Hi,
i am developing some tool which uses libtc to manage rules etc.
unfortunately iptc_zerro_entries (neither iptc_flush_entries and
others which require (const IPT_CHAINLABEL chain, TC_HANDLE_T
*handle) as parameters) does not want to work: as soon as
called - segfaults.
code (simpified, might have a typo) is like this:
--/
const char *table = "filter";
...
iptc_handle_t h;
int ret=0;
const char *c = NULL;
h = iptc_init(table);
if (!h){
.. err handler
}
for (c=iptc_first_chain(&h);
c;
c=iptc_next_chain(&h)) {
printf("in filter found: '%s'\n",c);
/* prints "in filter found: 'INPUT'" */
printf("zeroing..\n");
ret = iptc_zerro_entries(c,&h);
/* segfaults right here [1] */
...
}
--/
[1] i see the prototype of iptc_zerro_entries:
TC_ZERO_ENTRIES(const IPT_CHAINLABEL chain, TC_HANDLE_T *handle);
IPT_CHAINLABEL is 'typedef char ipt_chainlabel[32]'
exactly the same thing is done in iptables, only iptables have
zero_entries function.
so what could be wrong?
compile w/:
gcc -W -Wall -I<ipt include dir> -rdynamic \
-o <executable> <src> \
<path to>/iptables.o <path to/libiptc>/libiptc.a \
-ldl -lnsl
P.Krumins
