/**
* Delete a rule
* @arg handle netlink handle
* @arg rule rule to delete
*
* Builds a netlink message by calling rtnl_rule_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_delete(struct nl_handle *handle, struct rtnl_rule *rule)
{
int err;
struct nl_msg *m = rtnl_rule_build_delete_request(rule);
if ((err = nl_send_auto_complete(handle, nl_msg_get(m))) < 0)
return err;
nl_msg_free(m);
return nl_wait_for_ack(handle);
}
/**
* Delete a rule
* @arg sk Netlink socket.
* @arg rule rule to delete
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_delete(struct nl_sock *sk, struct rtnl_rule *rule, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_rule_build_delete_request(rule, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/**
* Delete a rule
* @arg handle netlink handle
* @arg rule rule to delete
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_delete(struct nl_handle *handle, struct rtnl_rule *rule,
int flags)
{
int err;
struct nl_msg *msg;
msg = rtnl_rule_build_delete_request(rule, flags);
if (!msg)
return nl_errno(ENOMEM);
err = nl_send_auto_complete(handle, msg);
if (err < 0)
return err;
nlmsg_free(msg);
return nl_wait_for_ack(handle);
}
static int build_rule_msg(struct rtnl_rule *tmpl, int cmd, int flags,
struct nl_msg **result)
{
struct nl_msg *msg;
struct fib_rule_hdr frh = {
.family = tmpl->r_family,
.table = tmpl->r_table,
.action = tmpl->r_action,
.flags = tmpl->r_flags,
.tos = tmpl->r_dsfield,
};
if (!(tmpl->ce_mask & RULE_ATTR_FAMILY))
return -NLE_MISSING_ATTR;
msg = nlmsg_alloc_simple(cmd, flags);
if (!msg)
return -NLE_NOMEM;
if (nlmsg_append(msg, &frh, sizeof(frh), NLMSG_ALIGNTO) < 0)
goto nla_put_failure;
if (tmpl->ce_mask & RULE_ATTR_SRC) {
frh.src_len = nl_addr_get_prefixlen(tmpl->r_src);
NLA_PUT_ADDR(msg, FRA_SRC, tmpl->r_src);
}
if (tmpl->ce_mask & RULE_ATTR_DST) {
frh.dst_len = nl_addr_get_prefixlen(tmpl->r_dst);
NLA_PUT_ADDR(msg, FRA_DST, tmpl->r_dst);
}
if (tmpl->ce_mask & RULE_ATTR_IIFNAME)
NLA_PUT_STRING(msg, FRA_IIFNAME, tmpl->r_iifname);
if (tmpl->ce_mask & RULE_ATTR_OIFNAME)
NLA_PUT_STRING(msg, FRA_OIFNAME, tmpl->r_oifname);
if (tmpl->ce_mask & RULE_ATTR_PRIO)
NLA_PUT_U32(msg, FRA_PRIORITY, tmpl->r_prio);
if (tmpl->ce_mask & RULE_ATTR_MARK)
NLA_PUT_U32(msg, FRA_FWMARK, tmpl->r_mark);
if (tmpl->ce_mask & RULE_ATTR_MASK)
NLA_PUT_U32(msg, FRA_FWMASK, tmpl->r_mask);
if (tmpl->ce_mask & RULE_ATTR_GOTO)
NLA_PUT_U32(msg, FRA_GOTO, tmpl->r_goto);
if (tmpl->ce_mask & RULE_ATTR_FLOW)
NLA_PUT_U32(msg, FRA_FLOW, tmpl->r_flow);
*result = msg;
return 0;
nla_put_failure:
nlmsg_free(msg);
return -NLE_MSGSIZE;
}
/**
* Build netlink request message to add a new rule
* @arg tmpl template with data of new rule
* @arg flags additional netlink message flags
*
* Builds a new netlink message requesting a addition of a new
* rule. The netlink message header isn't fully equipped with
* all relevant fields and must thus be sent out via nl_send_auto_complete()
* or supplemented as needed. \a tmpl must contain the attributes of the new
* address set via \c rtnl_rule_set_* functions.
*
* @return The netlink message
*/
int rtnl_rule_build_add_request(struct rtnl_rule *tmpl, int flags,
struct nl_msg **result)
{
return build_rule_msg(tmpl, RTM_NEWRULE, NLM_F_CREATE | flags,
result);
}
/**
* Add a new rule
* @arg sk Netlink socket.
* @arg tmpl template with requested changes
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_add_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_add(struct nl_sock *sk, struct rtnl_rule *tmpl, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_rule_build_add_request(tmpl, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/** @} */
/**
* @name Rule Deletion
* @{
*/
/**
* Build a netlink request message to delete a rule
* @arg rule rule to delete
* @arg flags additional netlink message flags
*
* Builds a new netlink message requesting a deletion of a rule.
* The netlink message header isn't fully equipped with all relevant
* fields and must thus be sent out via nl_send_auto_complete()
* or supplemented as needed. \a rule must point to an existing
* address.
*
* @return The netlink message
*/
int rtnl_rule_build_delete_request(struct rtnl_rule *rule, int flags,
struct nl_msg **result)
{
return build_rule_msg(rule, RTM_DELRULE, flags, result);
}
/**
* Delete a rule
* @arg sk Netlink socket.
* @arg rule rule to delete
* @arg flags additional netlink message flags
*
* Builds a netlink message by calling rtnl_rule_build_delete_request(),
* sends the request to the kernel and waits for the next ACK to be
* received and thus blocks until the request has been fullfilled.
*
* @return 0 on sucess or a negative error if an error occured.
*/
int rtnl_rule_delete(struct nl_sock *sk, struct rtnl_rule *rule, int flags)
{
struct nl_msg *msg;
int err;
if ((err = rtnl_rule_build_delete_request(rule, flags, &msg)) < 0)
return err;
err = nl_send_auto_complete(sk, msg);
nlmsg_free(msg);
if (err < 0)
return err;
return wait_for_ack(sk);
}
/** @} */
/**
* @name Attribute Modification
* @{
*/
void rtnl_rule_set_family(struct rtnl_rule *rule, int family)
{
rule->r_family = family;
rule->ce_mask |= RULE_ATTR_FAMILY;
}