +1058,12 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd) return netlink_delete_set(ctx, &cmd->handle, &cmd->location); case CMD_OBJ_SETELEM: return do_delete_setelems(ctx, &cmd->handle, cmd->expr); + case CMD_OBJ_COUNTER: + return netlink_delete_obj(ctx, &cmd->handle, &cmd->location, + NFT_OBJECT_COUNTER); + case CMD_OBJ_QUOTA: + return netlink_delete_obj(ctx, &cmd->handle, &cmd->location, + NFT_OBJECT_QUOTA); default: BUG("invalid command object type %u\n", cmd->obj); } |