summaryrefslogtreecommitdiffstats
path: root/iptables/nft.h
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2013-09-18 16:54:15 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-12-30 23:50:47 +0100
commitb756cf08d6eff885d808504c674bd7eb5ebabfbb (patch)
tree1911717016f3bf955d206c78ebd8e1250f42ddc8 /iptables/nft.h
parentc6836c19592dbe1a8be9b0ad76c0ae09abcb82e7 (diff)
nft: consolidate nft_rule_* functions to support ARP
This should help to avoid code duplication to support ARP. As a result, we have a common generic infrastructure for IPv4, IPv6 and ARP. This patch removes nft_arp_rule_append and nft_arp_rule_insert, which were very similar to their original nft_rule_append and nft_rule_insert. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/nft.h')
-rw-r--r--iptables/nft.h11
1 files changed, 6 insertions, 5 deletions
diff --git a/iptables/nft.h b/iptables/nft.h
index 8ddde48d..50971e86 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -81,17 +81,18 @@ int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char
*/
struct nft_rule;
-int nft_rule_append(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, uint64_t handle, bool verbose);
-int nft_rule_insert(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, int rulenum, bool verbose);
-int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
-int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
+int nft_rule_append(struct nft_handle *h, const char *chain, const char *table, void *data, uint64_t handle, bool verbose);
+int nft_rule_insert(struct nft_handle *h, const char *chain, const char *table, void *data, int rulenum, bool verbose);
+int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, void *data, bool verbose);
+int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, void *data, bool verbose);
int nft_rule_delete_num(struct nft_handle *h, const char *chain, const char *table, int rulenum, bool verbose);
-int nft_rule_replace(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, int rulenum, bool verbose);
+int nft_rule_replace(struct nft_handle *h, const char *chain, const char *table, void *data, int rulenum, bool verbose);
int nft_rule_list(struct nft_handle *h, const char *chain, const char *table, int rulenum, unsigned int format);
int nft_rule_list_save(struct nft_handle *h, const char *chain, const char *table, int rulenum, int counters);
int nft_rule_save(struct nft_handle *h, const char *table, bool counters);
int nft_rule_flush(struct nft_handle *h, const char *chain, const char *table);
int nft_rule_zero_counters(struct nft_handle *h, const char *chain, const char *table, int rulenum);
+
struct nft_rule_list *nft_rule_list_create(struct nft_handle *h);
void nft_rule_list_destroy(struct nft_rule_list *list);