examples: nft-rule-add: use existing batch infrastructure

This patch reworks the existing example to add the rule: nft add rule ip filter input tcp dport 22 counter It uses the existing nfnl batching approach using the generic mnl netlink message batching infrastructure. It also removed the code that uses xtables compat code. Based on original patch by Arturo Borrero Gonzalez. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-10 17:21:47 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-12-10 18:20:57 +0100
commit: 0b3161731262d3a8c6110c17fd818af325dbf491 (patch)
tree: b2817decdfac9cabbf549cff50faa3c28502e7cc /include
parent: 9f9a271267b9ce97cf6fd30016a56441c889cb87 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 91eebab..336c10c 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -97,4 +97,9 @@ extern void nfnl_unlock(void);
 	MODULE_ALIAS("nfnetlink-subsys-" __stringify(subsys))
 
 #endif	/* __KERNEL__ */
+
+/* Reserved control nfnetlink messages */
+#define NFNL_MSG_BATCH_BEGIN            NLMSG_MIN_TYPE
+#define NFNL_MSG_BATCH_END              NLMSG_MIN_TYPE+1
+
 #endif	/* _NFNETLINK_H */
author	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-10 17:21:47 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-12-10 18:20:57 +0100
commit	0b3161731262d3a8c6110c17fd818af325dbf491 (patch)
tree	b2817decdfac9cabbf549cff50faa3c28502e7cc /include
parent	9f9a271267b9ce97cf6fd30016a56441c889cb87 (diff)