From cf95f347e52ca8badc6a7149045d9c09f4fa666d Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Fri, 19 Jul 2013 18:42:30 +0200
Subject: xtables: add -I chain rulenum

This patch adds the nft_rule_insert function, which allows
us to insert rules at a given position.

The function nft_rule_add has been renamed to nft_rule_append.

This is possible thanks to Eric Leblond's (netfilter: nf_tables:
add insert operation) kernel patch.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/nft.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'iptables/nft.h')

diff --git a/iptables/nft.h b/iptables/nft.h
index a6476714..7a6351b7 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -49,7 +49,8 @@ int nft_chain_zero_counters(struct nft_handle *h, const char *chain, const char
  */
 struct nft_rule;
 
-int nft_rule_add(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool append, uint64_t handle, bool verbose);
+int nft_rule_append(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, uint64_t handle, bool verbose);
+int nft_rule_insert(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, int rulenum, bool verbose);
 int nft_rule_check(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
 int nft_rule_delete(struct nft_handle *h, const char *chain, const char *table, struct iptables_command_state *cmd, bool verbose);
 int nft_rule_delete_num(struct nft_handle *h, const char *chain, const char *table, int rulenum, bool verbose);
-- 
cgit v1.2.3