static int chain_cmd(struct mnl_socket *nl, struct nftnl_chain *chain, uint16_t cmd, int family, uint16_t type, enum callback_return_type cb_type, uint64_t *cb_val) { char buf[MNL_SOCKET_BUFFER_SIZE]; struct mnl_nlmsg_batch *batch; struct nlmsghdr *nlh; uint32_t seq = 0; int err; bzero(buf, sizeof(buf)); batch = mnl_nlmsg_batch_start(buf, sizeof(buf)); nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); nlh = nftnl_chain_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch), cmd, family, type, seq++); nftnl_chain_nlmsg_build_payload(nlh, chain); nftnl_chain_free(chain); mnl_nlmsg_batch_next(batch); nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++); mnl_nlmsg_batch_next(batch); err = send_and_dispatch(nl, mnl_nlmsg_batch_head(batch), mnl_nlmsg_batch_size(batch), cb_type, cb_val); mnl_nlmsg_batch_stop(batch); return err; }
int main(int argc, char *argv[]) { struct nftnl_chain *a, *b; char buf[4096]; struct nlmsghdr *nlh; a = nftnl_chain_alloc(); b = nftnl_chain_alloc(); if (a == NULL || b == NULL) print_err("OOM"); nftnl_chain_set_str(a, NFTNL_CHAIN_NAME, "test"); nftnl_chain_set_u32(a, NFTNL_CHAIN_FAMILY, AF_INET); nftnl_chain_set_str(a, NFTNL_CHAIN_TABLE, "Table"); nftnl_chain_set_u32(a, NFTNL_CHAIN_POLICY,0x12345678); nftnl_chain_set_u32(a, NFTNL_CHAIN_HOOKNUM, 0x34567812); nftnl_chain_set_s32(a, NFTNL_CHAIN_PRIO, 0x56781234); nftnl_chain_set_u32(a, NFTNL_CHAIN_USE, 0x78123456); nftnl_chain_set_u64(a, NFTNL_CHAIN_PACKETS, 0x1234567812345678); nftnl_chain_set_u64(a, NFTNL_CHAIN_BYTES, 0x7812345678123456); nftnl_chain_set_u64(a, NFTNL_CHAIN_HANDLE, 0x5678123456781234); nftnl_chain_set_str(a, NFTNL_CHAIN_TYPE, "Prueba"); nftnl_chain_set_str(a, NFTNL_CHAIN_DEV, "eth0"); /* cmd extracted from include/linux/netfilter/nf_tables.h */ nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET, 0, 1234); nftnl_chain_nlmsg_build_payload(nlh, a); if (nftnl_chain_nlmsg_parse(nlh, b) < 0) print_err("parsing problems"); cmp_nftnl_chain(a, b); nftnl_chain_free(a); nftnl_chain_free(b); if (!test_ok) exit(EXIT_FAILURE); printf("%s: \033[32mOK\e[0m\n", argv[0]); return EXIT_SUCCESS; }