nftnl 0.9.2

Safe abstraction for libnftnl. Provides low-level userspace access to the in-kernel nf_tables subsystem
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

use super::{Expression, Rule};
use crate::set::Set;
use nftnl_sys::{self as sys, libc};
use std::{ffi::CString, ptr};

pub struct Lookup {
    set_name: CString,
    set_id: u32,
}

impl Lookup {
    pub fn new<K>(set: &Set<'_, K>) -> Self {
        Lookup {
            set_name: set.get_name().to_owned(),
            set_id: set.get_id(),
        }
    }
}

impl Expression for Lookup {
    fn to_expr(&self, _rule: &Rule) -> ptr::NonNull<sys::nftnl_expr> {
        unsafe {
            let expr = try_alloc!(sys::nftnl_expr_alloc(c"lookup".as_ptr()));

            sys::nftnl_expr_set_u32(
                expr.as_ptr(),
                sys::NFTNL_EXPR_LOOKUP_SREG as u16,
                libc::NFT_REG_1 as u32,
            );
            sys::nftnl_expr_set_str(
                expr.as_ptr(),
                sys::NFTNL_EXPR_LOOKUP_SET as u16,
                self.set_name.as_ptr(),
            );
            sys::nftnl_expr_set_u32(
                expr.as_ptr(),
                sys::NFTNL_EXPR_LOOKUP_SET_ID as u16,
                self.set_id,
            );

            // This code is left here since it's quite likely we need it again when we get further
            // if self.reverse {
            //     sys::nftnl_expr_set_u32(expr, sys::NFTNL_EXPR_LOOKUP_FLAGS as u16,
            //         libc::NFT_LOOKUP_F_INV as u32);
            // }

            expr
        }
    }
}

#[macro_export]
macro_rules! nft_expr_lookup {
    ($set:expr) => {
        $crate::expr::Lookup::new($set)
    };
}