 |
netfilter
firewalling, NAT, and packet mangling for linux
|
|
|
netfilter
firewalling, NAT, and packet mangling for linux
|
|
Data Structures | |
| struct | builtin_chain |
| struct | builtin_table |
| struct | nft_handle |
Macros | |
| #define | FILTER 0 |
| #define | MANGLE 1 |
| #define | RAW 2 |
| #define | SECURITY 3 |
| #define | NAT 4 |
| #define | TABLES_MAX 5 |
| #define | XTABLES_CONFIG_DEFAULT "/etc/xtables.conf" |
Enumerations | |
| enum | nft_rule_print { NFT_RULE_APPEND, NFT_RULE_DEL } |
| enum | { NFT_LOAD_VERBOSE = (1 << 0) } |
Variables | |
| struct builtin_table | xtables_ipv4 [TABLES_MAX] |
| struct builtin_table | xtables_arp [TABLES_MAX] |
| #define FILTER 0 |
| #define MANGLE 1 |
| #define NAT 4 |
| #define RAW 2 |
| #define SECURITY 3 |
| #define TABLES_MAX 5 |
| #define XTABLES_CONFIG_DEFAULT "/etc/xtables.conf" |
Referenced by nft_chain_user_add(), nft_chain_user_rename(), nft_rule_append(), nft_rule_insert(), nft_rule_list(), and xtables_config_main().
| enum nft_rule_print |
| int add_action | ( | struct nft_rule * | r, |
| struct iptables_command_state * | cs, | ||
| bool | goto_set | ||
| ) |
References add_jumpto(), add_target(), add_verdict(), iptables_command_state::jumpto, NF_ACCEPT, NF_DROP, NFT_GOTO, NFT_JUMP, NFT_RETURN, NULL, xtables_target::t, iptables_command_state::target, XTC_LABEL_ACCEPT, XTC_LABEL_DROP, and XTC_LABEL_RETURN.
References NFT_EXPR_CTR_BYTES, NFT_EXPR_CTR_PACKETS, nft_rule_add_expr(), nft_rule_expr_alloc(), nft_rule_expr_set_u64(), and NULL.
References NFT_EXPR_IMM_CHAIN, NFT_EXPR_IMM_DREG, NFT_EXPR_IMM_VERDICT, NFT_REG_VERDICT, nft_rule_add_expr(), nft_rule_expr_alloc(), nft_rule_expr_set_str(), nft_rule_expr_set_u32(), and NULL.
Referenced by add_action().
| int add_match | ( | struct nft_rule * | r, |
| struct xt_entry_match * | m | ||
| ) |
References nft_rule_add_expr(), nft_rule_expr_alloc(), and NULL.
| int add_target | ( | struct nft_rule * | r, |
| struct xt_entry_target * | t | ||
| ) |
References nft_rule_add_expr(), nft_rule_expr_alloc(), and NULL.
Referenced by add_action().
References NFT_EXPR_IMM_DREG, NFT_EXPR_IMM_VERDICT, NFT_REG_VERDICT, nft_rule_add_expr(), nft_rule_expr_alloc(), nft_rule_expr_set_u32(), and NULL.
Referenced by add_action().
