netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
Data Structures | Enumerations | Functions
rule.h File Reference
#include <stdint.h>
#include <nftables.h>
#include <list.h>
#include <payload.h>
#include <expression.h>
Include dependency graph for rule.h:
This graph shows which files directly or indirectly include this file:

Data Structures

struct  handle
 struct handle - handle for tables, chains, rules and sets More...
 
struct  scope
 struct scope More...
 
struct  symbol
 struct symbol More...
 
struct  table
 struct table - nftables table More...
 
struct  chain
 struct chain - nftables chain More...
 
struct  rule
 struct rule - nftables rule More...
 
struct  set
 struct set - nftables set More...
 
struct  export
 
struct  monitor
 
struct  cmd
 
struct  eval_ctx
 struct eval_ctx - evaluation context More...
 

Enumerations

enum  chain_flags { CHAIN_F_BASECHAIN = 0x1 }
 enum chain_flags - chain flags More...
 
enum  set_flags {
  SET_F_ANONYMOUS = 0x1,
  SET_F_CONSTANT = 0x2,
  SET_F_INTERVAL = 0x4,
  SET_F_MAP = 0x8
}
 enum set_flags More...
 
enum  cmd_ops {
  CMD_INVALID,
  CMD_ADD,
  CMD_CREATE,
  CMD_INSERT,
  CMD_DELETE,
  CMD_LIST,
  CMD_FLUSH,
  CMD_RENAME,
  CMD_EXPORT,
  CMD_MONITOR,
  CMD_DESCRIBE
}
 enum cmd_ops - command operations More...
 
enum  cmd_obj {
  CMD_OBJ_INVALID,
  CMD_OBJ_SETELEM,
  CMD_OBJ_SET,
  CMD_OBJ_SETS,
  CMD_OBJ_RULE,
  CMD_OBJ_CHAIN,
  CMD_OBJ_TABLE,
  CMD_OBJ_RULESET,
  CMD_OBJ_EXPR,
  CMD_OBJ_MONITOR,
  CMD_OBJ_EXPORT
}
 enum cmd_obj - command objects More...
 
enum  {
  CMD_MONITOR_OBJ_ANY,
  CMD_MONITOR_OBJ_TABLES,
  CMD_MONITOR_OBJ_CHAINS,
  CMD_MONITOR_OBJ_RULES,
  CMD_MONITOR_OBJ_SETS,
  CMD_MONITOR_OBJ_ELEMS,
  CMD_MONITOR_OBJ_MAX
}
 

Functions

void handle_merge (struct handle *dst, const struct handle *src)
 
void handle_free (struct handle *h)
 
struct scopescope_init (struct scope *scope, const struct scope *parent)
 
void scope_release (const struct scope *scope)
 
void symbol_bind (struct scope *scope, const char *identifier, struct expr *expr)
 
struct symbolsymbol_lookup (const struct scope *scope, const char *identifier)
 
struct tabletable_alloc (void)
 
void table_free (struct table *table)
 
void table_add_hash (struct table *table)
 
struct tabletable_lookup (const struct handle *h)
 
const char * chain_type_name_lookup (const char *name)
 
const char * chain_hookname_lookup (const char *name)
 
struct chainchain_alloc (const char *name)
 
void chain_free (struct chain *chain)
 
void chain_add_hash (struct chain *chain, struct table *table)
 
struct chainchain_lookup (const struct table *table, const struct handle *h)
 
const char * family2str (unsigned int family)
 
void chain_print_plain (const struct chain *chain)
 
struct rulerule_alloc (const struct location *loc, const struct handle *h)
 
void rule_free (struct rule *rule)
 
void rule_print (const struct rule *rule)
 
struct setset_alloc (const struct location *loc)
 
struct setset_get (struct set *set)
 
void set_free (struct set *set)
 
void set_add_hash (struct set *set, struct table *table)
 
struct setset_lookup (const struct table *table, const char *name)
 
struct setset_lookup_global (uint32_t family, const char *table, const char *name)
 
void set_print (const struct set *set)
 
void set_print_plain (const struct set *s)
 
struct exportexport_alloc (uint32_t format)
 
void export_free (struct export *e)
 
struct monitormonitor_alloc (uint32_t format, uint32_t type, const char *event)
 
void monitor_free (struct monitor *m)
 
struct cmdcmd_alloc (enum cmd_ops op, enum cmd_obj obj, const struct handle *h, const struct location *loc, void *data)
 
void cmd_free (struct cmd *cmd)
 
int cmd_evaluate (struct eval_ctx *ctx, struct cmd *cmd)
 
struct error_recordrule_postprocess (struct rule *rule)
 
int do_command (struct netlink_ctx *ctx, struct cmd *cmd)
 

