[PATCH libnftnl RFC 3/3] examples: update nft-rule-add to match on string

[Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>]

An example to match on existing sets from rule.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
Note: Not intended to be merged upstream, I posted as sample.

 examples/nft-rule-add.c | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

diff --git a/examples/nft-rule-add.c b/examples/nft-rule-add.c
index 77ee4805f4a4..5dc77354ed0b 100644
--- a/examples/nft-rule-add.c
+++ b/examples/nft-rule-add.c
@@ -29,21 +29,22 @@
 #include <libnftnl/rule.h>
 #include <libnftnl/expr.h>
 
-static void add_payload(struct nftnl_rule *r, uint32_t base, uint32_t dreg,
-			uint32_t offset, uint32_t len)
+static void add_string(struct nftnl_rule *r)
 {
 	struct nftnl_expr *e;
 
-	e = nftnl_expr_alloc("payload");
+	e = nftnl_expr_alloc("string");
 	if (e == NULL) {
-		perror("expr payload oom");
+		perror("expr string oom");
 		exit(EXIT_FAILURE);
 	}
 
-	nftnl_expr_set_u32(e, NFTNL_EXPR_PAYLOAD_BASE, base);
-	nftnl_expr_set_u32(e, NFTNL_EXPR_PAYLOAD_DREG, dreg);
-	nftnl_expr_set_u32(e, NFTNL_EXPR_PAYLOAD_OFFSET, offset);
-	nftnl_expr_set_u32(e, NFTNL_EXPR_PAYLOAD_LEN, len);
+	nftnl_expr_set_str(e, NFTNL_EXPR_STR_NAME, "y");
+	nftnl_expr_set_u32(e, NFTNL_EXPR_STR_BASE, NFT_PAYLOAD_INNER_HEADER);
+	nftnl_expr_set_u32(e, NFTNL_EXPR_STR_FROM, 0);
+	nftnl_expr_set_u32(e, NFTNL_EXPR_STR_TO, ~0U);
+	nftnl_expr_set_u32(e, NFTNL_EXPR_STR_FLAGS, NFT_STR_F_PRESENT);
+	nftnl_expr_set_u32(e, NFTNL_EXPR_STR_DREG, NFT_REG_1);
 
 	nftnl_rule_add_expr(r, e);
 }
@@ -83,9 +84,8 @@ static struct nftnl_rule *setup_rule(uint8_t family, const char *table,
 				   const char *chain, const char *handle)
 {
 	struct nftnl_rule *r = NULL;
-	uint8_t proto;
-	uint16_t dport;
 	uint64_t handle_num;
+	uint32_t v;
 
 	r = nftnl_rule_alloc();
 	if (r == NULL) {
@@ -102,15 +102,9 @@ static struct nftnl_rule *setup_rule(uint8_t family, const char *table,
 		nftnl_rule_set_u64(r, NFTNL_RULE_POSITION, handle_num);
 	}
 
-	proto = IPPROTO_TCP;
-	add_payload(r, NFT_PAYLOAD_NETWORK_HEADER, NFT_REG_1,
-		    offsetof(struct iphdr, protocol), sizeof(uint8_t));
-	add_cmp(r, NFT_REG_1, NFT_CMP_EQ, &proto, sizeof(uint8_t));
-
-	dport = htons(22);
-	add_payload(r, NFT_PAYLOAD_TRANSPORT_HEADER, NFT_REG_1,
-		    offsetof(struct tcphdr, dest), sizeof(uint16_t));
-	add_cmp(r, NFT_REG_1, NFT_CMP_EQ, &dport, sizeof(uint16_t));
+	v = 1;
+	add_string(r);
+	add_cmp(r, NFT_REG_1, NFT_CMP_EQ, &v, sizeof(uint32_t));
 
 	add_counter(r);
 
-- 
2.30.2