| int do_commandarp | ( | struct nft_handle * | h, |
| int | argc, | ||
| char * | argv[], | ||
| char ** | table | ||
| ) |
References arpt_devaddr_info::addr, arpt_arp::arhln, arpt_arp::arhln_mask, arpt_arp::arhrd, arpt_arp::arhrd_mask, arpt_entry::arp, arpt_arp::arpop, arpt_arp::arpop_mask, arpt_arp::arpro, arpt_arp::arpro_mask, ARPT_FUNCTION_MAXNAMELEN, ARPT_INV_SRCIP, ARPT_INV_TGTIP, arpt_counters::bcnt, check_inverse(), CMD_APPEND, CMD_DELETE, CMD_DELETE_CHAIN, CMD_DELETE_NUM, CMD_FLUSH, CMD_INSERT, CMD_LIST, CMD_NEW_CHAIN, CMD_NONE, CMD_RENAME_CHAIN, CMD_REPLACE, CMD_SET_POLICY, CMD_ZERO, arpt_entry::counters, exit_printhelp(), exit_tryhelp(), FALSE, nft_handle::family, arptables_command_state::fw, generic_opt_check(), get16_and_mask(), getlength_and_mask(), getmac_and_mask(), arpt_arp::iniface, arpt_arp::iniface_mask, arpt_arp::invflags, arptables_command_state::jumpto, arpt_devaddr_info::mask, xtables_target::next, nft_chain_set(), nft_chain_user_add(), nft_chain_user_del(), nft_chain_user_rename(), nft_chain_zero_counters(), nft_family_ops_lookup(), nft_init(), nft_rule_delete_num(), nft_rule_flush(), NULL, NUMOPCODES, opcodes, nft_handle::ops, OPT_COUNTERS, OPT_D_IP, OPT_D_MAC, OPT_H_LENGTH, OPT_H_TYPE, OPT_JUMP, OPT_LINENUMBERS, OPT_NUMERIC, OPT_OPCODE, OPT_P_TYPE, OPT_S_IP, OPT_S_MAC, OPT_VERBOSE, OPT_VIANAMEIN, OPT_VIANAMEOUT, opts, xtables_globals::orig_opts, OTHER_PROBLEM, arpt_arp::outiface, arpt_arp::outiface_mask, PARAMETER_PROBLEM, parse_hostnetworkmask(), arpt_counters::pcnt, program_name, program_version, size, arpt_arp::src_devaddr, xtables_target::t, arptables_command_state::target, arpt_entry_target::target, xtables_target::tflags, arpt_arp::tgt_devaddr, arpt_arp::tmsk, TRUE, xtables_target::used, XT_STANDARD_TARGET, xtables_arp, xtables_calloc(), xtables_error, xtables_find_target(), xtables_option_tfcall(), xtables_option_tpcall(), xtables_targets, XTF_LOAD_MUST_SUCCEED, and XTF_TRY_LOAD.
Referenced by xtables_arp_main().
| int do_commandx | ( | struct nft_handle * | h, |
| int | argc, | ||
| char * | argv[], | ||
| char ** | table, | ||
| bool | restore | ||
| ) |
References addr_mask::addr, iptables_command_state::argv, xtables_args::bcnt, xtables_args::bcnt_cnt, iptables_command_state::c, CMD_APPEND, CMD_CHECK, CMD_DELETE, CMD_DELETE_CHAIN, CMD_DELETE_NUM, CMD_FLUSH, CMD_INSERT, CMD_LIST, CMD_LIST_RULES, CMD_NEW_CHAIN, CMD_NONE, CMD_RENAME_CHAIN, CMD_REPLACE, CMD_SET_POLICY, CMD_ZERO, CMD_ZERO_NUM, command_default(), xtables_args::d, xtables_args::dhostnetworkmask, exit_printhelp(), exit_tryhelp(), FALSE, nft_handle::family, xtables_args::family, xtables_args::flags, generic_opt_check(), xtables_args::goto_set, xtables_args::iniface, xtables_args::iniface_mask, iptables_command_state::invert, xtables_args::invflags, IPT_F_FRAG, iptables_command_state::jumpto, xtables_match::m, addr_mask::mask, xtables_rule_match::match, iptables_command_state::matches, xtables_match::mflags, addr_mask::naddrs, xtables_match::next, xtables_target::next, xtables_rule_match::next, nft_chain_set(), nft_chain_user_add(), nft_chain_user_del(), nft_chain_user_rename(), nft_chain_zero_counters(), nft_family_ops_lookup(), nft_rule_delete_num(), nft_rule_flush(), nft_rule_zero_counters(), NULL, nft_handle::ops, OPT_COUNTERS, OPT_DESTINATION, OPT_EXPANDED, OPT_FRAGMENT, OPT_JUMP, OPT_LINENUMBERS, OPT_NUMERIC, OPT_PROTOCOL, OPT_SOURCE, OPT_VERBOSE, OPT_VIANAMEIN, OPT_VIANAMEOUT, iptables_command_state::options, opts, xtables_globals::orig_opts, xtables_args::outiface, xtables_args::outiface_mask, PARAMETER_PROBLEM, xtables_args::pcnt, xtables_args::pcnt_cnt, nft_family_ops::post_parse, prog_name, prog_vers, xtables_args::proto, nft_family_ops::proto_parse, iptables_command_state::protocol, xtables_args::shostnetworkmask, xtables_target::t, iptables_command_state::target, xtables_target::tflags, TRUE, xtables_target::used, addr_mask::v4, addr_mask::v6, XT_EXTENSION_MAXNAMELEN, XT_INV_PROTO, xt_params, xtables_error, xtables_find_match(), xtables_find_target(), xtables_free_opts(), xtables_matches, xtables_modprobe_program, xtables_option_mfcall(), xtables_option_tfcall(), xtables_parse_interface(), xtables_parse_protocol(), xtables_rule_matches_free(), xtables_set_nfproto(), xtables_targets, and XTF_TRY_LOAD.
