summaryrefslogtreecommitdiffstats
path: root/include/nftables.h
blob: 97a0436693cfa6838801ed86e9936d6f849bf4d7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#ifndef NFTABLES_NFTABLES_H
#define NFTABLES_NFTABLES_H

#include <stdbool.h>
#include <stdarg.h>
#include <utils.h>
#include <nftables/nftables.h>

struct output_ctx {
	unsigned int numeric;
	unsigned int stateless;
	unsigned int ip2name;
	unsigned int handle;
	unsigned int echo;
	FILE *output_fp;
};

struct nft_cache {
	bool			initialized;
	struct list_head	list;
	uint32_t		seqnum;
};

struct mnl_socket;

struct nft_ctx {
	struct mnl_socket	*nf_sock;
	char			**include_paths;
	unsigned int		num_include_paths;
	unsigned int		parser_max_errors;
	unsigned int		debug_mask;
	struct output_ctx	output;
	bool			check;
	struct nft_cache	cache;
	uint32_t		flags;
};

struct input_descriptor;
struct location {
	const struct input_descriptor		*indesc;
	union {
		struct {
			off_t			token_offset;
			off_t			line_offset;

			unsigned int		first_line;
			unsigned int		last_line;
			unsigned int		first_column;
			unsigned int		last_column;
		};
		struct {
			const void		*nle;
		};
	};
};

extern const struct location internal_location;

/**
 * enum input_descriptor_types
 *
 * @INDESC_INVALID:	invalid
 * @INDESC_INTERNAL:	dummy type for internally generated messages
 * @INDESC_BUFFER:	buffer (command line arguments)
 * @INDESC_FILE:	file
 * @INDESC_CLI:		command line interface
 * @INDESC_NETLINK:	received from netlink
 */
enum input_descriptor_types {
	INDESC_INVALID,
	INDESC_INTERNAL,
	INDESC_BUFFER,
	INDESC_FILE,
	INDESC_CLI,
	INDESC_NETLINK,
};

/**
 * struct input_descriptor
 *
 * @location:		location, used for include statements
 * @type:		input descriptor type
 * @name:		name describing the input
 * @union:		buffer or file descriptor, depending on type
 * @lineno:		current line number in the input
 * @column:		current column in the input
 * @token_offset:	offset of the current token to the beginning
 * @line_offset:	offset of the current line to the beginning
 */
struct input_descriptor {
	struct location			location;
	enum input_descriptor_types	type;
	const char			*name;
	union {
		const char		*data;
		FILE			*fp;
	};
	unsigned int			lineno;
	unsigned int			column;
	off_t				token_offset;
	off_t				line_offset;
};

void ct_label_table_init(void);
void mark_table_init(void);
void gmp_init(void);
void realm_table_rt_init(void);
void devgroup_table_init(void);
void realm_table_meta_init(void);
void xt_init(void);

void ct_label_table_exit(void);
void mark_table_exit(void);
void realm_table_meta_exit(void);
void devgroup_table_exit(void);
void realm_table_rt_exit(void);

int nft_print(struct output_ctx *octx, const char *fmt, ...)
	__attribute__((format(printf, 2, 3)));
int nft_gmp_print(struct output_ctx *octx, const char *fmt, ...)
	__attribute__((format(printf, 2, 0)));

#endif /* NFTABLES_NFTABLES_H */