15 #include <netinet/in.h>
17 #include <linux/netfilter.h>
18 #include <linux/netfilter/nf_tables.h>
20 #include <libmnl/libmnl.h>
21 #include <libnftnl/chain.h>
23 int main(
int argc,
char *argv[])
25 struct mnl_socket *nl;
26 char buf[MNL_SOCKET_BUFFER_SIZE];
33 fprintf(stderr,
"Usage: %s <family> <table> <chain>\n",
38 if (strcmp(argv[1],
"ip") == 0)
39 family = NFPROTO_IPV4;
40 else if (strcmp(argv[1],
"ip6") == 0)
41 family = NFPROTO_IPV6;
42 else if (strcmp(argv[1],
"bridge") == 0)
43 family = NFPROTO_BRIDGE;
44 else if (strcmp(argv[1],
"arp") == 0)
47 fprintf(stderr,
"Unknown family: ip, ip6, bridge, arp\n");
51 t = nft_chain_alloc();
57 nlh = nft_chain_nlmsg_build_hdr(buf, NFT_MSG_DELCHAIN, family,
59 nft_chain_attr_set(t, NFT_CHAIN_ATTR_TABLE, argv[2]);
60 nft_chain_attr_set(t, NFT_CHAIN_ATTR_NAME, argv[3]);
61 nft_chain_nlmsg_build_payload(nlh, t);
64 nl = mnl_socket_open(NETLINK_NETFILTER);
66 perror(
"mnl_socket_open");
70 if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {
71 perror(
"mnl_socket_bind");
74 portid = mnl_socket_get_portid(nl);
76 if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
77 perror(
"mnl_socket_send");
81 ret = mnl_socket_recvfrom(nl, buf,
sizeof(buf));
83 ret = mnl_cb_run(buf, ret, seq, portid, NULL, NULL);
86 ret = mnl_socket_recvfrom(nl, buf,
sizeof(buf));