libnftnl  1.2.8
nft-rule-test.c
1 /*
2  * (C) 2013 by Ana Rey Botello <anarey@gmail.com>
3  *
4  * This program is free software; you can redistribute it and/or modify it
5  * under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  *
9  */
10 
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 
15 #include <netinet/in.h>
16 #include <linux/netfilter/nf_tables.h>
17 #include <libnftnl/rule.h>
18 #include <libnftnl/udata.h>
19 
20 static int test_ok = 1;
21 
22 static void print_err(const char *msg)
23 {
24  test_ok = 0;
25  printf("\033[31mERROR:\e[0m %s\n", msg);
26 }
27 
28 static void cmp_nftnl_rule(struct nftnl_rule *a, struct nftnl_rule *b)
29 {
30  const void *udata_a, *udata_b;
31  uint32_t len_a, len_b;
32 
33  if (nftnl_rule_get_u32(a, NFTNL_RULE_FAMILY) !=
34  nftnl_rule_get_u32(b, NFTNL_RULE_FAMILY))
35  print_err("Rule family mismatches");
36  if (strcmp(nftnl_rule_get_str(a, NFTNL_RULE_TABLE),
37  nftnl_rule_get_str(b, NFTNL_RULE_TABLE)) != 0)
38  print_err("Rule table mismatches");
39  if (strcmp(nftnl_rule_get_str(a, NFTNL_RULE_CHAIN),
40  nftnl_rule_get_str(b, NFTNL_RULE_CHAIN)) != 0)
41  print_err("Rule table mismatches");
42  if (nftnl_rule_get_u64(a, NFTNL_RULE_HANDLE) !=
43  nftnl_rule_get_u64(b, NFTNL_RULE_HANDLE))
44  print_err("Rule handle mismatches");
45  if (nftnl_rule_get_u32(a, NFTNL_RULE_COMPAT_PROTO) !=
46  nftnl_rule_get_u32(b, NFTNL_RULE_COMPAT_PROTO))
47  print_err("Rule compat_proto mismatches");
48  if (nftnl_rule_get_u32(a, NFTNL_RULE_COMPAT_FLAGS) !=
49  nftnl_rule_get_u32(b, NFTNL_RULE_COMPAT_FLAGS))
50  print_err("Rule compat_flags mismatches");
51  if (nftnl_rule_get_u32(a, NFTNL_RULE_ID) !=
52  nftnl_rule_get_u32(b, NFTNL_RULE_ID))
53  print_err("Rule id mismatches");
54  if (nftnl_rule_get_u32(a, NFTNL_RULE_POSITION_ID) !=
55  nftnl_rule_get_u32(b, NFTNL_RULE_POSITION_ID))
56  print_err("Rule position_id mismatches");
57  if (nftnl_rule_get_u64(a, NFTNL_RULE_POSITION) !=
58  nftnl_rule_get_u64(b, NFTNL_RULE_POSITION))
59  print_err("Rule compat_position mismatches");
60 
61  udata_a = nftnl_rule_get_data(a, NFTNL_RULE_USERDATA, &len_a);
62  udata_b = nftnl_rule_get_data(b, NFTNL_RULE_USERDATA, &len_b);
63 
64  if (len_a != len_b || memcmp(udata_a, udata_b, len_a) != 0)
65  print_err("Rule userdata mismatches");
66 }
67 
68 int main(int argc, char *argv[])
69 {
70  struct nftnl_udata_buf *udata;
71  struct nftnl_rule *a, *b;
72  char buf[4096];
73  struct nlmsghdr *nlh;
74 
75  a = nftnl_rule_alloc();
76  b = nftnl_rule_alloc();
77  if (a == NULL || b == NULL)
78  print_err("OOM");
79 
80  udata = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN);
81  if (!udata)
82  print_err("OOM");
83 
84  if (!nftnl_udata_put_strz(udata, 0, "hello world"))
85  print_err("User data too big");
86 
87  nftnl_rule_set_u32(a, NFTNL_RULE_FAMILY, AF_INET);
88  nftnl_rule_set_str(a, NFTNL_RULE_TABLE, "table");
89  nftnl_rule_set_str(a, NFTNL_RULE_CHAIN, "chain");
90  nftnl_rule_set_u64(a, NFTNL_RULE_HANDLE, 0x1234567812345678);
91  nftnl_rule_set_u32(a, NFTNL_RULE_COMPAT_PROTO, 0x12345678);
92  nftnl_rule_set_u32(a, NFTNL_RULE_COMPAT_FLAGS, 0x12345678);
93  nftnl_rule_set_u32(a, NFTNL_RULE_ID, 0x12345678);
94  nftnl_rule_set_u32(a, NFTNL_RULE_POSITION_ID, 0x12345678);
95  nftnl_rule_set_u64(a, NFTNL_RULE_POSITION, 0x1234567812345678);
96  nftnl_rule_set_data(a, NFTNL_RULE_USERDATA,
97  nftnl_udata_buf_data(udata),
98  nftnl_udata_buf_len(udata));
99  nftnl_udata_buf_free(udata);
100 
101  nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234);
102  nftnl_rule_nlmsg_build_payload(nlh, a);
103 
104  if (nftnl_rule_nlmsg_parse(nlh, b) < 0)
105  print_err("parsing problems");
106 
107  cmp_nftnl_rule(a,b);
108 
109  nftnl_rule_free(a);
110  nftnl_rule_free(b);
111  if (!test_ok)
112  exit(EXIT_FAILURE);
113 
114  printf("%s: \033[32mOK\e[0m\n", argv[0]);
115  return EXIT_SUCCESS;
116 }