Hi,
On Tue, Jul 18, 2023 at 09:02:02PM +0200, Easynet wrote:
> I'm building a small firewall daemon that it receives if an user is
> authenticated and then is adding his IP in a set to be allowed for 24h.
> I'm new in nftnl library and I started to read the documentation and
> also the examples.
>
> Until now I was able to add in my daemon these tools based on libnftnl:
>
> - create / delete / get tables
> - create / delete chains
> - create / delete sets.
>
> Right now I'm facing an issue that I can't understand how to build the
> nftnl packet for adding an element to my set, which has interval and
> timeout flags.
With libnftnl, source is documentation. Go check nftables code on how to
use it. If you need a simpler interface to nftables, I highly recommend
using libnftables instead. You'll either have to pass strings or use a
JSON library for structured in- and output. For simple things such as
adding an element to a set, it more or less boils down to:
| struct nft_ctx *ctx = nft_ctx_new(NFT_CTX_DEFAULT);
| nft_run_cmd_from_buffer(ctx, "add element mytable myset { 123 }");
| nft_ctx_free(ctx);
Cheers, Phil
