src: Add support for insertion inside rule list

This patch adds support to insert and to add rule using a rule handle as reference. The rule handle syntax has an new optional position field which take a handle as argument. Two examples: nft add rule filter output position 5 ip daddr 1.2.3.1 drop nft insert rule filter output position 5 ip daddr 1.2.3.1 drop Signed-off-by: Eric Leblond <eric@regit.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Eric Leblond <eric@regit.org> 2013-07-06 17:33:57 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2013-07-19 17:48:11 +0200
commit: df84fdeb32c7a76388dd456a835b5f29e0c9caa1 (patch)
tree: d8d913a8b4c2fe36d91bedaf49f4891be5b1d2fb /src/netlink_delinearize.c
parent: 4f6c75e40ac8898feaa5ca39f7934268a7f7796a (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 93489138..f92e83f3 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -796,6 +796,8 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
 	h.table  = xstrdup(nft_rule_attr_get_str(nlr, NFT_RULE_ATTR_TABLE));
 	h.chain  = xstrdup(nft_rule_attr_get_str(nlr, NFT_RULE_ATTR_CHAIN));
 	h.handle = nft_rule_attr_get_u64(nlr, NFT_RULE_ATTR_HANDLE);
+	if (nft_rule_attr_is_set(nlr, NFT_RULE_ATTR_POSITION))
+		h.position = nft_rule_attr_get_u64(nlr, NFT_RULE_ATTR_POSITION);
 
 	pctx->rule = rule_alloc(&internal_location, &h);
 	pctx->table = table_lookup(&h);
author	Eric Leblond <eric@regit.org>	2013-07-06 17:33:57 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2013-07-19 17:48:11 +0200
commit	df84fdeb32c7a76388dd456a835b5f29e0c9caa1 (patch)
tree	d8d913a8b4c2fe36d91bedaf49f4891be5b1d2fb /src/netlink_delinearize.c
parent	4f6c75e40ac8898feaa5ca39f7934268a7f7796a (diff)