| int mnl_talk | ( | struct nft_handle * | h, |
| struct nlmsghdr * | nlh, | ||
| int(*)(const struct nlmsghdr *nlh, void *data) | cb, | ||
| void * | data | ||
| ) |
References buf, mnl_cb_run(), MNL_SOCKET_BUFFER_SIZE, mnl_socket_recvfrom(), mnl_socket_sendto(), nft_handle::nl, nlmsghdr::nlmsg_len, nft_handle::portid, and nft_handle::seq.
Referenced by nft_chain_add(), nft_chain_user_add(), nft_chain_user_rename(), nft_chain_zero_counters(), and nft_table_add().
| int nft_abort | ( | struct nft_handle * | h | ) |
References NFT_COMPAT_ABORT.
| int nft_arp_rule_append | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| struct arpt_entry * | fw, | ||
| bool | verbose | ||
| ) |
| int nft_arp_rule_insert | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| struct arpt_entry * | fw, | ||
| int | rulenum, | ||
| bool | verbose | ||
| ) |
| int nft_chain_add | ( | struct nft_handle * | h, |
| struct nft_chain * | c, | ||
| uint16_t | flags | ||
| ) |
References buf, nft_handle::family, mnl_nlmsg_fprintf(), MNL_SOCKET_BUFFER_SIZE, mnl_talk(), nft_chain_free(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), nft_chain_snprintf(), NFT_MSG_NEWCHAIN, nlh, NLM_F_ACK, NLM_F_CREATE, nlmsghdr::nlmsg_len, NULL, and nft_handle::seq.
Referenced by nft_chain_set().
| struct nft_chain_list* nft_chain_dump | ( | struct nft_handle * | h | ) |
Referenced by nft_rule_list(), and nft_rule_list_save().
| struct nft_chain* nft_chain_list_find | ( | struct nft_chain_list * | list, |
| const char * | table, | ||
| const char * | chain | ||
| ) |
References nft_chain_attr_get_str(), NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_TABLE, nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), and NULL.
| int nft_chain_save | ( | struct nft_handle * | h, |
| struct nft_chain_list * | list, | ||
| const char * | table | ||
| ) |
References nft_chain_attr_get_str(), NFT_CHAIN_ATTR_TABLE, nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), and NULL.
| int nft_chain_set | ( | struct nft_handle * | h, |
| const char * | table, | ||
| const char * | chain, | ||
| const char * | policy, | ||
| const struct xt_counters * | counters | ||
| ) |
References nft_handle::batch_support, NF_ACCEPT, NF_DROP, nft_chain_add(), nft_chain_set(), NFT_COMPAT_CHAIN_UPDATE, and NULL.
Referenced by do_commandarp(), do_commandx(), nft_chain_set(), and nft_strerror().
| int nft_chain_user_add | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table | ||
| ) |
References nft_handle::batch_support, nft_handle::family, MNL_SOCKET_BUFFER_SIZE, mnl_talk(), nft_chain_alloc(), NFT_CHAIN_ATTR_NAME, nft_chain_attr_set(), NFT_CHAIN_ATTR_TABLE, nft_chain_free(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), nft_chain_user_add(), NFT_COMPAT_CHAIN_USER_ADD, NFT_MSG_NEWCHAIN, nft_xtables_config_load(), nlh, NLM_F_ACK, NLM_F_EXCL, NULL, nft_handle::seq, and XTABLES_CONFIG_DEFAULT.
Referenced by do_commandarp(), do_commandx(), nft_chain_user_add(), nft_chain_user_rename(), and nft_strerror().
| int nft_chain_user_del | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table | ||
| ) |
References nft_handle::batch_support, nft_chain_list::list, nft_chain_attr_get_str(), NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_TABLE, nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), NFT_COMPAT_CHAIN_USER_DEL, and NULL.
