static int chain_cb(const struct nlmsghdr *nlh, int event,
struct callback_data *cb)
{
struct nftnl_chain *chain;
chain = nftnl_chain_alloc();
if (!chain)
return MNL_CB_OK;
if (nftnl_chain_nlmsg_parse(nlh, chain) < 0)
goto out;
switch (cb->type) {
case CALLBACK_RETURN_HANDLE:
cb->value = nftnl_chain_get_u64(chain, NFTNL_CHAIN_HANDLE);
cb->success = true;
break;
default:
DBG("unhandled callback type %d\n", cb->type);
break;
}
out:
nftnl_chain_free(chain);
return MNL_CB_OK;
}
static int chain_cmd(struct mnl_socket *nl, struct nftnl_chain *chain,
uint16_t cmd, int family, uint16_t type,
enum callback_return_type cb_type, uint64_t *cb_val)
{
char buf[MNL_SOCKET_BUFFER_SIZE];
struct mnl_nlmsg_batch *batch;
struct nlmsghdr *nlh;
uint32_t seq = 0;
int err;
bzero(buf, sizeof(buf));
batch = mnl_nlmsg_batch_start(buf, sizeof(buf));
nftnl_batch_begin(mnl_nlmsg_batch_current(batch), seq++);
mnl_nlmsg_batch_next(batch);
nlh = nftnl_chain_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
cmd, family, type, seq++);
nftnl_chain_nlmsg_build_payload(nlh, chain);
nftnl_chain_free(chain);
mnl_nlmsg_batch_next(batch);
nftnl_batch_end(mnl_nlmsg_batch_current(batch), seq++);
mnl_nlmsg_batch_next(batch);
err = send_and_dispatch(nl, mnl_nlmsg_batch_head(batch),
mnl_nlmsg_batch_size(batch), cb_type, cb_val);
mnl_nlmsg_batch_stop(batch);
return err;
}
int main(int argc, char *argv[])
{
struct nftnl_chain *a, *b;
char buf[4096];
struct nlmsghdr *nlh;
a = nftnl_chain_alloc();
b = nftnl_chain_alloc();
if (a == NULL || b == NULL)
print_err("OOM");
nftnl_chain_set_str(a, NFTNL_CHAIN_NAME, "test");
nftnl_chain_set_u32(a, NFTNL_CHAIN_FAMILY, AF_INET);
nftnl_chain_set_str(a, NFTNL_CHAIN_TABLE, "Table");
nftnl_chain_set_u32(a, NFTNL_CHAIN_POLICY,0x12345678);
nftnl_chain_set_u32(a, NFTNL_CHAIN_HOOKNUM, 0x34567812);
nftnl_chain_set_s32(a, NFTNL_CHAIN_PRIO, 0x56781234);
nftnl_chain_set_u32(a, NFTNL_CHAIN_USE, 0x78123456);
nftnl_chain_set_u64(a, NFTNL_CHAIN_PACKETS, 0x1234567812345678);
nftnl_chain_set_u64(a, NFTNL_CHAIN_BYTES, 0x7812345678123456);
nftnl_chain_set_u64(a, NFTNL_CHAIN_HANDLE, 0x5678123456781234);
nftnl_chain_set_str(a, NFTNL_CHAIN_TYPE, "Prueba");
nftnl_chain_set_str(a, NFTNL_CHAIN_DEV, "eth0");
/* cmd extracted from include/linux/netfilter/nf_tables.h */
nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET,
0, 1234);
nftnl_chain_nlmsg_build_payload(nlh, a);
if (nftnl_chain_nlmsg_parse(nlh, b) < 0)
print_err("parsing problems");
cmp_nftnl_chain(a, b);
nftnl_chain_free(a);
nftnl_chain_free(b);
if (!test_ok)
exit(EXIT_FAILURE);
printf("%s: \033[32mOK\e[0m\n", argv[0]);
return EXIT_SUCCESS;
}
