libnftnl 1.2.6
nft-ct-timeout-get.c
1/*
2 * (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This software has been sponsored by Sophos Astaro <http://www.sophos.com>
10 */
11
12
13#include <stdlib.h>
14#include <time.h>
15#include <string.h>
16#include <netinet/in.h>
17
18#include <linux/netfilter.h>
19#include <linux/netfilter/nf_tables.h>
20
21#include <libmnl/libmnl.h>
22#include <libnftnl/object.h>
23
24static int obj_cb(const struct nlmsghdr *nlh, void *data)
25{
26 struct nftnl_obj *t;
27 char buf[4096];
28 uint32_t *type = data;
29
30 t = nftnl_obj_alloc();
31 if (t == NULL) {
32 perror("OOM");
33 goto err;
34 }
35
36 if (nftnl_obj_nlmsg_parse(nlh, t) < 0) {
37 perror("nftnl_obj_nlmsg_parse");
38 goto err_free;
39 }
40
41 nftnl_obj_snprintf(buf, sizeof(buf), t, *type, 0);
42 printf("%s\n", buf);
43
44err_free:
45 nftnl_obj_free(t);
46err:
47 return MNL_CB_OK;
48}
49
50int main(int argc, char *argv[])
51{
52 struct mnl_socket *nl;
53 char buf[MNL_SOCKET_BUFFER_SIZE];
54 struct nlmsghdr *nlh;
55 uint32_t portid, seq, family;
56 struct nftnl_obj *t = NULL;
57 int ret;
58 uint32_t type = NFTNL_OUTPUT_DEFAULT;
59
60 if (argc < 3 || argc > 5) {
61 fprintf(stderr, "%s <family> <table> [<obj>]\n", argv[0]);
62 return EXIT_FAILURE;
63 }
64
65 if (strcmp(argv[1], "ip") == 0)
66 family = NFPROTO_IPV4;
67 else if (strcmp(argv[1], "ip6") == 0)
68 family = NFPROTO_IPV6;
69 else if (strcmp(argv[1], "inet") == 0)
70 family = NFPROTO_INET;
71 else if (strcmp(argv[1], "unspec") == 0)
72 family = NFPROTO_UNSPEC;
73 else {
74 fprintf(stderr, "Unknown family: ip, ip6, inet, unspec");
75 exit(EXIT_FAILURE);
76 }
77
78 if (argc == 3 || argc == 4) {
79 t = nftnl_obj_alloc();
80 if (t == NULL) {
81 perror("OOM");
82 exit(EXIT_FAILURE);
83 }
84 }
85
86 seq = time(NULL);
87 nftnl_obj_set_u32(t, NFTNL_OBJ_TYPE, NFT_OBJECT_CT_TIMEOUT);
88 if (argc < 4) {
89 nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETOBJ, family,
90 NLM_F_DUMP, seq);
91 if (argc == 3) {
92 nftnl_obj_set_str(t, NFTNL_OBJ_TABLE, argv[2]);
93 nftnl_obj_nlmsg_build_payload(nlh, t);
94 nftnl_obj_free(t);
95 }
96 } else {
97 nftnl_obj_set_str(t, NFTNL_OBJ_TABLE, argv[2]);
98 nftnl_obj_set_str(t, NFTNL_OBJ_NAME, argv[3]);
99
100 nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_GETOBJ, family,
101 NLM_F_ACK, seq);
102 nftnl_obj_nlmsg_build_payload(nlh, t);
103 nftnl_obj_free(t);
104 }
105
106 nl = mnl_socket_open(NETLINK_NETFILTER);
107 if (nl == NULL) {
108 perror("mnl_socket_open");
109 exit(EXIT_FAILURE);
110 }
111
112 if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {
113 perror("mnl_socket_bind");
114 exit(EXIT_FAILURE);
115 }
116 portid = mnl_socket_get_portid(nl);
117
118 if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
119 perror("mnl_socket_send");
120 exit(EXIT_FAILURE);
121 }
122
123 ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
124 while (ret > 0) {
125 ret = mnl_cb_run(buf, ret, seq, portid, obj_cb, &type);
126 if (ret <= 0)
127 break;
128 ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
129 }
130 if (ret == -1) {
131 perror("error");
132 exit(EXIT_FAILURE);
133 }
134 mnl_socket_close(nl);
135
136 return EXIT_SUCCESS;
137}