From 498072412c174bfb3e68f1931f5b716a9dc4bbbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Neira=20Ayuso?= Date: Sat, 8 Mar 2014 16:22:33 +0100 Subject: examples: nft-rule-insert: fix and merge it to nft-rule-add Merged the example for inserting rules and fixed for using the correct header. Signed-off-by: Alvaro Neira Ayuso Signed-off-by: Pablo Neira Ayuso --- examples/nft-rule-add.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'examples/nft-rule-add.c') diff --git a/examples/nft-rule-add.c b/examples/nft-rule-add.c index 21b3bf8..6961d0d 100644 --- a/examples/nft-rule-add.c +++ b/examples/nft-rule-add.c @@ -80,11 +80,12 @@ static void add_counter(struct nft_rule *r) } static struct nft_rule *setup_rule(uint8_t family, const char *table, - const char *chain) + const char *chain, const char *handle) { struct nft_rule *r = NULL; uint8_t proto; uint16_t dport; + uint64_t handle_num; r = nft_rule_alloc(); if (r == NULL) { @@ -96,6 +97,11 @@ static struct nft_rule *setup_rule(uint8_t family, const char *table, nft_rule_attr_set(r, NFT_RULE_ATTR_CHAIN, chain); nft_rule_attr_set_u32(r, NFT_RULE_ATTR_FAMILY, family); + if (handle != NULL) { + handle_num = atoll(handle); + nft_rule_attr_set_u64(r, NFT_RULE_ATTR_POSITION, handle_num); + } + proto = IPPROTO_TCP; add_payload(r, NFT_PAYLOAD_NETWORK_HEADER, NFT_REG_1, offsetof(struct iphdr, protocol), sizeof(uint8_t)); @@ -138,7 +144,7 @@ int main(int argc, char *argv[]) uint32_t seq = time(NULL); int ret; - if (argc != 4) { + if (argc < 4 || argc > 5) { fprintf(stderr, "Usage: %s \n", argv[0]); exit(EXIT_FAILURE); } @@ -152,7 +158,10 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } - r = setup_rule(family, argv[2], argv[3]); + if (argc != 5) + r = setup_rule(family, argv[2], argv[3], NULL); + else + r = setup_rule(family, argv[2], argv[3], argv[4]); nl = mnl_socket_open(NETLINK_NETFILTER); if (nl == NULL) { -- cgit v1.2.3