TEST_F(IptablesTests, test_iptables_ip_entry) { Row row; parseIpEntry(getIpEntryContent(), row); EXPECT_EQ(row, getIpEntryExpectedResults()); }
void genIPTablesRules(const std::string &filter, QueryData &results) { Row r; r["filter_name"] = filter; // Initialize the access to iptc auto handle = (struct iptc_handle *)iptc_init(filter.c_str()); if (handle == nullptr) { return; } // Iterate through chains for (auto chain = iptc_first_chain(handle); chain != nullptr; chain = iptc_next_chain(handle)) { r["chain"] = TEXT(chain); struct ipt_counters counters; auto policy = iptc_get_policy(chain, &counters, handle); if (policy != nullptr) { r["policy"] = TEXT(policy); r["packets"] = INTEGER(counters.pcnt); r["bytes"] = INTEGER(counters.bcnt); } else { r["policy"] = ""; r["packets"] = "0"; r["bytes"] = "0"; } const struct ipt_entry *prev_rule = nullptr; // Iterating through all the rules per chain for (const struct ipt_entry *chain_rule = iptc_first_rule(chain, handle); chain_rule; chain_rule = iptc_next_rule(prev_rule, handle)) { prev_rule = chain_rule; auto target = iptc_get_target(chain_rule, handle); if (target != nullptr) { r["target"] = TEXT(target); } else { r["target"] = ""; } if (chain_rule->target_offset) { r["match"] = "yes"; // fill protocol port details parseEntryMatch(chain_rule, r); } else { r["match"] = "no"; r["src_port"] = ""; r["dst_port"] = ""; } const struct ipt_ip *ip = &chain_rule->ip; parseIpEntry(ip, r); results.push_back(r); } // Rule iteration results.push_back(r); } // Chain iteration iptc_free(handle); }