diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-06-25 22:30:42 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@netfilter.org> | 2021-06-26 23:07:35 +0200 |
commit | 325af556cd3a6d1636c0cd355b494c87f58397e0 (patch) | |
tree | 1c433f1f08d467074908e8edf132d2a940a66bef /include/libipset | |
parent | ff7f000ef2dbe81444a4e204dbab9a2177c35e21 (diff) |
add ipset to nftables translation infrastructure
This patch provides the ipset-translate utility which allows you to
translate your existing ipset file to nftables.
The ipset-translate utility is actually a symlink to ipset, which checks
for 'argv[0] == ipset-translate' to exercise the translation path.
You can translate your ipset file through:
ipset-translate restore < sets.ipt
This patch reuses the existing parser and API to represent the sets and
the elements.
There is a new ipset_xlate_set dummy object that allows to store a
created set to fetch the type without interactions with the kernel.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
Diffstat (limited to 'include/libipset')
-rw-r--r-- | include/libipset/Makefile.am | 3 | ||||
-rw-r--r-- | include/libipset/xlate.h | 6 |
2 files changed, 8 insertions, 1 deletions
diff --git a/include/libipset/Makefile.am b/include/libipset/Makefile.am index c7f7b2b..2c04029 100644 --- a/include/libipset/Makefile.am +++ b/include/libipset/Makefile.am @@ -17,6 +17,7 @@ pkginclude_HEADERS = \ transport.h \ types.h \ ipset.h \ - utils.h + utils.h \ + xlate.h EXTRA_DIST = debug.h icmp.h icmpv6.h diff --git a/include/libipset/xlate.h b/include/libipset/xlate.h new file mode 100644 index 0000000..6569768 --- /dev/null +++ b/include/libipset/xlate.h @@ -0,0 +1,6 @@ +#ifndef LIBIPSET_XLATE_H +#define LIBIPSET_XLATE_H + +int ipset_xlate_argv(struct ipset *ipset, int argc, char *argv[]); + +#endif |