On 5 January 2017 at 11:56, Khawar Shehzad <shehzad.khawar@xxxxxxxxx> wrote: > HI, > I hope all are fine, and happy new year. > > > I want to implement a rule using libnftnl in C programming. This rule > specifies that a packet with a specific source address and a specific > destination address SHOULD be allowed. All other packet which does not > have that source and destination address MUST be dropped. > > > Just a little hint would suffice. I need to implement it. Any > direction would be much appreciated. Take a look at libnftnl examples. In nft-rule-add.c [0] a rule that does 'tcp dport 22 counter' is added. [0] http://git.netfilter.org/libnftnl/tree/examples/nft-rule-add.c -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
