libnftnl  1.2.9
nft-chain-test.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  * (C) 2013 by Ana Rey Botello <anarey@gmail.com>
4  */
5 
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <string.h>
9 #include <netinet/in.h>
10 #include <linux/netfilter/nf_tables.h>
11 #include <libnftnl/chain.h>
12 
13 static int test_ok = 1;
14 
15 static void print_err(const char *msg)
16 {
17  test_ok = 0;
18  printf("\033[31mERROR:\e[0m %s\n", msg);
19 }
20 
21 static void cmp_devices(const char * const *adevs,
22  const char * const *bdevs)
23 {
24  int i;
25 
26  if (!adevs && !bdevs)
27  return;
28  if (!!adevs ^ !!bdevs)
29  print_err("Chain devices mismatches");
30  for (i = 0; adevs[i] && bdevs[i]; i++) {
31  if (strcmp(adevs[i], bdevs[i]))
32  break;
33  }
34  if (adevs[i] || bdevs[i])
35  print_err("Chain devices mismatches");
36 }
37 
38 static void cmp_nftnl_chain(struct nftnl_chain *a, struct nftnl_chain *b)
39 {
40  if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_NAME),
41  nftnl_chain_get_str(b, NFTNL_CHAIN_NAME)) != 0)
42  print_err("Chain name mismatches");
43  if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_TABLE),
44  nftnl_chain_get_str(b, NFTNL_CHAIN_TABLE)) != 0)
45  print_err("Chain table mismatches");
46  if (nftnl_chain_get_u32(a, NFTNL_CHAIN_FAMILY) !=
47  nftnl_chain_get_u32(b, NFTNL_CHAIN_FAMILY))
48  print_err("Chain family mismatches");
49  if (nftnl_chain_get_u32(a, NFTNL_CHAIN_POLICY) !=
50  nftnl_chain_get_u32(b, NFTNL_CHAIN_POLICY))
51  print_err("Chain policy mismatches");
52  if (nftnl_chain_get_u32(a, NFTNL_CHAIN_HOOKNUM) !=
53  nftnl_chain_get_u32(b, NFTNL_CHAIN_HOOKNUM))
54  print_err("Chain hooknum mismatches");
55  if (nftnl_chain_get_s32(a, NFTNL_CHAIN_PRIO) !=
56  nftnl_chain_get_s32(b, NFTNL_CHAIN_PRIO))
57  print_err("Chain Prio mismatches");
58  if (nftnl_chain_get_u32(a, NFTNL_CHAIN_USE) !=
59  nftnl_chain_get_u32(b, NFTNL_CHAIN_USE))
60  print_err("Chain use mismatches");
61  if (nftnl_chain_get_u64(a, NFTNL_CHAIN_PACKETS) !=
62  nftnl_chain_get_u64(b, NFTNL_CHAIN_PACKETS))
63  print_err("Chain packets mismatches");
64  if (nftnl_chain_get_u64(a, NFTNL_CHAIN_BYTES) !=
65  nftnl_chain_get_u64(b, NFTNL_CHAIN_BYTES))
66  print_err("Chain bytes mismatches");
67  if (nftnl_chain_get_u64(a, NFTNL_CHAIN_HANDLE) !=
68  nftnl_chain_get_u64(b, NFTNL_CHAIN_HANDLE))
69  print_err("Chain handle mismatches");
70  if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_TYPE),
71  nftnl_chain_get_str(b, NFTNL_CHAIN_TYPE)) != 0)
72  print_err("Chain type mismatches");
73  if (nftnl_chain_is_set(a, NFTNL_CHAIN_DEV) &&
74  strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_DEV),
75  nftnl_chain_get_str(b, NFTNL_CHAIN_DEV)) != 0)
76  print_err("Chain device mismatches");
77  cmp_devices(nftnl_chain_get_array(a, NFTNL_CHAIN_DEVICES),
78  nftnl_chain_get_array(b, NFTNL_CHAIN_DEVICES));
79 }
80 
81 int main(int argc, char *argv[])
82 {
83  const char *devs[] = { "eth0", "eth1", "eth2", NULL };
84  struct nftnl_chain *a, *b;
85  char buf[4096];
86  struct nlmsghdr *nlh;
87 
88  a = nftnl_chain_alloc();
89  b = nftnl_chain_alloc();
90  if (a == NULL || b == NULL)
91  print_err("OOM");
92 
93  nftnl_chain_set_str(a, NFTNL_CHAIN_NAME, "test");
94  nftnl_chain_set_u32(a, NFTNL_CHAIN_FAMILY, AF_INET);
95  nftnl_chain_set_str(a, NFTNL_CHAIN_TABLE, "Table");
96  nftnl_chain_set_u32(a, NFTNL_CHAIN_POLICY,0x12345678);
97  nftnl_chain_set_u32(a, NFTNL_CHAIN_HOOKNUM, 0x34567812);
98  nftnl_chain_set_s32(a, NFTNL_CHAIN_PRIO, 0x56781234);
99  nftnl_chain_set_u32(a, NFTNL_CHAIN_USE, 0x78123456);
100  nftnl_chain_set_u64(a, NFTNL_CHAIN_PACKETS, 0x1234567812345678);
101  nftnl_chain_set_u64(a, NFTNL_CHAIN_BYTES, 0x7812345678123456);
102  nftnl_chain_set_u64(a, NFTNL_CHAIN_HANDLE, 0x5678123456781234);
103  nftnl_chain_set_str(a, NFTNL_CHAIN_TYPE, "Prueba");
104  nftnl_chain_set_str(a, NFTNL_CHAIN_DEV, "eth0");
105 
106  /* cmd extracted from include/linux/netfilter/nf_tables.h */
107  nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET, 0, 1234);
108  nftnl_chain_nlmsg_build_payload(nlh, a);
109 
110  if (nftnl_chain_nlmsg_parse(nlh, b) < 0)
111  print_err("parsing problems");
112 
113  cmp_nftnl_chain(a, b);
114 
115  /* repeat test with multiple devices */
116 
117  nftnl_chain_unset(a, NFTNL_CHAIN_DEV);
118  nftnl_chain_set_array(a, NFTNL_CHAIN_DEVICES, devs);
119 
120  nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET, 0, 1234);
121  nftnl_chain_nlmsg_build_payload(nlh, a);
122 
123  if (nftnl_chain_nlmsg_parse(nlh, b) < 0)
124  print_err("parsing problems");
125 
126  cmp_nftnl_chain(a, b);
127 
128  nftnl_chain_free(a);
129  nftnl_chain_free(b);
130 
131  if (!test_ok)
132  exit(EXIT_FAILURE);
133 
134  printf("%s: \033[32mOK\e[0m\n", argv[0]);
135  return EXIT_SUCCESS;
136 
137 }