This function parses the command line options and it creates the nft_chain object. Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- examples/nft-chain-add.c | 73 +++++++++++++++++++++++++++------------------- 1 file changed, 43 insertions(+), 30 deletions(-) diff --git a/examples/nft-chain-add.c b/examples/nft-chain-add.c index 3edff86..4d32ddd 100644 --- a/examples/nft-chain-add.c +++ b/examples/nft-chain-add.c @@ -20,14 +20,52 @@ #include <libmnl/libmnl.h> #include <libnftnl/chain.h> +static struct nft_chain *chain_add_parse(int argc, char *argv[]) +{ + struct nft_chain *t; + int hooknum = 0; + + if (argc == 6) { + /* This is a base chain, set the hook number */ + if (strcmp(argv[4], "NF_INET_LOCAL_IN") == 0) + hooknum = NF_INET_LOCAL_IN; + else if (strcmp(argv[4], "NF_INET_LOCAL_OUT") == 0) + hooknum = NF_INET_LOCAL_OUT; + else if (strcmp(argv[4], "NF_INET_PRE_ROUTING") == 0) + hooknum = NF_INET_PRE_ROUTING; + else if (strcmp(argv[4], "NF_INET_POST_ROUTING") == 0) + hooknum = NF_INET_POST_ROUTING; + else if (strcmp(argv[4], "NF_INET_FORWARD") == 0) + hooknum = NF_INET_FORWARD; + else { + fprintf(stderr, "Unknown hook: %s\n", argv[4]); + return NULL; + } + } + + t = nft_chain_alloc(); + if (t == NULL) { + perror("OOM"); + return NULL; + } + nft_chain_attr_set(t, NFT_CHAIN_ATTR_TABLE, argv[2]); + nft_chain_attr_set(t, NFT_CHAIN_ATTR_NAME, argv[3]); + if (argc == 6) { + nft_chain_attr_set_u32(t, NFT_CHAIN_ATTR_HOOKNUM, hooknum); + nft_chain_attr_set_u32(t, NFT_CHAIN_ATTR_PRIO, atoi(argv[5])); + } + + return t; +} + int main(int argc, char *argv[]) { struct mnl_socket *nl; char buf[MNL_SOCKET_BUFFER_SIZE]; struct nlmsghdr *nlh; uint32_t portid, seq; - struct nft_chain *t = NULL; - int ret, family, hooknum = 0; + int ret, family; + struct nft_chain *t; if (argc != 4 && argc != 6) { fprintf(stderr, "Usage: %s <family> <table> <chain> " @@ -49,38 +87,13 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } - if (argc == 6) { - /* This is a base chain, set the hook number */ - if (strcmp(argv[4], "NF_INET_LOCAL_IN") == 0) - hooknum = NF_INET_LOCAL_IN; - else if (strcmp(argv[4], "NF_INET_LOCAL_OUT") == 0) - hooknum = NF_INET_LOCAL_OUT; - else if (strcmp(argv[4], "NF_INET_PRE_ROUTING") == 0) - hooknum = NF_INET_PRE_ROUTING; - else if (strcmp(argv[4], "NF_INET_POST_ROUTING") == 0) - hooknum = NF_INET_POST_ROUTING; - else if (strcmp(argv[4], "NF_INET_FORWARD") == 0) - hooknum = NF_INET_FORWARD; - else { - fprintf(stderr, "Unknown hook: %s\n", argv[4]); - exit(EXIT_FAILURE); - } - } - - t = nft_chain_alloc(); - if (t == NULL) { - perror("OOM"); + t = chain_add_parse(argc, argv); + if (t == NULL) exit(EXIT_FAILURE); - } + seq = time(NULL); nlh = nft_chain_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, family, NLM_F_EXCL|NLM_F_ACK, seq); - nft_chain_attr_set(t, NFT_CHAIN_ATTR_TABLE, argv[2]); - nft_chain_attr_set(t, NFT_CHAIN_ATTR_NAME, argv[3]); - if (argc == 6) { - nft_chain_attr_set_u32(t, NFT_CHAIN_ATTR_HOOKNUM, hooknum); - nft_chain_attr_set_u32(t, NFT_CHAIN_ATTR_PRIO, atoi(argv[5])); - } nft_chain_nlmsg_build_payload(nlh, t); nft_chain_free(t); -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html