TEST_F(IptablesTests, test_iptables_ip_entry) {
Row row;
parseIpEntry(getIpEntryContent(), row);
EXPECT_EQ(row, getIpEntryExpectedResults());
}
void genIPTablesRules(const std::string &filter, QueryData &results) {
Row r;
r["filter_name"] = filter;
// Initialize the access to iptc
auto handle = (struct iptc_handle *)iptc_init(filter.c_str());
if (handle == nullptr) {
return;
}
// Iterate through chains
for (auto chain = iptc_first_chain(handle); chain != nullptr;
chain = iptc_next_chain(handle)) {
r["chain"] = TEXT(chain);
struct ipt_counters counters;
auto policy = iptc_get_policy(chain, &counters, handle);
if (policy != nullptr) {
r["policy"] = TEXT(policy);
r["packets"] = INTEGER(counters.pcnt);
r["bytes"] = INTEGER(counters.bcnt);
} else {
r["policy"] = "";
r["packets"] = "0";
r["bytes"] = "0";
}
const struct ipt_entry *prev_rule = nullptr;
// Iterating through all the rules per chain
for (const struct ipt_entry *chain_rule = iptc_first_rule(chain, handle);
chain_rule;
chain_rule = iptc_next_rule(prev_rule, handle)) {
prev_rule = chain_rule;
auto target = iptc_get_target(chain_rule, handle);
if (target != nullptr) {
r["target"] = TEXT(target);
} else {
r["target"] = "";
}
if (chain_rule->target_offset) {
r["match"] = "yes";
// fill protocol port details
parseEntryMatch(chain_rule, r);
} else {
r["match"] = "no";
r["src_port"] = "";
r["dst_port"] = "";
}
const struct ipt_ip *ip = &chain_rule->ip;
parseIpEntry(ip, r);
results.push_back(r);
} // Rule iteration
results.push_back(r);
} // Chain iteration
iptc_free(handle);
}