Referenced by do_commandarp(), do_commandx(), and nft_strerror().
| int nft_chain_user_rename | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| const char * | newname | ||
| ) |
References nft_handle::batch_support, nft_handle::family, nft_chain::handle, MNL_SOCKET_BUFFER_SIZE, mnl_talk(), nft_chain_alloc(), nft_chain_attr_get_u64(), NFT_CHAIN_ATTR_HANDLE, NFT_CHAIN_ATTR_NAME, nft_chain_attr_set(), nft_chain_attr_set_u64(), NFT_CHAIN_ATTR_TABLE, nft_chain_free(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), nft_chain_user_add(), NFT_COMPAT_CHAIN_RENAME, NFT_MSG_NEWCHAIN, nft_xtables_config_load(), nlh, NLM_F_ACK, NULL, nft_handle::seq, and XTABLES_CONFIG_DEFAULT.
Referenced by do_commandarp(), and do_commandx().
| int nft_chain_zero_counters | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table | ||
| ) |
References nft_handle::batch_support, nft_handle::family, nft_chain_list::list, MNL_SOCKET_BUFFER_SIZE, mnl_talk(), NFT_CHAIN_ATTR_BYTES, nft_chain_attr_get(), NFT_CHAIN_ATTR_HANDLE, NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_PACKETS, nft_chain_attr_set_u64(), NFT_CHAIN_ATTR_TABLE, nft_chain_attr_unset(), nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_COMPAT_CHAIN_ADD, NFT_MSG_NEWCHAIN, nlh, NLM_F_ACK, NULL, and nft_handle::seq.
Referenced by do_commandarp(), and do_commandx().
| int nft_commit | ( | struct nft_handle * | h | ) |
References NFT_COMPAT_COMMIT.
Referenced by nft_rule_list(), and xtables_arp_main().
| int nft_compatible_revision | ( | const char * | name, |
| uint8_t | rev, | ||
| int | opt | ||
| ) |
References DEBUGP, IP6T_SO_GET_REVISION_MATCH, IPT_SO_GET_REVISION_MATCH, mnl_attr_put_strz(), mnl_attr_put_u32(), mnl_cb_run(), mnl_nlmsg_put_extra_header(), mnl_nlmsg_put_header(), MNL_SOCKET_AUTOPID, mnl_socket_bind(), MNL_SOCKET_BUFFER_SIZE, mnl_socket_close(), mnl_socket_get_portid(), mnl_socket_open(), mnl_socket_recvfrom(), mnl_socket_sendto(), NETLINK_NETFILTER, nfgenmsg::nfgen_family, NFNETLINK_V0, NFNL_MSG_COMPAT_GET, NFNL_SUBSYS_NFT_COMPAT, NFTA_COMPAT_NAME, NFTA_COMPAT_REV, NFTA_COMPAT_TYPE, nlh, NLM_F_ACK, NLM_F_REQUEST, nlmsghdr::nlmsg_flags, nlmsghdr::nlmsg_len, nlmsghdr::nlmsg_seq, nlmsghdr::nlmsg_type, NULL, nfgenmsg::res_id, type, and nfgenmsg::version.
| void nft_fini | ( | struct nft_handle * | h | ) |
References nft_handle::batch, mnl_nlmsg_batch_head(), mnl_nlmsg_batch_stop(), mnl_socket_close(), and nft_handle::nl.
Referenced by xtables_arp_main().
| int nft_for_each_table | ( | struct nft_handle * | h, |
| int(*)(struct nft_handle *h, const char *tablename, bool counters) | func, | ||
| bool | counters | ||
| ) |
References nft_table_list::list, nft_table_attr_get(), NFT_TABLE_ATTR_NAME, nft_table_list_free(), nft_table_list_iter_create(), nft_table_list_iter_next(), and NULL.
| int nft_init | ( | struct nft_handle * | h, |
| struct builtin_table * | t | ||
| ) |
References nft_handle::batch, nft_handle::batch_support, INIT_LIST_HEAD, MNL_SOCKET_AUTOPID, mnl_socket_bind(), mnl_socket_get_portid(), mnl_socket_open(), NETLINK_NETFILTER, nft_handle::nl, NULL, nft_handle::obj_list, nft_handle::portid, and nft_handle::tables.
Referenced by do_commandarp(), and xtables_config_main().
| uint32_t nft_invflags2cmp | ( | uint32_t | invflags, |
| uint32_t | flag | ||
| ) |
References NFT_CMP_EQ, and NFT_CMP_NEQ.
| int nft_rule_append | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| void * | data, | ||
| uint64_t | handle, | ||
| bool | verbose | ||
| ) |
References NFT_COMPAT_RULE_APPEND, NFT_COMPAT_RULE_REPLACE, nft_rule_append(), NFT_RULE_ATTR_HANDLE, nft_rule_attr_set(), nft_rule_free(), nft_xtables_config_load(), NULL, type, and XTABLES_CONFIG_DEFAULT.
Referenced by nft_rule_append(), nft_rule_replace(), and nft_rule_zero_counters().
| int nft_rule_check | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| void * | data, | ||
| bool | verbose | ||
| ) |
References nft_rule_list::list, nft_rule_check(), nft_rule_list_create(), nft_rule_list_destroy(), and NULL.
Referenced by nft_rule_check(), and nft_strerror().
| int nft_rule_delete | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| void * | data, | ||
| bool | verbose | ||
| ) |
References nft_rule_list::list, nft_rule_delete(), nft_rule_list_create(), nft_rule_list_destroy(), and NULL.
Referenced by nft_rule_delete(), nft_rule_zero_counters(), and nft_strerror().
| int nft_rule_delete_num | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| int | rulenum, | ||
| bool | verbose | ||
| ) |
References DEBUGP, nft_rule_list::list, nft_rule_delete_num(), nft_rule_list_create(), nft_rule_list_destroy(), and NULL.
Referenced by do_commandarp(), do_commandx(), nft_rule_delete_num(), and nft_strerror().
| int nft_rule_flush | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table | ||
| ) |
References nft_chain_list::list, nft_chain_attr_get_str(), NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_TABLE, nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), nft_rule_flush(), and NULL.
Referenced by do_commandarp(), do_commandx(), and nft_rule_flush().
| int nft_rule_insert | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| void * | data, | ||
| int | rulenum, | ||
| bool | verbose | ||
| ) |
References DEBUGP, nft_rule_list::list, nft_rule_attr_get_u64(), NFT_RULE_ATTR_HANDLE, nft_rule_insert(), nft_rule_list_create(), nft_rule_list_destroy(), nft_xtables_config_load(), NULL, and XTABLES_CONFIG_DEFAULT.
Referenced by nft_rule_insert().
| int nft_rule_list | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| int | rulenum, | ||
| unsigned int | format | ||
| ) |
References nft_handle::family, nft_chain_list::list, NFT_CHAIN_ATTR_BYTES, nft_chain_attr_get(), nft_chain_attr_get_str(), nft_chain_attr_get_u32(), nft_chain_attr_get_u64(), NFT_CHAIN_ATTR_HOOKNUM, NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_PACKETS, NFT_CHAIN_ATTR_POLICY, NFT_CHAIN_ATTR_TABLE, NFT_CHAIN_ATTR_USE, nft_chain_dump(), nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), nft_commit(), nft_family_ops_lookup(), nft_xtables_config_load(), NULL, nft_handle::obj_list, xt_counters::pcnt, nft_family_ops::print_firewall, nft_family_ops::print_header, and XTABLES_CONFIG_DEFAULT.
| struct nft_rule_list* nft_rule_list_create | ( | struct nft_handle * | h | ) |
Referenced by nft_rule_check(), nft_rule_delete(), nft_rule_delete_num(), nft_rule_insert(), nft_rule_replace(), and nft_rule_zero_counters().
| void nft_rule_list_destroy | ( | struct nft_rule_list * | list | ) |
References nft_rule_list_free().
Referenced by nft_rule_check(), nft_rule_delete(), nft_rule_delete_num(), nft_rule_insert(), nft_rule_replace(), and nft_rule_zero_counters().
| int nft_rule_list_save | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| int | rulenum, | ||
| int | counters | ||
| ) |
References FMT_NOCOUNTS, nft_chain_list::list, nft_chain_attr_get_str(), NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_TABLE, nft_chain_dump(), nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), and NULL.
| void nft_rule_print_save | ( | const void * | data, |
| struct nft_rule * | r, | ||
| enum nft_rule_print | type, | ||
| unsigned int | format | ||
| ) |
References nft_rule::family, FMT_NOCOUNTS, nft_family_ops_lookup(), NFT_RULE_APPEND, NFT_RULE_ATTR_CHAIN, NFT_RULE_ATTR_FAMILY, nft_rule_attr_get_str(), nft_rule_attr_get_u32(), NFT_RULE_DEL, nft_family_ops::save_counters, and nft_family_ops::save_firewall.
