interesting
/
nftables
mirror of https://github.com/google/nftables.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Support for rule position 0 (#143) 

Added uint32 Flags to Rule struct to support rules set with position 0

fixes https://github.com/google/nftables/issues/126
This commit is contained in:
turekt 2022-01-29 18:26:06 +00:00 committed by GitHub
parent 6f19c4381e
commit a46119e592
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
rule.go
View File

@ -42,6 +42,11 @@ type Rule struct {
Chain *Chain Chain *Chain
Position uint64 Position uint64
Handle uint64 Handle uint64
// The list of possible flags are specified by nftnl_rule_attr, see
// https://git.netfilter.org/libnftnl/tree/include/libnftnl/rule.h#n21
// Current nftables go implementation supports only
// NFTNL_RULE_POSITION flag for setting rule at position 0
Flags uint32
Exprs []expr.Any Exprs []expr.Any
UserData []byte UserData []byte
} }
@ -136,7 +141,7 @@ func (cc *Conn) newRule(r *Rule, op ruleOperation) *Rule {
flags = netlink.Request | netlink.Acknowledge | netlink.Replace | unix.NLM_F_ECHO | unix.NLM_F_REPLACE flags = netlink.Request | netlink.Acknowledge | netlink.Replace | unix.NLM_F_ECHO | unix.NLM_F_REPLACE
} }
if r.Position != 0 { if r.Position != 0 || (r.Flags&(1<<unix.NFTA_RULE_POSITION)) != 0 {
msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{ msgData = append(msgData, cc.marshalAttr([]netlink.Attribute{
{Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)}, {Type: unix.NFTA_RULE_POSITION, Data: binaryutil.BigEndian.PutUint64(r.Position)},
})...) })...)