diff options
author | Pablo M. Bermudo Garay <pablombg@gmail.com> | 2017-06-23 18:38:25 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-06-26 19:04:56 +0200 |
commit | b4953803f26c442cdec4cad78a8261e9b97cd015 (patch) | |
tree | b44136b4981e5ac1af3e66646bfd5a2daefef41e /src/main.c | |
parent | f9d3e2e15b7ad968f30643ca6da55b75f03686fd (diff) |
src: add --check option flag
Sometimes it can be useful to test if a command is valid without
applying any change to the rule-set. This commit adds a new option
flag (-c | --check) that performs a dry run execution of the commands.
Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/main.c')
-rw-r--r-- | src/main.c | 14 |
1 files changed, 12 insertions, 2 deletions
@@ -40,6 +40,7 @@ static unsigned int num_include_paths = 1; enum opt_vals { OPT_HELP = 'h', OPT_VERSION = 'v', + OPT_CHECK = 'c', OPT_FILE = 'f', OPT_INTERACTIVE = 'i', OPT_INCLUDEPATH = 'I', @@ -51,7 +52,7 @@ enum opt_vals { OPT_INVALID = '?', }; -#define OPTSTRING "hvf:iI:vnsNa" +#define OPTSTRING "hvcf:iI:vnsNa" static const struct option options[] = { { @@ -63,6 +64,10 @@ static const struct option options[] = { .val = OPT_VERSION, }, { + .name = "check", + .val = OPT_CHECK, + }, + { .name = "file", .val = OPT_FILE, .has_arg = 1, @@ -113,6 +118,7 @@ static void show_help(const char *name) " -h, --help Show this help\n" " -v, --version Show version information\n" "\n" +" -c, --check Check commands validity without actually applying the changes.\n" " -f, --file <filename> Read input from <filename>\n" " -i, --interactive Read input from interactive CLI\n" "\n" @@ -202,7 +208,8 @@ static int nft_netlink(struct nft_ctx *nft, struct parser_state *state, if (ret < 0) goto out; } - mnl_batch_end(batch); + if (!nft->check) + mnl_batch_end(batch); if (!mnl_batch_ready(batch)) goto out; @@ -278,6 +285,9 @@ int main(int argc, char * const *argv) printf("%s v%s (%s)\n", PACKAGE_NAME, PACKAGE_VERSION, RELEASE_NAME); exit(NFT_EXIT_SUCCESS); + case OPT_CHECK: + nft.check = true; + break; case OPT_FILE: filename = optarg; break; |