Referenced by nft_ipv46_rule_find(), and nft_rule_save().
| int nft_rule_replace | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| void * | data, | ||
| int | rulenum, | ||
| bool | verbose | ||
| ) |
References DEBUGP, nft_rule_list::list, nft_rule_append(), nft_rule_attr_get_u64(), NFT_RULE_ATTR_HANDLE, nft_rule_list_create(), nft_rule_list_destroy(), nft_rule_replace(), and NULL.
Referenced by nft_rule_replace(), and nft_strerror().
| int nft_rule_save | ( | struct nft_handle * | h, |
| const char * | table, | ||
| bool | counters | ||
| ) |
References FMT_NOCOUNTS, nft_rule_list::list, NFT_RULE_APPEND, nft_rule_attr_get_str(), NFT_RULE_ATTR_TABLE, nft_rule_list_free(), nft_rule_list_iter_create(), nft_rule_list_iter_destroy(), nft_rule_list_iter_next(), nft_rule_print_save(), nft_rule_to_iptables_command_state(), and NULL.
| void nft_rule_to_arpt_entry | ( | struct nft_rule * | r, |
| struct arpt_entry * | fw | ||
| ) |
| int nft_rule_zero_counters | ( | struct nft_handle * | h, |
| const char * | chain, | ||
| const char * | table, | ||
| int | rulenum | ||
| ) |
References xt_counters::bcnt, iptables_command_state::counters, error, nft_rule_list::list, nft_rule_append(), nft_rule_attr_get_u64(), NFT_RULE_ATTR_HANDLE, nft_rule_delete(), nft_rule_list_create(), nft_rule_list_destroy(), nft_rule_to_iptables_command_state(), NULL, and xt_counters::pcnt.
Referenced by do_commandx().
| const char* nft_strerror | ( | int | err | ) |
References nft_chain_set(), nft_chain_user_add(), nft_chain_user_del(), nft_rule_check(), nft_rule_delete(), nft_rule_delete_num(), nft_rule_replace(), and NULL.
Referenced by xtables_arp_main().
| int nft_table_add | ( | struct nft_handle * | h, |
| struct nft_table * | t, | ||
| uint16_t | flags | ||
| ) |
References buf, nft_handle::family, mnl_nlmsg_fprintf(), MNL_SOCKET_BUFFER_SIZE, mnl_talk(), NFT_MSG_NEWTABLE, nft_table_free(), nft_table_nlmsg_build_hdr, nft_table_nlmsg_build_payload(), nft_table_snprintf(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, NULL, and nft_handle::seq.
| bool nft_table_find | ( | struct nft_handle * | h, |
| const char * | tablename | ||
| ) |
References nft_table_list::list, nft_table_attr_get(), NFT_TABLE_ATTR_NAME, nft_table_list_free(), nft_table_list_iter_create(), nft_table_list_iter_next(), and NULL.
| int nft_table_purge_chains | ( | struct nft_handle * | h, |
| const char * | table, | ||
| struct nft_chain_list * | list | ||
| ) |
References nft_chain_attr_get_str(), NFT_CHAIN_ATTR_TABLE, nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), and NULL.
| int nft_xtables_config_load | ( | struct nft_handle * | h, |
| const char * | filename, | ||
| uint32_t | flags | ||
| ) |
References nft_handle::family, nft_chain_attr_get(), nft_chain_attr_get_u32(), NFT_CHAIN_ATTR_NAME, NFT_CHAIN_ATTR_TABLE, nft_chain_list_alloc(), nft_chain_list_free(), nft_chain_list_iter_create(), nft_chain_list_iter_destroy(), nft_chain_list_iter_next(), NFT_COMPAT_CHAIN_ADD, NFT_COMPAT_TABLE_ADD, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get(), nft_table_attr_get_u32(), NFT_TABLE_ATTR_NAME, nft_table_list_alloc(), nft_table_list_free(), nft_table_list_iter_create(), nft_table_list_iter_destroy(), nft_table_list_iter_next(), NULL, nft_handle::restore, and xtables_config_parse().
Referenced by nft_chain_user_add(), nft_chain_user_rename(), nft_rule_append(), nft_rule_insert(), nft_rule_list(), and xtables_config_main().
| int xtables_config_parse | ( | const char * | filename, |
| struct nft_table_list * | table_list, | ||
| struct nft_chain_list * | chain_list | ||
| ) |
| struct builtin_table xtables_arp[TABLES_MAX] |
Referenced by do_commandarp().
| struct builtin_table xtables_ipv4[TABLES_MAX] |
Referenced by xtables_config_main().
1.8.8 