libnftnl 1.2.9
nft-chain-test.c
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * (C) 2013 by Ana Rey Botello <anarey@gmail.com>
4 */
5
6#include <stdio.h>
7#include <stdlib.h>
8#include <string.h>
9#include <netinet/in.h>
10#include <linux/netfilter/nf_tables.h>
11#include <libnftnl/chain.h>
12
13static int test_ok = 1;
14
15static void print_err(const char *msg)
16{
17 test_ok = 0;
18 printf("\033[31mERROR:\e[0m %s\n", msg);
19}
20
21static void cmp_devices(const char * const *adevs,
22 const char * const *bdevs)
23{
24 int i;
25
26 if (!adevs && !bdevs)
27 return;
28 if (!!adevs ^ !!bdevs)
29 print_err("Chain devices mismatches");
30 for (i = 0; adevs[i] && bdevs[i]; i++) {
31 if (strcmp(adevs[i], bdevs[i]))
32 break;
33 }
34 if (adevs[i] || bdevs[i])
35 print_err("Chain devices mismatches");
36}
37
38static void cmp_nftnl_chain(struct nftnl_chain *a, struct nftnl_chain *b)
39{
40 if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_NAME),
41 nftnl_chain_get_str(b, NFTNL_CHAIN_NAME)) != 0)
42 print_err("Chain name mismatches");
43 if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_TABLE),
44 nftnl_chain_get_str(b, NFTNL_CHAIN_TABLE)) != 0)
45 print_err("Chain table mismatches");
46 if (nftnl_chain_get_u32(a, NFTNL_CHAIN_FAMILY) !=
47 nftnl_chain_get_u32(b, NFTNL_CHAIN_FAMILY))
48 print_err("Chain family mismatches");
49 if (nftnl_chain_get_u32(a, NFTNL_CHAIN_POLICY) !=
50 nftnl_chain_get_u32(b, NFTNL_CHAIN_POLICY))
51 print_err("Chain policy mismatches");
52 if (nftnl_chain_get_u32(a, NFTNL_CHAIN_HOOKNUM) !=
53 nftnl_chain_get_u32(b, NFTNL_CHAIN_HOOKNUM))
54 print_err("Chain hooknum mismatches");
55 if (nftnl_chain_get_s32(a, NFTNL_CHAIN_PRIO) !=
56 nftnl_chain_get_s32(b, NFTNL_CHAIN_PRIO))
57 print_err("Chain Prio mismatches");
58 if (nftnl_chain_get_u32(a, NFTNL_CHAIN_USE) !=
59 nftnl_chain_get_u32(b, NFTNL_CHAIN_USE))
60 print_err("Chain use mismatches");
61 if (nftnl_chain_get_u64(a, NFTNL_CHAIN_PACKETS) !=
62 nftnl_chain_get_u64(b, NFTNL_CHAIN_PACKETS))
63 print_err("Chain packets mismatches");
64 if (nftnl_chain_get_u64(a, NFTNL_CHAIN_BYTES) !=
65 nftnl_chain_get_u64(b, NFTNL_CHAIN_BYTES))
66 print_err("Chain bytes mismatches");
67 if (nftnl_chain_get_u64(a, NFTNL_CHAIN_HANDLE) !=
68 nftnl_chain_get_u64(b, NFTNL_CHAIN_HANDLE))
69 print_err("Chain handle mismatches");
70 if (strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_TYPE),
71 nftnl_chain_get_str(b, NFTNL_CHAIN_TYPE)) != 0)
72 print_err("Chain type mismatches");
73 if (nftnl_chain_is_set(a, NFTNL_CHAIN_DEV) &&
74 strcmp(nftnl_chain_get_str(a, NFTNL_CHAIN_DEV),
75 nftnl_chain_get_str(b, NFTNL_CHAIN_DEV)) != 0)
76 print_err("Chain device mismatches");
77 cmp_devices(nftnl_chain_get_array(a, NFTNL_CHAIN_DEVICES),
78 nftnl_chain_get_array(b, NFTNL_CHAIN_DEVICES));
79}
80
81int main(int argc, char *argv[])
82{
83 const char *devs[] = { "eth0", "eth1", "eth2", NULL };
84 struct nftnl_chain *a, *b;
85 char buf[4096];
86 struct nlmsghdr *nlh;
87
88 a = nftnl_chain_alloc();
89 b = nftnl_chain_alloc();
90 if (a == NULL || b == NULL)
91 print_err("OOM");
92
93 nftnl_chain_set_str(a, NFTNL_CHAIN_NAME, "test");
94 nftnl_chain_set_u32(a, NFTNL_CHAIN_FAMILY, AF_INET);
95 nftnl_chain_set_str(a, NFTNL_CHAIN_TABLE, "Table");
96 nftnl_chain_set_u32(a, NFTNL_CHAIN_POLICY,0x12345678);
97 nftnl_chain_set_u32(a, NFTNL_CHAIN_HOOKNUM, 0x34567812);
98 nftnl_chain_set_s32(a, NFTNL_CHAIN_PRIO, 0x56781234);
99 nftnl_chain_set_u32(a, NFTNL_CHAIN_USE, 0x78123456);
100 nftnl_chain_set_u64(a, NFTNL_CHAIN_PACKETS, 0x1234567812345678);
101 nftnl_chain_set_u64(a, NFTNL_CHAIN_BYTES, 0x7812345678123456);
102 nftnl_chain_set_u64(a, NFTNL_CHAIN_HANDLE, 0x5678123456781234);
103 nftnl_chain_set_str(a, NFTNL_CHAIN_TYPE, "Prueba");
104 nftnl_chain_set_str(a, NFTNL_CHAIN_DEV, "eth0");
105
106 /* cmd extracted from include/linux/netfilter/nf_tables.h */
107 nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET, 0, 1234);
108 nftnl_chain_nlmsg_build_payload(nlh, a);
109
110 if (nftnl_chain_nlmsg_parse(nlh, b) < 0)
111 print_err("parsing problems");
112
113 cmp_nftnl_chain(a, b);
114
115 /* repeat test with multiple devices */
116
117 nftnl_chain_unset(a, NFTNL_CHAIN_DEV);
118 nftnl_chain_set_array(a, NFTNL_CHAIN_DEVICES, devs);
119
120 nlh = nftnl_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN, AF_INET, 0, 1234);
121 nftnl_chain_nlmsg_build_payload(nlh, a);
122
123 if (nftnl_chain_nlmsg_parse(nlh, b) < 0)
124 print_err("parsing problems");
125
126 cmp_nftnl_chain(a, b);
127
128 nftnl_chain_free(a);
129 nftnl_chain_free(b);
130
131 if (!test_ok)
132 exit(EXIT_FAILURE);
133
134 printf("%s: \033[32mOK\e[0m\n", argv[0]);
135 return EXIT_SUCCESS;
136
137}