libnftnl 1.2.6
nft-compat-get.c
1/*
2 * (C) 2012 by Pablo Neira Ayuso <pablo@netfilter.org>
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This software has been sponsored by Sophos Astaro <http://www.sophos.com>
10 */
11
12#include <stdlib.h>
13#include <time.h>
14#include <string.h>
15#include <netinet/in.h>
16
17#include <linux/netfilter/nfnetlink.h>
18#include <linux/netfilter/nf_tables_compat.h>
19
20#include <libmnl/libmnl.h>
21
22static int data_attr_cb(const struct nlattr *attr, void *data)
23{
24 const struct nlattr **tb = data;
25 int type = mnl_attr_get_type(attr);
26
27 if (mnl_attr_type_valid(attr, NFTA_COMPAT_MAX) < 0)
28 return MNL_CB_OK;
29
30 switch(type) {
31 case NFTA_COMPAT_NAME:
32 if (mnl_attr_validate(attr, MNL_TYPE_STRING) < 0) {
33 perror("mnl_attr_validate");
34 return MNL_CB_ERROR;
35 }
36 break;
37 case NFTA_COMPAT_REV:
38 case NFTA_COMPAT_TYPE:
39 if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) {
40 perror("mnl_attr_validate");
41 return MNL_CB_ERROR;
42 }
43 break;
44 }
45 tb[type] = attr;
46 return MNL_CB_OK;
47}
48
49static int cb(const struct nlmsghdr *nlh, void *data)
50{
51 struct nlattr *tb[NFTA_COMPAT_MAX+1] = {};
52 struct nfgenmsg *nfg = mnl_nlmsg_get_payload(nlh);
53
54 if (mnl_attr_parse(nlh, sizeof(*nfg), data_attr_cb, tb) < 0)
55 return MNL_CB_ERROR;
56
57 if (tb[NFTA_COMPAT_NAME])
58 printf("name=%s ", mnl_attr_get_str(tb[NFTA_COMPAT_NAME]));
59 if (tb[NFTA_COMPAT_REV])
60 printf("rev=%d ", ntohl(mnl_attr_get_u32(tb[NFTA_COMPAT_REV])));
61 if (tb[NFTA_COMPAT_TYPE])
62 printf("type=%d ", ntohl(mnl_attr_get_u32(tb[NFTA_COMPAT_REV])));
63
64 printf("\n");
65
66 return MNL_CB_OK;
67}
68
69int main(int argc, char *argv[])
70{
71 struct mnl_socket *nl;
72 char buf[MNL_SOCKET_BUFFER_SIZE];
73 struct nlmsghdr *nlh;
74 uint32_t portid, seq, rev, type;
75 int ret;
76
77 if (argc != 4) {
78 fprintf(stderr, "Usage: %s <extension_name> <type> <rev>\n",
79 argv[0]);
80 return EXIT_FAILURE;
81 }
82
83 if (strcmp(argv[2], "target") == 0)
84 type = 1;
85 else if (strcmp(argv[2], "match") == 0)
86 type = 0;
87 else {
88 fprintf(stderr, "type should be `target' or `match'\n");
89 return EXIT_FAILURE;
90 }
91 rev = atoi(argv[3]);
92
93 nlh = mnl_nlmsg_put_header(buf);
94 nlh->nlmsg_type = (NFNL_SUBSYS_NFT_COMPAT << 8) | NFNL_MSG_COMPAT_GET;
95 nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
96 nlh->nlmsg_seq = seq = time(NULL);
97
98 struct nfgenmsg *nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
99 nfg->nfgen_family = AF_INET;
100 nfg->version = NFNETLINK_V0;
101 nfg->res_id = 0;
102
103 mnl_attr_put_strz(nlh, NFTA_COMPAT_NAME, argv[1]);
104 mnl_attr_put_u32(nlh, NFTA_COMPAT_REV, htonl(rev));
105 mnl_attr_put_u32(nlh, NFTA_COMPAT_TYPE, htonl(type));
106
107 printf("requesting `%s' rev=%d type=%d\n", argv[1], rev, type);
108
109 nl = mnl_socket_open(NETLINK_NETFILTER);
110 if (nl == NULL) {
111 perror("mnl_socket_open");
112 exit(EXIT_FAILURE);
113 }
114
115 if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {
116 perror("mnl_socket_bind");
117 exit(EXIT_FAILURE);
118 }
119 portid = mnl_socket_get_portid(nl);
120
121 if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
122 perror("mnl_socket_send");
123 exit(EXIT_FAILURE);
124 }
125
126 ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
127 while (ret > 0) {
128 ret = mnl_cb_run(buf, ret, seq, portid, cb, NULL);
129 if (ret <= 0)
130 break;
131 ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
132 }
133 if (ret == -1) {
134 perror("error");
135 exit(EXIT_FAILURE);
136 }
137 mnl_socket_close(nl);
138
139 return EXIT_SUCCESS;
140}