netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
Macros | Enumerations | Functions
rule.h File Reference
#include <stdio.h>
#include <stdint.h>
#include <stdbool.h>
#include <sys/types.h>
#include <libnftnl/common.h>
Include dependency graph for rule.h:
This graph shows which files directly or indirectly include this file:

Macros

#define NFT_RULE_ATTR_MAX   (__NFT_RULE_ATTR_MAX - 1)
 
#define nft_rule_nlmsg_build_hdr   nft_nlmsg_build_hdr
 

Enumerations

enum  {
  NFT_RULE_ATTR_FAMILY = 0,
  NFT_RULE_ATTR_TABLE,
  NFT_RULE_ATTR_CHAIN,
  NFT_RULE_ATTR_HANDLE,
  NFT_RULE_ATTR_COMPAT_PROTO,
  NFT_RULE_ATTR_COMPAT_FLAGS,
  NFT_RULE_ATTR_POSITION,
  NFT_RULE_ATTR_USERDATA,
  __NFT_RULE_ATTR_MAX
}
 

Functions

struct nft_rulenft_rule_alloc (void)
 
void nft_rule_free (struct nft_rule *)
 
void nft_rule_attr_unset (struct nft_rule *r, uint16_t attr)
 
bool nft_rule_attr_is_set (const struct nft_rule *r, uint16_t attr)
 
void nft_rule_attr_set (struct nft_rule *r, uint16_t attr, const void *data)
 
void nft_rule_attr_set_data (struct nft_rule *r, uint16_t attr, const void *data, uint32_t data_len)
 
void nft_rule_attr_set_u32 (struct nft_rule *r, uint16_t attr, uint32_t val)
 
void nft_rule_attr_set_u64 (struct nft_rule *r, uint16_t attr, uint64_t val)
 
void nft_rule_attr_set_str (struct nft_rule *r, uint16_t attr, const char *str)
 
const void * nft_rule_attr_get (const struct nft_rule *r, uint16_t attr)
 
const void * nft_rule_attr_get_data (const struct nft_rule *r, uint16_t attr, uint32_t *data_len)
 
const char * nft_rule_attr_get_str (const struct nft_rule *r, uint16_t attr)
 
uint8_t nft_rule_attr_get_u8 (const struct nft_rule *r, uint16_t attr)
 
uint32_t nft_rule_attr_get_u32 (const struct nft_rule *r, uint16_t attr)
 
uint64_t nft_rule_attr_get_u64 (const struct nft_rule *r, uint16_t attr)
 
void nft_rule_add_expr (struct nft_rule *r, struct nft_rule_expr *expr)
 
void nft_rule_nlmsg_build_payload (struct nlmsghdr *nlh, struct nft_rule *t)
 
int nft_rule_parse (struct nft_rule *r, enum nft_parse_type type, const char *data, struct nft_parse_err *err)
 
int nft_rule_parse_file (struct nft_rule *r, enum nft_parse_type type, FILE *fp, struct nft_parse_err *err)
 
int nft_rule_snprintf (char *buf, size_t size, struct nft_rule *t, uint32_t type, uint32_t flags)
 
int nft_rule_fprintf (FILE *fp, struct nft_rule *r, uint32_t type, uint32_t flags)
 
int nft_rule_nlmsg_parse (const struct nlmsghdr *nlh, struct nft_rule *t)
 
int nft_rule_expr_foreach (struct nft_rule *r, int(*cb)(struct nft_rule_expr *e, void *data), void *data)
 
struct nft_rule_expr_iternft_rule_expr_iter_create (struct nft_rule *r)
 
struct nft_rule_exprnft_rule_expr_iter_next (struct nft_rule_expr_iter *iter)
 
void nft_rule_expr_iter_destroy (struct nft_rule_expr_iter *iter)
 
struct nft_rule_listnft_rule_list_alloc (void)
 
void nft_rule_list_free (struct nft_rule_list *list)
 
int nft_rule_list_is_empty (struct nft_rule_list *list)
 
void nft_rule_list_add (struct nft_rule *r, struct nft_rule_list *list)
 
void nft_rule_list_add_tail (struct nft_rule *r, struct nft_rule_list *list)
 
void nft_rule_list_del (struct nft_rule *r)
 
int nft_rule_list_foreach (struct nft_rule_list *rule_list, int(*cb)(struct nft_rule *t, void *data), void *data)
 
struct nft_rule_list_iternft_rule_list_iter_create (struct nft_rule_list *l)
 
struct nft_rulenft_rule_list_iter_cur (struct nft_rule_list_iter *iter)
 
struct nft_rulenft_rule_list_iter_next (struct nft_rule_list_iter *iter)
 
void nft_rule_list_iter_destroy (struct nft_rule_list_iter *iter)
 

Macro Definition Documentation

#define NFT_RULE_ATTR_MAX   (__NFT_RULE_ATTR_MAX - 1)

Referenced by nft_rule_attr_set_data().

#define nft_rule_nlmsg_build_hdr   nft_nlmsg_build_hdr

Referenced by mnl_nft_rule_add(), mnl_nft_rule_batch_add(), mnl_nft_rule_batch_del(), mnl_nft_rule_delete(), mnl_nft_rule_dump(), and mnl_rule_dump().

Enumeration Type Documentation

anonymous enum
Enumerator
NFT_RULE_ATTR_FAMILY 
NFT_RULE_ATTR_TABLE 
NFT_RULE_ATTR_CHAIN 
NFT_RULE_ATTR_HANDLE 
NFT_RULE_ATTR_COMPAT_PROTO 
NFT_RULE_ATTR_COMPAT_FLAGS 
NFT_RULE_ATTR_POSITION 
NFT_RULE_ATTR_USERDATA 
__NFT_RULE_ATTR_MAX 

Function Documentation

void nft_rule_add_expr ( struct nft_rule r,
struct nft_rule_expr expr 
)

References nft_rule::expr_list, and nft_rule_expr::head.

Referenced by add_bitwise_u16(), add_cmp_ptr(), add_counters(), add_jumpto(), add_match(), add_meta(), add_payload(), add_target(), and add_verdict().

Here is the caller graph for this function:

struct nft_rule* nft_rule_alloc ( void  )

References nft_rule::expr_list, INIT_LIST_HEAD, and NULL.

Referenced by alloc_nft_rule().

Here is the caller graph for this function:

const void* nft_rule_attr_get ( const struct nft_rule r,
uint16_t  attr 
)

References nft_rule_attr_get_data().

Referenced by nft_rule_attr_get_str().

Here is the call graph for this function:

Here is the caller graph for this function:

const void* nft_rule_attr_get_data ( const struct nft_rule r,
uint16_t  attr,
uint32_t *  data_len 
)

References nft_rule::chain, nft_rule::compat, nft_rule::data, nft_rule::family, nft_rule::flags, nft_rule::handle, nft_rule::len, NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_COMPAT_FLAGS, NFT_RULE_ATTR_COMPAT_PROTO, NFT_RULE_ATTR_FAMILY, NFT_RULE_ATTR_HANDLE, NFT_RULE_ATTR_POSITION, NFT_RULE_ATTR_TABLE, NFT_RULE_ATTR_USERDATA, NULL, nft_rule::position, nft_rule::proto, nft_rule::table, and nft_rule::user.

Referenced by netlink_delinearize_rule(), nft_rule_attr_get(), nft_rule_attr_get_u32(), nft_rule_attr_get_u64(), and nft_rule_attr_get_u8().

Here is the caller graph for this function:

const char* nft_rule_attr_get_str ( const struct nft_rule r,
uint16_t  attr 
)

References nft_rule_attr_get().

Referenced by netlink_delinearize_rule(), nft_rule_print_save(), and nft_rule_save().

