libnftnl  1.2.9
nft-expr_immediate-test.c
1 /* SPDX-License-Identifier: GPL-2.0-or-later */
2 /*
3  * (C) 2013 by Ana Rey Botello <anarey@gmail.com>
4  */
5 
6 #include <stdio.h>
7 #include <stdlib.h>
8 #include <string.h>
9 #include <netinet/in.h>
10 #include <netinet/ip.h>
11 
12 #include <linux/netfilter/nf_tables.h>
13 #include <libmnl/libmnl.h>
14 #include <libnftnl/rule.h>
15 #include <libnftnl/expr.h>
16 
17 static int test_ok = 1;
18 
19 static void print_err(const char *msg)
20 {
21  test_ok = 0;
22  printf("\033[31mERROR:\e[0m %s\n", msg);
23 }
24 
25 static void cmp_nftnl_expr_verdict(struct nftnl_expr *rule_a,
26  struct nftnl_expr *rule_b)
27 {
28  const char *chain_a, *chain_b;
29  uint32_t len_a, len_b;
30 
31  if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_IMM_DREG) !=
32  nftnl_expr_get_u32(rule_b, NFTNL_EXPR_IMM_DREG))
33  print_err("Expr NFTNL_EXPR_IMM_DREG mismatches");
34 
35  if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_IMM_VERDICT) !=
36  nftnl_expr_get_u32(rule_b, NFTNL_EXPR_IMM_VERDICT))
37  print_err("Expr NFTNL_EXPR_IMM_VERDICT mismatches");
38 
39  chain_a = nftnl_expr_get(rule_a, NFTNL_EXPR_IMM_CHAIN, &len_a);
40  chain_b = nftnl_expr_get(rule_b, NFTNL_EXPR_IMM_CHAIN, &len_b);
41  if (len_a != len_b || strncmp(chain_a, chain_b, len_a))
42  print_err("Expr NFTNL_EXPR_IMM_CHAIN mismatches");
43 }
44 
45 static void cmp_nftnl_expr_value(struct nftnl_expr *rule_a,
46  struct nftnl_expr *rule_b)
47 {
48  const uint32_t *data_a, *data_b;
49  uint32_t len_a, len_b;
50 
51  if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_IMM_DREG) !=
52  nftnl_expr_get_u32(rule_b, NFTNL_EXPR_IMM_DREG))
53  print_err("Expr NFTNL_EXPR_IMM_DREG mismatches");
54 
55  data_a = nftnl_expr_get(rule_a, NFTNL_EXPR_IMM_DATA, &len_a);
56  data_b = nftnl_expr_get(rule_b, NFTNL_EXPR_IMM_DATA, &len_b);
57  if (len_a != len_b || memcmp(data_a, data_b, len_a))
58  print_err("Expr NFTNL_EXPR_IMM_DATA mismatches");
59 }
60 
61 int main(int argc, char *argv[])
62 {
63  struct nftnl_rule *a, *b;
64  struct nftnl_expr *ex_val, *ex_ver;
65  struct nlmsghdr *nlh;
66  char buf[4096];
67  struct nftnl_expr_iter *iter_a, *iter_b;
68  struct nftnl_expr *rule_a, *rule_b;
69  const char *chain = "tests_chain01234";
70  const char *data = "test_data_01234";
71 
72  a = nftnl_rule_alloc();
73  b = nftnl_rule_alloc();
74  if (a == NULL || b == NULL)
75  print_err("OOM");
76  ex_val = nftnl_expr_alloc("immediate");
77  ex_ver = nftnl_expr_alloc("immediate");
78  if (!ex_val || !ex_ver)
79  print_err("OOM");
80 
81  nftnl_expr_set_u32(ex_val, NFTNL_EXPR_IMM_DREG, 0x1234568);
82  nftnl_expr_set(ex_val, NFTNL_EXPR_IMM_DATA, data, sizeof(data));
83 
84  nftnl_expr_set_u32(ex_ver, NFTNL_EXPR_IMM_DREG, 0x1234568);
85  nftnl_expr_set_u32(ex_ver, NFTNL_EXPR_IMM_VERDICT, NFT_GOTO);
86  nftnl_expr_set(ex_ver, NFTNL_EXPR_IMM_CHAIN, chain, sizeof(chain));
87 
88  nftnl_rule_add_expr(a, ex_val);
89  nftnl_rule_add_expr(a, ex_ver);
90 
91  nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234);
92  nftnl_rule_nlmsg_build_payload(nlh, a);
93 
94  if (nftnl_rule_nlmsg_parse(nlh, b) < 0)
95  print_err("parsing problems");
96 
97  iter_a = nftnl_expr_iter_create(a);
98  iter_b = nftnl_expr_iter_create(b);
99  if (iter_a == NULL || iter_b == NULL)
100  print_err("OOM");
101 
102  rule_a = nftnl_expr_iter_next(iter_a);
103  rule_b = nftnl_expr_iter_next(iter_b);
104  if (rule_a == NULL || rule_b == NULL)
105  print_err("OOM");
106 
107  cmp_nftnl_expr_value(rule_a, rule_b);
108 
109  rule_a = nftnl_expr_iter_next(iter_a);
110  rule_b = nftnl_expr_iter_next(iter_b);
111  if (rule_a == NULL || rule_b == NULL)
112  print_err("OOM");
113 
114  cmp_nftnl_expr_verdict(rule_a, rule_b);
115 
116  if (nftnl_expr_iter_next(iter_a) != NULL ||
117  nftnl_expr_iter_next(iter_b) != NULL)
118  print_err("More 2 expr.");
119 
120  nftnl_expr_iter_destroy(iter_a);
121  nftnl_expr_iter_destroy(iter_b);
122  nftnl_rule_free(a);
123  nftnl_rule_free(b);
124 
125  if (!test_ok)
126  exit(EXIT_FAILURE);
127 
128  printf("%s: \033[32mOK\e[0m\n", argv[0]);
129  return EXIT_SUCCESS;
130 }