Hi,
I have problem with compilation (linking) of my program using
libnftables.h and libnftables library. I always get undefined
reference no mater how I adjust the command. My app is written in C++
and I want to use libnftables since I will make a lot of dynamic
changes in nftable rules (tc categorization of packets). I have
created simple prototype of app to learn usage of libnftables. I'm
using git version of nftables since it supports conversion from c++
string using .c_str() function, which can't be done in 0.9.0 yet. I
also use latest versions of libnftnl and libmnl. I'm running it on
Debian Stretch using stock 4.9 and even compiled 4.19 from backport
sources since I need to apply some patches for production application.
#include <nftables/libnftables.h>
#include <iostream>
#include <sstream>
using namespace std;
int main()
{
struct nft_ctx* nftables = nft_ctx_new(NFT_CTX_DEFAULT);
if (nft_ctx_buffer_output(nftables) != 0) {cout << "Problem
enabling output buffer" << endl;}
if (nft_ctx_buffer_error(nftables) != 0) {cerr << "Problem enabling
error buffer" << endl;}
const string commandList = "list ruleset";
if (nft_run_cmd_from_buffer(nftables, commandList.c_str()) != 0)
{
stringstream outputSs(nft_ctx_get_output_buffer(nftables));
cout << outputSs.str() << endl;
}
const string commandFlush = "flush ruleset";
if (nft_run_cmd_from_buffer(nftables, commandFlush.c_str()) != 0)
{
stringstream errorSs(nft_ctx_get_error_buffer(nftables));
cerr << errorSs.str() << endl;
}
nft_ctx_free(nftables);
return 0;
}
When I try to compile and link it I always get undefined reference to
all of nft_ctx_* functions. I didn't find compilation instructions so
I'm trying everything I know.
commands:
g++ -L /usr/local/lib -o nftables main.cpp -lnftables
g++ -o nftables /usr/local/lib/libnftables.a main.cpp
result:
/tmp/ccgLgVWC.o: In function `main':
main.cpp:10: undefined reference to `nft_ctx_new(unsigned int)'
main.cpp:12: undefined reference to `nft_ctx_buffer_output(nft_ctx*)'
main.cpp:17: undefined reference to `nft_ctx_buffer_error(nft_ctx*) '
main.cpp:24: undefined reference to `nft_run_cmd_from_buffer(nft_ctx*,
char const*)'
main.cpp:26: undefined reference to `nft_ctx_get_output_buffer(nft_ctx*)'
main.cpp:33: undefined reference to `nft_run_cmd_from_buffer(nft_ctx*,
char const*)'
main.cpp:35: undefined reference to `nft_ctx_get_error_buffer(nft_ctx*)'
main.cpp:40: undefined reference to `nft_ctx_free(nft_ctx*)'
collect2: error: ld returned 1 exit status
I tried to compile with libnftables as shared library. It compiles and
links ok, but when I start the program I get segmentation fault
g++ --shared -fPIC -L /usr/local/lib -o nftables main.cpp -lnftables
this one compiles and links, but when I try to start it I get
zsh: segmentation fault (core dumped) ./nftables
I tried to debug this one, but problem occurs way before the main
function is called.
Syslog: kernel: [162487.271884] nftables[32370]: segfault at 1 ip
0000000000000001 sp 00007ffd04b87fa8 error 14 in
nftables[7f16a2662000+2000]
inspecting coredump with coredumpctl gdb
gdb:
Core was generated by `./nftables'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000000000000001 in ?? ()
(gdb) file ~/nftables/src/libnftables.o
warning: core file may not match specified executable file.
Load new symbol table from "~/nftables/src/libnftables.o"? (y or n) y
Reading symbols from ~/nftables/src/libnftables.o...done.
(gdb) where
#0 0x0000000000000001 in init_cookie (cookie=0x7f16a28640d8) at
libnftables.c:185
#1 0x00007ffd04b887bb in ?? ()
#2 0x0000000000000000 in ?? ()
from libnftables.c:
179 static int init_cookie(struct cookie *cookie)
180 {
181 cookie_io_functions_t cookie_fops = {
182 .write = cookie_write,
183 };
184
185 if (cookie->orig_fp) { /* just rewind buffer */ <- crashes here
I would prefer use of libnftables to calling nft command since it also
sometimes crashes with segmentation fault. For now I will stick with
external call of nft so I can continue development of rules and logics
surrounding them.
----
S pozdravem / Best Regards
Vaclav Zindulka