Here is the call graph for this function:

Here is the caller graph for this function:

uint32_t nft_rule_attr_get_u32 ( const struct nft_rule r,
uint16_t  attr 
)

References nft_assert, and nft_rule_attr_get_data().

Referenced by mnl_nft_rule_add(), mnl_nft_rule_batch_add(), mnl_nft_rule_batch_del(), mnl_nft_rule_delete(), netlink_delinearize_rule(), nft_rule_print_save(), nft_rule_to_arptables_command_state(), and nft_rule_to_iptables_command_state().

Here is the call graph for this function:

Here is the caller graph for this function:

uint64_t nft_rule_attr_get_u64 ( const struct nft_rule r,
uint16_t  attr 
)

References nft_assert, and nft_rule_attr_get_data().

Referenced by netlink_delinearize_rule(), nft_rule_insert(), nft_rule_replace(), and nft_rule_zero_counters().

Here is the call graph for this function:

Here is the caller graph for this function:

uint8_t nft_rule_attr_get_u8 ( const struct nft_rule r,
uint16_t  attr 
)

References nft_assert, and nft_rule_attr_get_data().

Here is the call graph for this function:

bool nft_rule_attr_is_set ( const struct nft_rule r,
uint16_t  attr 
)

References nft_rule::flags.

Referenced by netlink_delinearize_rule().

Here is the caller graph for this function:

void nft_rule_attr_set ( struct nft_rule r,
uint16_t  attr,
const void *  data 
)

References nft_rule_attr_set_data().

Referenced by nft_rule_append().

Here is the call graph for this function:

Here is the caller graph for this function:

void nft_rule_attr_set_data ( struct nft_rule r,
uint16_t  attr,
const void *  data,
uint32_t  data_len 
)

References nft_rule::chain, nft_rule::compat, nft_rule::data, nft_rule::family, nft_rule::flags, nft_rule::handle, nft_rule::len, nft_assert_validate, NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_COMPAT_FLAGS, NFT_RULE_ATTR_COMPAT_PROTO, NFT_RULE_ATTR_FAMILY, NFT_RULE_ATTR_HANDLE, NFT_RULE_ATTR_MAX, NFT_RULE_ATTR_POSITION, NFT_RULE_ATTR_TABLE, NFT_RULE_ATTR_USERDATA, nft_rule::position, nft_rule::proto, nft_rule::table, nft_rule::user, and xfree.

Referenced by alloc_nft_rule(), nft_rule_attr_set(), nft_rule_attr_set_str(), nft_rule_attr_set_u32(), and nft_rule_attr_set_u64().

Here is the caller graph for this function:

void nft_rule_attr_set_str ( struct nft_rule r,
uint16_t  attr,
const char *  str 
)

References nft_rule_attr_set_data().

Referenced by alloc_nft_rule().

Here is the call graph for this function:

Here is the caller graph for this function:

void nft_rule_attr_set_u32 ( struct nft_rule r,
uint16_t  attr,
uint32_t  val 
)

References nft_rule_attr_set_data().

Referenced by add_compat(), and alloc_nft_rule().

Here is the call graph for this function:

Here is the caller graph for this function:

void nft_rule_attr_set_u64 ( struct nft_rule r,
uint16_t  attr,
uint64_t  val 
)

References nft_rule_attr_set_data().

Referenced by alloc_nft_rule().

Here is the call graph for this function:

Here is the caller graph for this function:

void nft_rule_attr_unset ( struct nft_rule r,
uint16_t  attr 
)

References nft_rule::chain, nft_rule::flags, NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_COMPAT_FLAGS, NFT_RULE_ATTR_COMPAT_PROTO, NFT_RULE_ATTR_FAMILY, NFT_RULE_ATTR_HANDLE, NFT_RULE_ATTR_POSITION, NFT_RULE_ATTR_TABLE, NFT_RULE_ATTR_USERDATA, NULL, nft_rule::table, and xfree.

int nft_rule_expr_foreach ( struct nft_rule r,
int(*)(struct nft_rule_expr *e, void *data cb,
void *  data 
)

References nft_rule::expr_list, nft_rule_expr::head, and list_for_each_entry_safe.

Referenced by netlink_delinearize_rule().

Here is the caller graph for this function:

struct nft_rule_expr_iter* nft_rule_expr_iter_create ( struct nft_rule r)

References nft_rule_expr_iter::cur, nft_rule::expr_list, list_entry, list_head::next, NULL, and nft_rule_expr_iter::r.

Referenced by nft_rule_to_arptables_command_state(), and nft_rule_to_iptables_command_state().

Here is the caller graph for this function:

void nft_rule_expr_iter_destroy ( struct nft_rule_expr_iter iter)

References xfree.

Referenced by nft_rule_to_arptables_command_state(), and nft_rule_to_iptables_command_state().

Here is the caller graph for this function:

struct nft_rule_expr* nft_rule_expr_iter_next ( struct nft_rule_expr_iter iter)

References nft_rule_expr_iter::cur, nft_rule::expr_list, nft_rule_expr::head, list_entry, list_head::next, NULL, and nft_rule_expr_iter::r.

Referenced by nft_rule_to_arptables_command_state(), and nft_rule_to_iptables_command_state().

Here is the caller graph for this function:

int nft_rule_fprintf ( FILE *  fp,
struct nft_rule r,
uint32_t  type,
uint32_t  flags 
)

References nft_fprintf().

Here is the call graph for this function:

void nft_rule_free ( struct nft_rule )

References nft_rule::chain, nft_rule::expr_list, nft_rule_expr::head, list_for_each_entry_safe, nft_rule_expr_free(), NULL, nft_rule::table, and xfree.

Referenced by netlink_add_rule_batch(), netlink_del_rule_batch(), nft_rule_append(), and nft_rule_list_free().

Here is the call graph for this function:

Here is the caller graph for this function:

void nft_rule_list_add ( struct nft_rule r,
struct nft_rule_list list 
)

References nft_rule::head, and nft_rule_list::list.

void nft_rule_list_add_tail ( struct nft_rule r,
struct nft_rule_list list 
)

References nft_rule::head, and nft_rule_list::list.

struct nft_rule_list* nft_rule_list_alloc ( void  )

References INIT_LIST_HEAD, nft_rule_list::list, and NULL.

Referenced by mnl_nft_rule_dump(), and mnl_rule_dump().

Here is the caller graph for this function:

void nft_rule_list_del ( struct nft_rule r)

References nft_rule::head.

int nft_rule_list_foreach ( struct nft_rule_list rule_list,
int(*)(struct nft_rule *t, void *data cb,
void *  data 
)
void nft_rule_list_free ( struct nft_rule_list list)

References nft_rule::head, nft_rule_list::list, list_for_each_entry_safe, nft_rule_free(), and xfree.

Referenced by mnl_nft_rule_dump(), mnl_rule_dump(), nft_rule_list_destroy(), nft_rule_save(), nft_ruleset_attr_unset(), and nft_ruleset_free().

Here is the call graph for this function:

Here is the caller graph for this function:

int nft_rule_list_is_empty ( struct nft_rule_list list)

References nft_rule_list::list.

Referenced by nft_ruleset_fprintf().

Here is the caller graph for this function:

struct nft_rule_list_iter* nft_rule_list_iter_create ( struct nft_rule_list l)

References nft_rule_list_iter::cur, nft_rule_list::list, nft_rule_list_iter::list, list_entry, list_head::next, and NULL.

Referenced by nft_rule_save().

Here is the caller graph for this function:

struct nft_rule* nft_rule_list_iter_cur ( struct nft_rule_list_iter iter)

References nft_rule_list_iter::cur.

void nft_rule_list_iter_destroy ( struct nft_rule_list_iter iter)

References xfree.

Referenced by nft_rule_save().

Here is the caller graph for this function:

struct nft_rule* nft_rule_list_iter_next ( struct nft_rule_list_iter iter)

References nft_rule_list_iter::cur, nft_rule::head, nft_rule_list::list, nft_rule_list_iter::list, list_entry, list_head::next, and NULL.

Referenced by nft_rule_save().

Here is the caller graph for this function:

void nft_rule_nlmsg_build_payload ( struct nlmsghdr nlh,
struct nft_rule t 
)

References nft_rule::chain, nft_rule::compat, nft_rule::data, nft_rule::expr_list, nft_rule::flags, nft_rule::handle, htobe64, nft_rule::len, list_for_each_entry, mnl_attr_nest_end(), mnl_attr_nest_start(), mnl_attr_put(), mnl_attr_put_strz(), mnl_attr_put_u32(), mnl_attr_put_u64(), NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_COMPAT_FLAGS, NFT_RULE_ATTR_COMPAT_PROTO, NFT_RULE_ATTR_HANDLE, NFT_RULE_ATTR_POSITION, NFT_RULE_ATTR_TABLE, NFT_RULE_ATTR_USERDATA, nft_rule_expr_build_payload(), NFTA_RULE_CHAIN, NFTA_RULE_COMPAT, NFTA_RULE_COMPAT_FLAGS, NFTA_RULE_COMPAT_PROTO, NFTA_RULE_EXPRESSIONS, NFTA_RULE_HANDLE, NFTA_RULE_POSITION, NFTA_RULE_TABLE, NFTA_RULE_USERDATA, nft_rule::position, nft_rule::proto, nft_rule::table, and nft_rule::user.

Referenced by mnl_nft_rule_add(), mnl_nft_rule_batch_add(), mnl_nft_rule_batch_del(), and mnl_nft_rule_delete().

Here is the call graph for this function:

Here is the caller graph for this function:

int nft_rule_nlmsg_parse ( const struct nlmsghdr nlh,
struct nft_rule t 
)

References be64toh, nft_rule::chain, nft_rule::data, nft_rule::family, nft_rule::flags, nft_rule::handle, nft_rule::len, mnl_attr_get_payload(), mnl_attr_get_payload_len(), mnl_attr_get_str(), mnl_attr_get_u64(), mnl_attr_parse(), mnl_nlmsg_get_payload(), nfgenmsg::nfgen_family, NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_FAMILY, NFT_RULE_ATTR_HANDLE, NFT_RULE_ATTR_POSITION, NFT_RULE_ATTR_TABLE, NFT_RULE_ATTR_USERDATA, NFTA_RULE_CHAIN, NFTA_RULE_COMPAT, NFTA_RULE_EXPRESSIONS, NFTA_RULE_HANDLE, NFTA_RULE_MAX, NFTA_RULE_POSITION, NFTA_RULE_TABLE, NFTA_RULE_USERDATA, NULL, nft_rule::position, nft_rule::table, nft_rule::user, and xfree.

Here is the call graph for this function:

int nft_rule_parse ( struct nft_rule r,
enum nft_parse_type  type,
const char *  data,
struct nft_parse_err err 
)

References NFT_PARSE_BUFFER.

int nft_rule_parse_file ( struct nft_rule r,
enum nft_parse_type  type,
FILE *  fp,
struct nft_parse_err err 
)

References NFT_PARSE_FILE.

int nft_rule_snprintf ( char *  buf,
size_t  size,
struct nft_rule t,
uint32_t  type,
uint32_t  flags 
)

References flags, nft_event_footer_snprintf(), nft_event_header_snprintf(), NFT_OF_EVENT_ANY, NFT_OUTPUT_DEFAULT, NFT_OUTPUT_JSON, NFT_OUTPUT_XML, size, and SNPRINTF_BUFFER_SIZE.

Referenced by netlink_dump_rule().

Here is the call graph for this function:

Here is the caller graph for this function: