netfilter
firewalling, NAT, and packet mangling for linux
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Modules Pages
Data Structures | Macros | Functions
mnl.c File Reference
#include <libmnl/libmnl.h>
#include <libnftnl/common.h>
#include <libnftnl/ruleset.h>
#include <libnftnl/table.h>
#include <libnftnl/chain.h>
#include <libnftnl/rule.h>
#include <libnftnl/expr.h>
#include <libnftnl/set.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nf_tables.h>
#include <mnl.h>
#include <string.h>
#include <arpa/inet.h>
#include <errno.h>
#include <utils.h>
#include <nftables.h>
Include dependency graph for mnl.c:

Data Structures

struct  batch_page
 

Macros

#define NFT_NLMSG_MAXSIZE   (UINT16_MAX + getpagesize())
 
#define BATCH_PAGE_SIZE   getpagesize() * 32
 

Functions

uint32_t mnl_seqnum_alloc (void)
 
void mnl_genid_get (struct mnl_socket *nf_sock)
 
void mnl_batch_init (void)
 
uint32_t mnl_batch_begin (void)
 
void mnl_batch_end (void)
 
bool mnl_batch_ready (void)
 
void mnl_batch_reset (void)
 
void mnl_err_list_free (struct mnl_err *err)
 
int mnl_batch_talk (struct mnl_socket *nl, struct list_head *err_list)
 
int mnl_nft_rule_batch_add (struct nft_rule *nlr, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_rule_batch_del (struct nft_rule *nlr, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_rule_add (struct mnl_socket *nf_sock, struct nft_rule *nlr, unsigned int flags)
 
int mnl_nft_rule_delete (struct mnl_socket *nf_sock, struct nft_rule *nlr, unsigned int flags)
 
struct nft_rule_listmnl_nft_rule_dump (struct mnl_socket *nf_sock, int family)
 
int mnl_nft_chain_add (struct mnl_socket *nf_sock, struct nft_chain *nlc, unsigned int flags)
 
int mnl_nft_chain_batch_add (struct nft_chain *nlc, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_chain_delete (struct mnl_socket *nf_sock, struct nft_chain *nlc, unsigned int flags)
 
int mnl_nft_chain_batch_del (struct nft_chain *nlc, unsigned int flags, uint32_t seqnum)
 
struct nft_chain_listmnl_nft_chain_dump (struct mnl_socket *nf_sock, int family)
 
int mnl_nft_chain_get (struct mnl_socket *nf_sock, struct nft_chain *nlc, unsigned int flags)
 
int mnl_nft_table_add (struct mnl_socket *nf_sock, struct nft_table *nlt, unsigned int flags)
 
int mnl_nft_table_batch_add (struct nft_table *nlt, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_table_delete (struct mnl_socket *nf_sock, struct nft_table *nlt, unsigned int flags)
 
int mnl_nft_table_batch_del (struct nft_table *nlt, unsigned int flags, uint32_t seqnum)
 
struct nft_table_listmnl_nft_table_dump (struct mnl_socket *nf_sock, int family)
 
int mnl_nft_table_get (struct mnl_socket *nf_sock, struct nft_table *nlt, unsigned int flags)
 
int mnl_nft_set_add (struct mnl_socket *nf_sock, struct nft_set *nls, unsigned int flags)
 
int mnl_nft_set_delete (struct mnl_socket *nf_sock, struct nft_set *nls, unsigned int flags)
 
int mnl_nft_set_batch_add (struct nft_set *nls, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_set_batch_del (struct nft_set *nls, unsigned int flags, uint32_t seqnum)
 
struct nft_set_listmnl_nft_set_dump (struct mnl_socket *nf_sock, int family, const char *table)
 
int mnl_nft_set_get (struct mnl_socket *nf_sock, struct nft_set *nls)
 
int mnl_nft_setelem_add (struct mnl_socket *nf_sock, struct nft_set *nls, unsigned int flags)
 
int mnl_nft_setelem_delete (struct mnl_socket *nf_sock, struct nft_set *nls, unsigned int flags)
 
int mnl_nft_setelem_batch_add (struct nft_set *nls, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_setelem_batch_del (struct nft_set *nls, unsigned int flags, uint32_t seqnum)
 
int mnl_nft_setelem_get (struct mnl_socket *nf_sock, struct nft_set *nls)
 
struct nft_rulesetmnl_nft_ruleset_dump (struct mnl_socket *nf_sock, uint32_t family)
 
int mnl_nft_event_listener (struct mnl_socket *nf_sock, int(*cb)(const struct nlmsghdr *nlh, void *data), void *cb_data)
 
bool mnl_batch_supported (struct mnl_socket *nf_sock)
 

Macro Definition Documentation

#define BATCH_PAGE_SIZE   getpagesize() * 32
#define NFT_NLMSG_MAXSIZE   (UINT16_MAX + getpagesize())

Referenced by mnl_nft_setelem_add(), and mnl_nft_setelem_delete().

Function Documentation

uint32_t mnl_batch_begin ( void  )

References mnl_seqnum_alloc(), and nft_batch_begin().

Here is the call graph for this function:

void mnl_batch_end ( void  )

References mnl_seqnum_alloc(), and nft_batch_end().

Here is the call graph for this function:

void mnl_batch_init ( void  )

References batch_page::batch, batch_page::head, and xmalloc().

Here is the call graph for this function:

bool mnl_batch_ready ( void  )

References mnl_nlmsg_batch_size(), and NLMSG_HDRLEN.

Here is the call graph for this function:

void mnl_batch_reset ( void  )

References batch_page::head, and list_for_each_entry_safe.

bool mnl_batch_supported ( struct mnl_socket nf_sock)

References mnl_cb_run(), mnl_nlmsg_batch_current(), mnl_nlmsg_batch_head(), mnl_nlmsg_batch_next(), mnl_nlmsg_batch_size(), mnl_nlmsg_batch_start(), mnl_nlmsg_batch_stop(), MNL_SOCKET_BUFFER_SIZE, mnl_socket_get_portid(), mnl_socket_recvfrom(), mnl_socket_sendto(), NFNL_MSG_BATCH_BEGIN, NFNL_MSG_BATCH_END, NFT_MSG_NEWSET, nft_set_nlmsg_build_hdr, NLM_F_ACK, and NULL.

Referenced by netlink_batch_supported().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_batch_talk ( struct mnl_socket nl,
struct list_head err_list 
)

References mnl_cb_run(), mnl_nlmsg_batch_is_empty(), MNL_SOCKET_BUFFER_SIZE, mnl_socket_get_fd(), mnl_socket_get_portid(), mnl_socket_recvfrom(), nlmsghdr::nlmsg_seq, and NULL.

Referenced by netlink_batch_send().

Here is the call graph for this function:

Here is the caller graph for this function:

void mnl_err_list_free ( struct mnl_err err)

References mnl_err::head, and xfree.

void mnl_genid_get ( struct mnl_socket nf_sock)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETGEN, nft_nlmsg_build_hdr(), nlh, nlmsghdr::nlmsg_len, and NULL.

Referenced by netlink_genid_get().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_chain_add ( struct mnl_socket nf_sock,
struct nft_chain nlc,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_CHAIN_ATTR_FAMILY, nft_chain_attr_get_u32(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_MSG_NEWCHAIN, nlh, NLM_F_ACK, NLM_F_CREATE, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

int mnl_nft_chain_batch_add ( struct nft_chain nlc,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_CHAIN_ATTR_FAMILY, nft_chain_attr_get_u32(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_MSG_NEWCHAIN, nlh, and NLM_F_CREATE.

Here is the call graph for this function:

int mnl_nft_chain_batch_del ( struct nft_chain nlc,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_CHAIN_ATTR_FAMILY, nft_chain_attr_get_u32(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_MSG_DELCHAIN, nlh, and NLM_F_ACK.

Here is the call graph for this function:

int mnl_nft_chain_delete ( struct mnl_socket nf_sock,
struct nft_chain nlc,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_CHAIN_ATTR_FAMILY, nft_chain_attr_get_u32(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_MSG_DELCHAIN, nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

struct nft_chain_list* mnl_nft_chain_dump ( struct mnl_socket nf_sock,
int  family 
)

References buf, memory_allocation_error, MNL_SOCKET_BUFFER_SIZE, nft_chain_list_alloc(), nft_chain_list_free(), nft_chain_nlmsg_build_hdr, NFT_MSG_GETCHAIN, nlh, NLM_F_DUMP, nlmsghdr::nlmsg_len, and NULL.

Referenced by mnl_nft_ruleset_dump(), and netlink_list_chains().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_chain_get ( struct mnl_socket nf_sock,
struct nft_chain nlc,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_CHAIN_ATTR_FAMILY, nft_chain_attr_get_u32(), nft_chain_nlmsg_build_hdr, nft_chain_nlmsg_build_payload(), NFT_MSG_GETCHAIN, nlh, NLM_F_ACK, and nlmsghdr::nlmsg_len.

Referenced by netlink_get_chain().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_event_listener ( struct mnl_socket nf_sock,
int(*)(const struct nlmsghdr *nlh, void *data cb,
void *  cb_data 
)

Referenced by netlink_monitor().

Here is the caller graph for this function:

int mnl_nft_rule_add ( struct mnl_socket nf_sock,
struct nft_rule nlr,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_NEWRULE, NFT_RULE_ATTR_FAMILY, nft_rule_attr_get_u32(), nft_rule_nlmsg_build_hdr, nft_rule_nlmsg_build_payload(), nlh, NLM_F_ACK, NLM_F_CREATE, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

int mnl_nft_rule_batch_add ( struct nft_rule nlr,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_NEWRULE, NFT_RULE_ATTR_FAMILY, nft_rule_attr_get_u32(), nft_rule_nlmsg_build_hdr, nft_rule_nlmsg_build_payload(), nlh, and NLM_F_CREATE.

Referenced by netlink_add_rule_batch().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_rule_batch_del ( struct nft_rule nlr,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_DELRULE, NFT_RULE_ATTR_FAMILY, nft_rule_attr_get_u32(), nft_rule_nlmsg_build_hdr, nft_rule_nlmsg_build_payload(), and nlh.

Referenced by netlink_del_rule_batch().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_rule_delete ( struct mnl_socket nf_sock,
struct nft_rule nlr,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_DELRULE, NFT_RULE_ATTR_FAMILY, nft_rule_attr_get_u32(), nft_rule_nlmsg_build_hdr, nft_rule_nlmsg_build_payload(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

struct nft_rule_list* mnl_nft_rule_dump ( struct mnl_socket nf_sock,
int  family 
)

References buf, memory_allocation_error, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETRULE, nft_rule_list_alloc(), nft_rule_list_free(), nft_rule_nlmsg_build_hdr, nlh, NLM_F_DUMP, nlmsghdr::nlmsg_len, and NULL.

Referenced by mnl_nft_ruleset_dump().

Here is the call graph for this function:

Here is the caller graph for this function:

struct nft_ruleset* mnl_nft_ruleset_dump ( struct mnl_socket nf_sock,
uint32_t  family 
)

References memory_allocation_error, mnl_nft_chain_dump(), mnl_nft_rule_dump(), mnl_nft_set_dump(), mnl_nft_setelem_get(), mnl_nft_table_dump(), nft_ruleset_alloc(), NFT_RULESET_ATTR_CHAINLIST, NFT_RULESET_ATTR_RULELIST, nft_ruleset_attr_set(), NFT_RULESET_ATTR_SETLIST, NFT_RULESET_ATTR_TABLELIST, nft_ruleset_free(), nft_set_list_iter_create(), nft_set_list_iter_destroy(), nft_set_list_iter_next(), NULL, and s.

Referenced by netlink_dump_ruleset().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_set_add ( struct mnl_socket nf_sock,
struct nft_set nls,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_NEWSET, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, NLM_F_ACK, NLM_F_CREATE, and nlmsghdr::nlmsg_len.

Here is the call graph for this function:

int mnl_nft_set_batch_add ( struct nft_set nls,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_NEWSET, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, and NLM_F_CREATE.

Here is the call graph for this function:

int mnl_nft_set_batch_del ( struct nft_set nls,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_DELSET, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), and nlh.

Here is the call graph for this function:

int mnl_nft_set_delete ( struct mnl_socket nf_sock,
struct nft_set nls,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_DELSET, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

struct nft_set_list* mnl_nft_set_dump ( struct mnl_socket nf_sock,
int  family,
const char *  table 
)

References buf, memory_allocation_error, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETSET, nft_set_alloc(), nft_set_attr_set(), NFT_SET_ATTR_TABLE, nft_set_free(), nft_set_list_alloc(), nft_set_list_free(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, NLM_F_ACK, NLM_F_DUMP, nlmsghdr::nlmsg_len, NULL, and s.

Referenced by mnl_nft_ruleset_dump(), and netlink_list_sets().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_set_get ( struct mnl_socket nf_sock,
struct nft_set nls 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETSET, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, NLM_F_ACK, and nlmsghdr::nlmsg_len.

Referenced by netlink_get_set().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_setelem_add ( struct mnl_socket nf_sock,
struct nft_set nls,
unsigned int  flags 
)

References buf, memory_allocation_error, NFT_MSG_NEWSETELEM, NFT_NLMSG_MAXSIZE, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_elem_nlmsg_build_hdr, nft_set_elems_iter_create(), nft_set_elems_iter_destroy(), nft_set_elems_nlmsg_build_payload_iter(), nlh, NLM_F_ACK, NLM_F_CREATE, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

int mnl_nft_setelem_batch_add ( struct nft_set nls,
unsigned int  flags,
uint32_t  seqnum 
)

References memory_allocation_error, NFT_MSG_NEWSETELEM, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_elem_nlmsg_build_hdr, nft_set_elems_iter_create(), nft_set_elems_iter_destroy(), nft_set_elems_nlmsg_build_payload_iter(), nlh, NLM_F_CREATE, and NULL.

Here is the call graph for this function:

int mnl_nft_setelem_batch_del ( struct nft_set nls,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_DELSETELEM, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_elem_nlmsg_build_hdr, nft_set_elems_nlmsg_build_payload(), and nlh.

Here is the call graph for this function:

int mnl_nft_setelem_delete ( struct mnl_socket nf_sock,
struct nft_set nls,
unsigned int  flags 
)

References buf, NFT_MSG_DELSETELEM, NFT_NLMSG_MAXSIZE, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_elem_nlmsg_build_hdr, nft_set_elems_nlmsg_build_payload(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

int mnl_nft_setelem_get ( struct mnl_socket nf_sock,
struct nft_set nls 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETSETELEM, NFT_SET_ATTR_FAMILY, nft_set_attr_get_u32(), nft_set_elem_nlmsg_build_hdr, nft_set_nlmsg_build_payload(), nlh, NLM_F_ACK, NLM_F_DUMP, and nlmsghdr::nlmsg_len.

Referenced by mnl_nft_ruleset_dump(), and netlink_get_setelems().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_table_add ( struct mnl_socket nf_sock,
struct nft_table nlt,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_NEWTABLE, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get_u32(), nft_table_nlmsg_build_hdr, nft_table_nlmsg_build_payload(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

int mnl_nft_table_batch_add ( struct nft_table nlt,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_NEWTABLE, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get_u32(), nft_table_nlmsg_build_hdr, nft_table_nlmsg_build_payload(), and nlh.

Here is the call graph for this function:

int mnl_nft_table_batch_del ( struct nft_table nlt,
unsigned int  flags,
uint32_t  seqnum 
)

References NFT_MSG_DELTABLE, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get_u32(), nft_table_nlmsg_build_hdr, nft_table_nlmsg_build_payload(), nlh, and NLM_F_ACK.

Referenced by netlink_flush_ruleset().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_table_delete ( struct mnl_socket nf_sock,
struct nft_table nlt,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_DELTABLE, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get_u32(), nft_table_nlmsg_build_hdr, nft_table_nlmsg_build_payload(), nlh, NLM_F_ACK, nlmsghdr::nlmsg_len, and NULL.

Here is the call graph for this function:

struct nft_table_list* mnl_nft_table_dump ( struct mnl_socket nf_sock,
int  family 
)

References buf, memory_allocation_error, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETTABLE, nft_table_list_alloc(), nft_table_list_free(), nft_table_nlmsg_build_hdr, nlh, NLM_F_DUMP, nlmsghdr::nlmsg_len, and NULL.

Referenced by mnl_nft_ruleset_dump(), and netlink_list_tables().

Here is the call graph for this function:

Here is the caller graph for this function:

int mnl_nft_table_get ( struct mnl_socket nf_sock,
struct nft_table nlt,
unsigned int  flags 
)

References buf, MNL_SOCKET_BUFFER_SIZE, NFT_MSG_GETTABLE, NFT_TABLE_ATTR_FAMILY, nft_table_attr_get_u32(), nft_table_nlmsg_build_hdr, nlh, NLM_F_ACK, and nlmsghdr::nlmsg_len.

Referenced by netlink_get_table().

Here is the call graph for this function:

Here is the caller graph for this function:

uint32_t mnl_seqnum_alloc ( void  )

Referenced by mnl_batch_begin(), and mnl_batch_end().

Here is the caller graph for this function: