summaryrefslogtreecommitdiffstats
path: root/examples
Commit message (Collapse)AuthorAgeFilesLines
* examples: Add nft-rule-json-addÁlvaro Neira Ayuso2013-08-202-0/+119
| | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
* example: nft-rule-get: family parameter addedÁlvaro Neira Ayuso2013-08-091-6/+27
| | | | | | | I have added the parameter family in the example nft-rule-get. Signed-off-by: Alvaro Neira Ayuso Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: Add nft-chain-json-addÁlvaro Neira Ayuso2013-07-312-0/+122
| | | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: Add nft-table-json-addÁlvaro Neira Ayuso2013-07-252-0/+120
| | | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add insert rule exampleEric Leblond2013-07-192-0/+208
| | | | | | | | This program can insert a rule after a rule given by its handle. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-chain-add: allow to create custom chainsPablo Neira Ayuso2013-07-181-18/+23
| | | | | | | So far, it was only possible to create base chains. This patch allows you to create custom chains as well. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-chain-get: allow to list chain from all familiesPablo Neira Ayuso2013-07-181-23/+23
| | | | | | So far, it was restricted to AF_INET. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add arp supportPablo Neira Ayuso2013-07-1815-60/+103
| | | | | | While at it, convert all examples to use NFPROTO_*. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-{table,chain,rule}-xml-add: fix missing NLM_F_CREATEPablo Neira Ayuso2013-07-103-20/+22
| | | | | | | | | | | | | | | | | | Thus, automodule loading was not working. While at it, apply not so relevant comestic cleanups and fix some inconsistencies between examples. * Fix copyright header, this is code heavily based on existing nft-*-add examples. * Remove unrequired extern struct nft_table definition. * Make sure we close file descriptor once we don't need it anymore. * Remove unrequired casting. * Remove comment that provides nothing interesting. I considered a patch to address each on those was too much burden. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: remove LIBXML_LIBS from LDADDPablo Neira Ayuso2013-07-101-21/+21
| | | | | | | | Remove it from the example files, we don't need it. There is no explicit reference to any of the libmxml functions in those files, so the linker does not need that library. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: add xml outputArturo Borrero2013-07-062-2/+7
| | | | | | | This patch adds XML output for sets. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-table-get: add json supportÁlvaro Neira Ayuso2013-07-061-5/+22
| | | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: add json outputÁlvaro Neira Ayuso2013-07-062-10/+20
| | | | | | | This patch allows you to dump set and their content in json format. Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add JSON supportÁlvaro Neira Ayuso2013-06-291-1/+4
| | | | | | | By specifying 'json' as first parameter. Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* test: add testbench for XMLArturo Borrero Gonzalez2013-06-273-102/+0
| | | | | | | | | | | | | | | | | | This patch add a testbench for XML parsing, which may be extended to test JSON as well. To use it: $ cd test/ $ make nft-parsing-test $ ./nft-parsing-test xmlfiles/ This testbench supersedes old .sh test scripts, so they are deleted. [ I have mangled this patch to rename/mangle files, to colorize the test output and not to compile XML inconditionally --pablo ] Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: unset chain & rule handleArturo Borrero2013-06-182-0/+2
| | | | | | | Use _unset functions to delete handle so test don't fail. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-chain-get: export in JSON formatAlvaro Neira Ayuso2013-06-081-1/+4
| | | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-table-get: export in JSON formatAlvaro Neira Ayuso2013-06-071-0/+4
| | | | | Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-rule-add: fix compilation warningPablo Neira Ayuso2013-06-051-1/+1
| | | | | | | | CC nft-rule-add.o nft-rule-add.c:105:13: warning: ‘add_payload’ defined but not used [-Wunused-function] Reported-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-rule-add: remove unexistent libnftables/payload.h includePablo Neira Ayuso2013-06-051-1/+0
| | | | | Reported-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: nft-events: add newline to outputEric Leblond2013-06-051-3/+3
| | | | | | | | | This patch adds a new line to messages to be sure that they are printed to the shell as soon as they occur. This also fixes the display of output. Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: XML parsing examplesArturo Borrero Gonzalez2013-05-237-18/+473
| | | | | | | | | | | | | | | | | | | | Some code snipplets to add tables/chain/rules using the XML representation. The examples contains: * A binary to parse/add the object using libnftables. * A shellscript to easily call that binary, doing some tests. * table/chain/rule sample XML file. I included my name in new files, but I don't know if this is correct. Please let me know. Instructions: $ cd examples/ ; make nft-table-xml-add # cd test/ ; ./nft-table-xml-add.sh NOTE: Some kernel changes are required to allow reinsert exactly what is printed (handle handling, flags..) Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: remove trailing \n from all nft_*_snprintf functionsPablo Neira Ayuso2013-04-195-5/+5
| | | | | | The caller should add it in case it needs it. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: fix rule additionPablo Neira Ayuso2013-03-171-1/+2
| | | | | | | Missing NLM_F_CREATE, otherwise the automatic handle allocation returns -EINVAL. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add XML output for table/chain/ruleArturo Borrero Gonzalez2013-02-123-11/+29
| | | | | | | | | | | | | | | To show an instance of this patch: (shell)$ ./nft-table-get xml <table name="filter" > <properties> <family value="2" /> <flags value="5" table_flags="0" /> </properties> </table> Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.co Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: add support to add elements to setsPablo Neira Ayuso2013-02-054-0/+355
| | | | | | This patch includes iterators and several examples. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* set: complete supportPablo Neira Ayuso2013-02-034-0/+328
| | | | | | Including examples. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: table: add example of dormant tablesPablo Neira Ayuso2012-11-112-0/+106
| | | | | | | | Now we add a non-dormant table which is not active. We can add chains and rules to it that would not have any effect. Once we change the flag to wake it up, the rule-set becomes active. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rule: use 64-bits handle instead of 16-bitsPablo Neira Ayuso2012-11-031-1/+1
| | | | | | 5c4d30c nf_tables: use 64-bits rule handle instead of 16-bits Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add nft-eventsPablo Neira Ayuso2012-10-142-0/+158
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* examples: add nft-compat-getPablo Neira Ayuso2012-10-142-1/+144
| | | | | | | This utility allows to consult x_tables match/target revisions supported via the nft_compat layer. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* initial version of libnftablesPablo Neira Ayuso2012-10-1110-0/+1057
It adds support for table, chain and rule handling. This also includes expression handling for each rule. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
generated by cgit v1.2.3 (git 2.25.0) at 2024-11-16 03:11:08 +0000