From 76dc827b18ab9695fe50a79ed407f24a62645437 Mon Sep 17 00:00:00 2001 From: Serguei Bezverkhi Date: Mon, 24 Jun 2019 12:00:28 -0400 Subject: [PATCH] Add logic for regular chains (#28) * Add logic for regular chains Signed-off-by: Serguei Bezverkhi --- chain.go | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/chain.go b/chain.go index 40f2693..6756f6c 100644 --- a/chain.go +++ b/chain.go @@ -86,18 +86,23 @@ type Chain struct { // AddChain adds the specified Chain. See also // https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains#Adding_base_chains func (cc *Conn) AddChain(c *Chain) *Chain { - chainHook := cc.marshalAttr([]netlink.Attribute{ - {Type: unix.NFTA_HOOK_HOOKNUM, Data: binaryutil.BigEndian.PutUint32(uint32(c.Hooknum))}, - {Type: unix.NFTA_HOOK_PRIORITY, Data: binaryutil.BigEndian.PutUint32(uint32(c.Priority))}, - }) data := cc.marshalAttr([]netlink.Attribute{ {Type: unix.NFTA_CHAIN_TABLE, Data: []byte(c.Table.Name + "\x00")}, {Type: unix.NFTA_CHAIN_NAME, Data: []byte(c.Name + "\x00")}, - {Type: unix.NLA_F_NESTED | unix.NFTA_CHAIN_HOOK, Data: chainHook}, - {Type: unix.NFTA_CHAIN_TYPE, Data: []byte(c.Type + "\x00")}, }) + if c.Type != "" { + chainHook := cc.marshalAttr([]netlink.Attribute{ + {Type: unix.NFTA_HOOK_HOOKNUM, Data: binaryutil.BigEndian.PutUint32(uint32(c.Hooknum))}, + {Type: unix.NFTA_HOOK_PRIORITY, Data: binaryutil.BigEndian.PutUint32(uint32(c.Priority))}, + }) + data = append(data, cc.marshalAttr([]netlink.Attribute{ + {Type: unix.NLA_F_NESTED | unix.NFTA_CHAIN_HOOK, Data: chainHook}, + {Type: unix.NFTA_CHAIN_TYPE, Data: []byte(c.Type + "\x00")}, + })...) + } + cc.messages = append(cc.messages, netlink.Message{ Header: netlink.Header{ Type: netlink.HeaderType((unix.NFNL_SUBSYS_NFTABLES << 8) | unix.NFT_MSG_NEWCHAIN),