summaryrefslogtreecommitdiffstats
path: root/src/rule.c
diff options
context:
space:
mode:
authorArturo Borrero <arturo.borrero.glez@gmail.com>2014-09-26 18:30:08 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2014-09-29 12:36:15 +0200
commit4e5231ca0d0684f5326909882400a5a584bca018 (patch)
tree52b5e7cfaf16a6494c00486098245c8a2167a6c9 /src/rule.c
parent6cd0921f6fd05eafb63c372e0b3add32e035dd59 (diff)
src: add list ruleset command
This patch adds a new command to nft: % nft list ruleset [family] Which list the entire ruleset. If no family is specified, all tables of all families are listed. Users can now make several operations at ruleset level: % nft list ruleset > ruleset.nft % nft -f ruleset.nft % nft flush ruleset Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r--src/rule.c28
1 files changed, 28 insertions, 0 deletions
diff --git a/src/rule.c b/src/rule.c
index 336c1595..43355eeb 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -782,6 +782,32 @@ err:
return -1;
}
+static int do_list_ruleset(struct netlink_ctx *ctx, struct cmd *cmd)
+{
+ struct table *table, *next;
+ LIST_HEAD(tables);
+
+ if (netlink_list_tables(ctx, &cmd->handle, &cmd->location) < 0)
+ return -1;
+
+ list_splice_tail_init(&ctx->list, &tables);
+
+ list_for_each_entry_safe(table, next, &tables, list) {
+ table_add_hash(table);
+
+ cmd->handle.family = table->handle.family;
+ cmd->handle.table = xstrdup(table->handle.table);
+
+ if (do_list_table(ctx, cmd, table) < 0)
+ return -1;
+
+ list_del(&table->list);
+ table_free(table);
+ }
+
+ return 0;
+}
+
static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
{
struct table *table = NULL;
@@ -837,6 +863,8 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
set_print(set);
}
return 0;
+ case CMD_OBJ_RULESET:
+ return do_list_ruleset(ctx, cmd);
default:
BUG("invalid command object type %u\n", cmd->obj);
}