15 #include <netinet/in.h>
16 #include <netinet/ip.h>
17 #include <linux/netfilter/nf_tables.h>
19 #include <libmnl/libmnl.h>
20 #include <libnftnl/rule.h>
21 #include <libnftnl/expr.h>
23 static int test_ok = 1;
25 static void print_err(
const char *msg)
28 printf(
"\033[31mERROR:\e[0m %s\n", msg);
31 static void cmp_nft_rule_expr(
struct nft_rule_expr *rule_a,
32 struct nft_rule_expr *rule_b)
34 if (nft_rule_expr_get_u64(rule_a, NFT_EXPR_LIMIT_RATE) !=
35 nft_rule_expr_get_u64(rule_b, NFT_EXPR_LIMIT_RATE))
36 print_err(
"Expr CTR_BYTES mismatches");
37 if (nft_rule_expr_get_u64(rule_a, NFT_EXPR_LIMIT_UNIT) !=
38 nft_rule_expr_get_u64(rule_b, NFT_EXPR_LIMIT_UNIT))
39 print_err(
"Expr CTR_PACKET mismatches");
42 int main(
int argc,
char *argv[])
45 struct nft_rule_expr *ex;
49 struct nft_rule_expr *rule_a, *rule_b;
53 if (a == NULL || b == NULL)
55 ex = nft_rule_expr_alloc(
"limit");
59 nft_rule_expr_set_u64(ex, NFT_EXPR_LIMIT_RATE, 0x123456789abcdef0);
60 nft_rule_expr_set_u64(ex, NFT_EXPR_LIMIT_UNIT, 0x123456789abcdef0);
62 nft_rule_add_expr(a, ex);
64 nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234);
65 nft_rule_nlmsg_build_payload(nlh, a);
67 if (nft_rule_nlmsg_parse(nlh, b) < 0)
68 print_err(
"parsing problems");
70 iter_a = nft_rule_expr_iter_create(a);
71 iter_b = nft_rule_expr_iter_create(b);
72 if (iter_a == NULL || iter_b == NULL)
75 rule_a = nft_rule_expr_iter_next(iter_a);
76 rule_b = nft_rule_expr_iter_next(iter_b);
77 if (rule_a == NULL || rule_b == NULL)
80 cmp_nft_rule_expr(rule_a, rule_b);
82 if (nft_rule_expr_iter_next(iter_a) != NULL ||
83 nft_rule_expr_iter_next(iter_b) != NULL)
84 print_err(
"More 1 expr.");
86 nft_rule_expr_iter_destroy(iter_a);
87 nft_rule_expr_iter_destroy(iter_b);
94 printf(
"%s: \033[32mOK\e[0m\n", argv[0]);