nft: load tables and chains based on /etc/xtables.conf

If /etc/xtables.conf is available, use the configuration there to autoload the xtables built-in table and chain so you can define custom configurations. Otherwise, rely on default common table/chain configuration. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-03-10 16:04:39 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-30 23:50:27 +0100
commit: 8b9ea2e3f8d685a6b940691cabf5e82c96254747 (patch)
tree: 8e8d56ac5edebbf1f3dec6393abb5198a7501bfc /iptables/nft.h
parent: c924c0cd07440aa9ce7465e2ba68fb266f07d7c3 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index d2a9b928..8d5881d6 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -84,4 +84,20 @@ const char *nft_strerror(int err);
 /* For xtables.c */
 int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table);
 
+/*
+ * Parse config for tables and chain helper functions
+ */
+#define XTABLES_CONFIG_DEFAULT  "/etc/xtables.conf"
+
+struct nft_table_list;
+struct nft_chain_list;
+
+extern int xtables_config_parse(const char *filename, struct nft_table_list *table_list, struct nft_chain_list *chain_list);
+
+enum {
+	NFT_LOAD_VERBOSE = (1 << 0),
+};
+
+int nft_xtables_config_load(struct nft_handle *h, const char *filename, uint32_t flags);
+
 #endif
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-03-10 16:04:39 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-30 23:50:27 +0100
commit	8b9ea2e3f8d685a6b940691cabf5e82c96254747 (patch)
tree	8e8d56ac5edebbf1f3dec6393abb5198a7501bfc /iptables/nft.h
parent	c924c0cd07440aa9ce7465e2ba68fb266f07d7c3 (diff)