Enumeration Type Documentation

anonymous enum
Enumerator
CMD_MONITOR_OBJ_ANY 
CMD_MONITOR_OBJ_TABLES 
CMD_MONITOR_OBJ_CHAINS 
CMD_MONITOR_OBJ_RULES 
CMD_MONITOR_OBJ_SETS 
CMD_MONITOR_OBJ_ELEMS 
CMD_MONITOR_OBJ_MAX 
enum chain_flags

enum chain_flags - chain flags

: chain is a base chain

Enumerator
CHAIN_F_BASECHAIN 
enum cmd_obj

enum cmd_obj - command objects

: invalid : set element(s) : set : multiple sets : rule : chain : table : ruleset : expression : monitor : export

Enumerator
CMD_OBJ_INVALID 
CMD_OBJ_SETELEM 
CMD_OBJ_SET 
CMD_OBJ_SETS 
CMD_OBJ_RULE 
CMD_OBJ_CHAIN 
CMD_OBJ_TABLE 
CMD_OBJ_RULESET 
CMD_OBJ_EXPR 
CMD_OBJ_MONITOR 
CMD_OBJ_EXPORT 
enum cmd_ops

enum cmd_ops - command operations

: invalid : add object (non-exclusive) : create object (exclusive) : insert object : delete object : list container : flush container : rename object : export the ruleset in a given format : event listener : describe an expression

Enumerator
CMD_INVALID 
CMD_ADD 
CMD_CREATE 
CMD_INSERT 
CMD_DELETE 
CMD_LIST 
CMD_FLUSH 
CMD_RENAME 
CMD_EXPORT 
CMD_MONITOR 
CMD_DESCRIBE 
enum set_flags

enum set_flags

: Set content is constant : set includes ranges and/or prefix expressions

Enumerator
SET_F_ANONYMOUS 
SET_F_CONSTANT 
SET_F_INTERVAL 
SET_F_MAP 

Function Documentation

void chain_add_hash ( struct chain chain,
struct table table 
)

References table::chains, and chain::list.

struct chain* chain_alloc ( const char *  name)

References handle::chain, chain::chain, chain::handle, NULL, chain::rules, chain::scope, scope::symbols, xstrdup(), and xzalloc().

Here is the call graph for this function:

void chain_free ( struct chain chain)

References chain::handle, handle_free(), rule::list, list_for_each_entry_safe, rule_free(), chain::rules, chain::scope, scope_release(), and xfree.

Referenced by cmd_free(), and table_free().

Here is the call graph for this function:

Here is the caller graph for this function:

const char* chain_hookname_lookup ( const char *  name)

References NULL.

struct chain* chain_lookup ( const struct table table,
const struct handle h 
)

References handle::chain, chain::chain, table::chains, chain::handle, chain::list, list_for_each_entry, and NULL.

Here is the call graph for this function:

void chain_print_plain ( const struct chain chain)

References handle::chain, CHAIN_F_BASECHAIN, handle::family, family2str(), chain::flags, chain::handle, chain::hooknum, chain::priority, handle::table, and chain::type.

Here is the call graph for this function:

const char* chain_type_name_lookup ( const char *  name)

References NULL.

struct cmd* cmd_alloc ( enum cmd_ops  op,
enum cmd_obj  obj,
const struct handle h,
const struct location loc,
void *  data 
)

References cmd::data, data, cmd::handle, cmd::list, cmd::location, cmd::obj, cmd::op, and xzalloc().

Here is the call graph for this function:

int cmd_evaluate ( struct eval_ctx ctx,
struct cmd cmd 
)

References BUG, eval_ctx::cmd, CMD_ADD, CMD_CREATE, CMD_DELETE, CMD_DESCRIBE, CMD_EXPORT, CMD_FLUSH, CMD_INSERT, CMD_LIST, CMD_MONITOR, CMD_RENAME, erec_create(), EREC_INFORMATIONAL, erec_print(), cmd::location, and cmd::op.

Here is the call graph for this function:

void cmd_free ( struct cmd cmd)

References cmd::arg, BUG, cmd::chain, chain_free(), CMD_OBJ_CHAIN, CMD_OBJ_EXPORT, CMD_OBJ_EXPR, CMD_OBJ_MONITOR, CMD_OBJ_RULE, CMD_OBJ_SET, CMD_OBJ_SETELEM, CMD_OBJ_TABLE, cmd::data, cmd::export, export_free(), cmd::expr, expr_free(), cmd::handle, handle_free(), cmd::monitor, monitor_free(), NULL, cmd::obj, cmd::rule, rule_free(), cmd::set, set_free(), cmd::table, table_free(), and xfree.

Referenced by nft_run().

Here is the call graph for this function:

Here is the caller graph for this function:

int do_command ( struct netlink_ctx ctx,
struct cmd cmd 
)

References BUG, CMD_ADD, CMD_CREATE, CMD_DELETE, CMD_DESCRIBE, CMD_EXPORT, CMD_FLUSH, CMD_INSERT, CMD_LIST, CMD_MONITOR, CMD_RENAME, cmd::obj, and cmd::op.

struct export* export_alloc ( uint32_t  format)

References format(), export::format, and xmalloc().

Here is the call graph for this function:

void export_free ( struct export e)

References xfree.

Referenced by cmd_free().

Here is the caller graph for this function:

const char* family2str ( unsigned int  family)

References NFPROTO_ARP, NFPROTO_BRIDGE, NFPROTO_INET, NFPROTO_IPV4, and NFPROTO_IPV6.

Referenced by chain_print_plain(), and set_print_plain().

Here is the caller graph for this function:

void handle_free ( struct handle h)

References handle::chain, handle::comment, handle::set, handle::table, and xfree.

Referenced by chain_free(), cmd_free(), rule_free(), set_free(), and table_free().

Here is the caller graph for this function:

void handle_merge ( struct handle dst,
const struct handle src 
)

References handle::chain, handle::comment, handle::family, handle::handle, NULL, handle::position, handle::set, handle::table, and xstrdup().

Here is the call graph for this function:

struct monitor* monitor_alloc ( uint32_t  format,
uint32_t  type,
const char *  event 
)

References monitor::event, monitor::flags, format(), monitor::format, monitor::type, type, and xmalloc().

Here is the call graph for this function:

void monitor_free ( struct monitor m)

References xfree.

Referenced by cmd_free().

Here is the caller graph for this function:

struct rule* rule_alloc ( const struct location loc,
const struct handle h 
)

References rule::handle, rule::list, rule::location, NULL, rule::stmts, and xzalloc().

Referenced by netlink_delinearize_rule().

Here is the call graph for this function:

Here is the caller graph for this function:

void rule_free ( struct rule rule)

References rule::handle, handle_free(), stmt_list_free(), rule::stmts, and xfree.

Referenced by chain_free(), and cmd_free().

Here is the call graph for this function:

Here is the caller graph for this function:

struct error_record* rule_postprocess ( struct rule rule)

References NULL.

void rule_print ( const struct rule rule)

References handle::handle, rule::handle, handle_output, stmt::list, list_for_each_entry, stmt::ops, stmt_ops::print, and rule::stmts.

Here is the call graph for this function:

struct scope* scope_init ( struct scope scope,
const struct scope parent 
)

References scope::parent.

void scope_release ( const struct scope scope)

References symbol::expr, expr_free(), symbol::identifier, symbol::list, list_for_each_entry_safe, scope::symbols, and xfree.

Referenced by chain_free(), and table_free().

Here is the call graph for this function:

Here is the caller graph for this function:

void set_add_hash ( struct set set,
struct table table 
)

References set::list, and table::sets.

struct set* set_alloc ( const struct location loc)

References set::location, NULL, set::refcnt, and xzalloc().

Here is the call graph for this function:

void set_free ( struct set set)

References expr_free(), set::handle, handle_free(), set::init, NULL, set::refcnt, and xfree.

Referenced by cmd_free().

Here is the call graph for this function:

Here is the caller graph for this function:

struct set* set_get ( struct set set)

References set::refcnt.

Referenced by set_ref_expr_alloc().

Here is the caller graph for this function:

struct set* set_lookup ( const struct table table,
const char *  name 
)

References set::handle, set::list, list_for_each_entry, NULL, handle::set, and table::sets.

Referenced by set_lookup_global().

Here is the caller graph for this function:

struct set* set_lookup_global ( uint32_t  family,
const char *  table,
const char *  name 
)

References handle::family, NULL, set_lookup(), handle::table, and table_lookup().

Here is the call graph for this function:

void set_print ( const struct set set)

References print_fmt_options::tab.

void set_print_plain ( const struct set s)

References handle::family, family2str(), set::handle, print_fmt_options::tab, and handle::table.

Here is the call graph for this function:

void symbol_bind ( struct scope scope,
const char *  identifier,
struct expr expr 
)

References symbol::expr, symbol::identifier, symbol::list, scope::symbols, xstrdup(), and xzalloc().

Here is the call graph for this function:

struct symbol* symbol_lookup ( const struct scope scope,
const char *  identifier 
)

References symbol::identifier, symbol::list, list_for_each_entry, NULL, scope::parent, and scope::symbols.

void table_add_hash ( struct table table)

References table::list.

struct table* table_alloc ( void  )

References table::chains, table::scope, table::sets, scope::symbols, and xzalloc().

Here is the call graph for this function:

void table_free ( struct table table)

References chain::chain, chain_free(), table::chains, table::handle, handle_free(), chain::list, list_for_each_entry_safe, table::scope, scope_release(), and xfree.

Referenced by cmd_free().

Here is the call graph for this function:

Here is the caller graph for this function:

struct table* table_lookup ( const struct handle h)

References handle::family, table::handle, table::list, list_for_each_entry, NULL, and handle::table.

Referenced by netlink_delinearize_rule(), and set_lookup_global().

Here is the caller graph for this function: