diff options
author | Phil Sutter <phil@nwl.cc> | 2018-12-06 17:17:51 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-07 10:49:24 +0100 |
commit | e33798478176f97edf2649cd61444e0375fdc12b (patch) | |
tree | ad72ed00b2170dfdd8065de8e6b38de32f9c0d7e /include | |
parent | 7c5870bb59e5822a02bec262cebfb86e18680ad5 (diff) |
chain: Support per chain rules list
The implementation basically copies expr_list in struct nftnl_rule.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/internal.h | 1 | ||||
-rw-r--r-- | include/libnftnl/chain.h | 15 | ||||
-rw-r--r-- | include/rule.h | 26 |
3 files changed, 42 insertions, 0 deletions
diff --git a/include/internal.h b/include/internal.h index b762a4a..a61b725 100644 --- a/include/internal.h +++ b/include/internal.h @@ -12,5 +12,6 @@ #include "expr.h" #include "expr_ops.h" #include "buffer.h" +#include "rule.h" #endif /* _LIBNFTNL_INTERNAL_H_ */ diff --git a/include/libnftnl/chain.h b/include/libnftnl/chain.h index 237683e..f04f610 100644 --- a/include/libnftnl/chain.h +++ b/include/libnftnl/chain.h @@ -13,6 +13,7 @@ extern "C" { #endif struct nftnl_chain; +struct nftnl_rule; struct nftnl_chain *nftnl_chain_alloc(void); void nftnl_chain_free(const struct nftnl_chain *); @@ -54,6 +55,10 @@ uint32_t nftnl_chain_get_u32(const struct nftnl_chain *c, uint16_t attr); int32_t nftnl_chain_get_s32(const struct nftnl_chain *c, uint16_t attr); uint64_t nftnl_chain_get_u64(const struct nftnl_chain *c, uint16_t attr); +void nftnl_chain_rule_add(struct nftnl_rule *rule, struct nftnl_chain *c); +void nftnl_chain_rule_add_tail(struct nftnl_rule *rule, struct nftnl_chain *c); +void nftnl_chain_rule_insert_at(struct nftnl_rule *rule, struct nftnl_rule *pos); + struct nlmsghdr; void nftnl_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nftnl_chain *t); @@ -68,6 +73,16 @@ int nftnl_chain_fprintf(FILE *fp, const struct nftnl_chain *c, uint32_t type, ui #define nftnl_chain_nlmsg_build_hdr nftnl_nlmsg_build_hdr int nftnl_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_chain *t); +int nftnl_rule_foreach(struct nftnl_chain *c, + int (*cb)(struct nftnl_rule *r, void *data), + void *data); + +struct nftnl_rule_iter; + +struct nftnl_rule_iter *nftnl_rule_iter_create(const struct nftnl_chain *c); +struct nftnl_rule *nftnl_rule_iter_next(struct nftnl_rule_iter *iter); +void nftnl_rule_iter_destroy(struct nftnl_rule_iter *iter); + struct nftnl_chain_list; struct nftnl_chain_list *nftnl_chain_list_alloc(void); diff --git a/include/rule.h b/include/rule.h new file mode 100644 index 0000000..5edcb6c --- /dev/null +++ b/include/rule.h @@ -0,0 +1,26 @@ +#ifndef _LIBNFTNL_RULE_INTERNAL_H_ +#define _LIBNFTNL_RULE_INTERNAL_H_ + +struct nftnl_rule { + struct list_head head; + + uint32_t flags; + uint32_t family; + const char *table; + const char *chain; + uint64_t handle; + uint64_t position; + uint32_t id; + struct { + void *data; + uint32_t len; + } user; + struct { + uint32_t flags; + uint32_t proto; + } compat; + + struct list_head expr_list; +}; + +#endif |