libnftnl  1.0.2
nft-table-xml-add.c
1 /*
2  * (C) 2013 by Pablo Neira Ayuso <pablo@netfilter.org>
3  * (C) 2013 by Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This code has been sponsored by Sophos Astaro <http://www.sophos.com>
11  */
12 
13 #include <stdlib.h>
14 #include <time.h>
15 #include <string.h>
16 #include <netinet/in.h>
17 #include <sys/types.h>
18 #include <sys/stat.h>
19 #include <fcntl.h>
20 #include <errno.h>
21 
22 #include <linux/netfilter/nf_tables.h>
23 
24 #include <libmnl/libmnl.h>
25 #include <libnftnl/table.h>
26 #include <libnftnl/common.h>
27 
28 int main(int argc, char *argv[])
29 {
30  struct mnl_socket *nl;
31  char buf[MNL_SOCKET_BUFFER_SIZE];
32  struct nlmsghdr *nlh;
33  uint32_t portid, seq;
34  struct nft_table *t = NULL;
35  int ret, fd;
36  uint16_t family;
37  char xml[4096];
38  char reprint[4096];
39  struct nft_parse_err *err;
40 
41  if (argc < 2) {
42  printf("Usage: %s <xml-file>\n", argv[0]);
43  exit(EXIT_FAILURE);
44  }
45 
46  fd = open(argv[1], O_RDONLY);
47  if (fd < 0) {
48  perror("open");
49  exit(EXIT_FAILURE);
50  }
51 
52  if (read(fd, xml, sizeof(xml)) < 0) {
53  perror("read");
54  close(fd);
55  exit(EXIT_FAILURE);
56  }
57  close(fd);
58 
59  t = nft_table_alloc();
60  if (t == NULL) {
61  perror("OOM");
62  exit(EXIT_FAILURE);
63  }
64 
65  err = nft_parse_err_alloc();
66  if (err == NULL) {
67  perror("error");
68  exit(EXIT_FAILURE);
69  }
70 
71  if (nft_table_parse(t, NFT_PARSE_XML, xml, err) < 0) {
72  nft_parse_perror("Unable to parse XML file", err);
73  exit(EXIT_FAILURE);
74  }
75 
76  nft_table_snprintf(reprint, sizeof(reprint), t, NFT_OUTPUT_XML, 0);
77  printf("Parsed:\n%s\n", reprint);
78 
79  family = nft_table_attr_get_u32(t, NFT_TABLE_ATTR_FAMILY);
80 
81  seq = time(NULL);
82 
83  nlh = nft_table_nlmsg_build_hdr(buf, NFT_MSG_NEWTABLE, family,
84  NLM_F_CREATE|NLM_F_ACK, seq);
85  nft_table_nlmsg_build_payload(nlh, t);
86  nft_table_free(t);
87  nft_parse_err_free(err);
88 
89  nl = mnl_socket_open(NETLINK_NETFILTER);
90  if (nl == NULL) {
91  perror("mnl_socket_open");
92  exit(EXIT_FAILURE);
93  }
94 
95  if (mnl_socket_bind(nl, 0, MNL_SOCKET_AUTOPID) < 0) {
96  perror("mnl_socket_bind");
97  exit(EXIT_FAILURE);
98  }
99  portid = mnl_socket_get_portid(nl);
100 
101  if (mnl_socket_sendto(nl, nlh, nlh->nlmsg_len) < 0) {
102  perror("mnl_socket_send");
103  exit(EXIT_FAILURE);
104  }
105 
106  ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
107  while (ret > 0) {
108  ret = mnl_cb_run(buf, ret, seq, portid, NULL, NULL);
109  if (ret <= 0)
110  break;
111  ret = mnl_socket_recvfrom(nl, buf, sizeof(buf));
112  }
113  if (ret == -1) {
114  perror("error");
115  exit(EXIT_FAILURE);
116  }
117 
118  mnl_socket_close(nl);
119 
120  return EXIT_SUCCESS;
121 }